Got 5 minutes? Here are 5 easy tactics to improve your company’s cybersecurity.
Now of course we all know that having truly strong cybersecurity isn’t as simple as flipping a switch—nothing can replace a comprehensive cybersecurity program. But every little bit helps reduce your risk of a cybersecurity incident.
Here are 5 cybersecurity tips that include settings, habits, and policies you can update today:
1. Enable and Enforce 2FA
We’ve talked about the importance of enabling two-factor authentication (2FA) before—it’s quick, easy, and one of the best ways to protect your important accounts. The even better news is that many business applications have a feature that allows administrators to enforce 2FA for employees. Simply turn on the setting from the administrator panel and employees will be prompted to set up 2FA upon their next login before using the program.
2. Flag External Email
You’ve probably seen the external email banner at the top of a message cautioning that the email is from outside of your organization. Setting up a rule to flag these emails takes just a few minutes for an administrator.
If a cyberattacker tries to impersonate a company employee using URL obfuscation, spoofing, or a fake “From” name, the email will be flagged right away. This helps encourage employees to double check and reduce the risk of phishing attacks, such as the popular gift card scam, that rely on an internal sender.
? For a real story on the positive impact of turning on an external email warning, listen to Episode 6 of The Hilt, Defendify’s podcast, featuring business leaders in the systems integration industry.
3. Block USB Flash Drives
USB drives are popular and convenient, but they can open your company up to risk. If possible, consider disallowing the use of USBs on business devices. This can be as easy as a quick conversation with staff to let them know that your company has decided against using USB drives, and to refrain from plugging USBs into their computer. Be sure to document this decision in your Technology and Data Use Policy. Later down the road, consider using peripheral control software to reject any data transfer from a USB thumb drive.
4. Separate Administrator Accounts
Separating user and administrator accounts on devices helps reduce the risk of malicious software (malware) taking hold or spreading throughout your network. Take a moment to confirm that each computer is set up with two different profiles:
- A standard user profile with limited permissions that the employee uses daily
- An administrator profile that has full permissions to install programs and make changes
The IT team should store the secure, unique password for each device’s administrator profile and only use it when necessary. This includes their own computers—for regular activities, even company administrators should use the principle of least privilege for maximum security.
5. Lock Computers
Cyberattacks and compromises don’t always come via the internet. Locking your computer whenever you walk away is a quick and easy way to reduce the risk of an insider threat incident brought on by physical access or prying eyes. For a quick lock, just hit Windows+L in Windows or Command+Option+Power on a Mac—it quite literally takes only 2 seconds. If you have a tiny bit more time, set computers to lock after a short period of inactivity.
These quick cybersecurity tips may be just a drop in the bucket, but the more steps you take towards cybersecurity, the stronger your posture becomes. Which improvement will you put in place today?
Your Friends @ Defendify