Fact: cybersecurity affects everyone. Another fact: everyone can do something about it. For Cybersecurity Awareness Month, my fellow security teammates at SailPoint and I thought about what the cybersecurity basics are to share actionable advice to help you change your security habits for the better, and make technology work in your favor.
Harden Your Router
Your router can be one of the best investments you can make in your security at home. However, it isn’t a good investment if you’re not bolstering it like any other aspect of your personal security. So, what does that mean? Hardening your router means you should be making sure that the firmware is regularly updated, or even better, having one that updates itself. It means making sure the password is not the factory set one and enabling WPA2 encryption.
Sound complicated? Here’s a guide on strengthening your home network.
Use a Password Manager + Two Factor Authentication (2FA/MFA)
Security fatigue is a real thing, but it doesn’t have to be all inconvenience and extra steps in your day. A password manager, like LastPass or Dashlane, is an easy way to kill two security birds with one stone. You can set up two-factor authentication (reviews: Authy, LastPass Auth, YubiKey Auth) and generate secure passwords without the pain of having to remember them all. You’re effectively solving password reuse and weak password issues with one tool. (And be sure your password for your password manager isn’t “password.”)
Ask Your Security Team Early and Often
A resounding response from our security team on what people should be doing to be better security champions was, “just ask!” While many people are too embarrassed to admit they’ve done something wrong, like clicking a link they shouldn’t have clicked, they know nobody is infallible, including themselves. The best security is a community of learning from each other. Your ideas are unique, and we like to hear your perspective.
Don’t Assume You Won’t Be Hacked
Many people think is that there isn’t any reason for someone to hack them – that they aren’t important enough to be targeted. But this is simply untrue, and what cybercriminals are after is often most easily accessible by those who do have this mindset and aren’t guarding themselves. In fact, while hackers may not be able to sneak past sophisticated enterprise security, they can target individuals in a company until they find the one who isn’t following security protocol or will fall for a phishing attempt. In many ways, it’s a numbers game and any one of us could be the lucky number.
Check Your Settings and Patch Your Software
Don’t assume the security work has been done for you – whether it’s your phone, router, social media profiles, email accounts or any other device or account. Change the default password, check the security settings and check back in on those things regularly, as software updates often cause those preferences to be reset. And speaking of software updates, don’t forget to update your software when they become available.
Freeze Your Credit
The domino effect a data breach can have on your personal and work life can be pretty far-reaching. It’s not just getting locked out of your computer until you pay the ransom or having to change your passwords. Your identity could be stolen. Remember how we said not to assume you won’t be hacked? Well let’s look at the numbers: in 2017, over 7.8 billion records were exposed, with almost 17 percent of those records including a social security number. The odds that your sensitive, personally identifiable information (PII) is floating around out there are pretty good and only increasing.
While a credit freeze doesn’t stop anyone from using existing lines of credit, it does prevent new inquiries and accounts from being opened. And, as of September 21st, 2018, credit freezes are free. At the very least, this step makes you a less valuable target.
This is perhaps the most applicable to us all. Being busy isn’t an exclusive problem to certain people. We are all busy, and that can lead to some of the biggest mistakes. Stop, think and Google or check with a trusted source when you’re in doubt.