If you’ve been too busy warding off phishing and malware attacks to keep up with all our hot takes the past few months, we’re here to help. Every year, organizations and individuals participate in National Cybersecurity Awareness Month (NCSAM) to promote safety and awareness. For the past 14 years, the project has been a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.
From changing online behaviors to creating a culture of safety, each week of NCSAM was dedicated to a new topic. Here are four takeaways you can use to help your team keep the company secure:
1. Educate all employees
As an IT manager, security falls under your job description, but you can’t do it alone. Every employee is responsible for helping protect the company, and your job is to create a plan for employee education, training, and awareness. But more often than not, those sessions can feel boring to host and attend, so you should focus on creating cybersecurity awareness trainings that will inspire and motivate everyone involved.
Effective programs are tailored by department. On the one hand, a sales rep who spends a lot of time in the field, working remotely from mobile devices, will need a solid lesson pertaining to mobile security that covers the dangers of unsecured Wi-Fi and how to avoid them. On the other hand, a payroll employee may prove more vulnerable to phishing attacks, since they handle sensitive financial information. Your users will pick up lessons quickly if the material is customized for them, so dust off those presentation skills and sell it.
2. Beef up logins
For both business and pleasure, employees are surfing the web during work hours. Using it safely means practicing good security habits, such as strengthening your logins. Following the news that Yahoo expanded its data breach scope to more than three billion accounts, PC World shared information on staying safe online. One of the takeaways is getting your team to replace passwords with passphrases. A passphrase is a sentence made up of words, numbers, and punctuation marks to create complex, unique, and memorable passwords. For example, “I love to eat pudding in my pajamas” (don’t judge) can turn into the passphrase “I<3puddingPJ$.”
You should also encourage employees to turn on two-factor authentication for any account that supports it. Two-factor authentication, also known as two-step verification, will send a one-time-use code sent via text message, call, or email and is used in addition to your regular password. Two-factor authentication belongs on your most valuable accounts, including email, social media, and financial.
3. Close all doors to hackers
Cutting-edge technology makes life easier, but it can also open a door for hackers to get into your organization, putting you at risk. HP’s Chief Security Advisor Michael Howard estimates that at least 70 percent of today’s successful data breaches originate from unsecured endpoints, such as routers or printers. Every business is at risk for a data breach, and taking the steps to secure all devices will protect customer and company information.
To secure your endpoints, you can turn to devices with built-in malware protection and encrypted hard drives and use unique administrative passwords for each device. Start by covering the basics and work your way toward adding layers of maximum security, helping your company stay up to date with new government regulations.
4. Be transparent
Cybersecurity breaches make the news almost daily, and the publicity can hurt your organization. Instead of waiting until a fall, we’re moving toward a unified rating system for evaluating security, according to Forbes.
The US Chamber of Commerce recently announced that a number of companies are combining efforts to establish shared principles for cybersecurity ratings. A rating system would provide your company with awareness about your weaknesses, as well as the ability to evaluate risks of working with partners and vendors. Being proactive can save you from headaches forming later on and help you avoid a hit to your company’s reputation. Protect your customers and your information by making sure you’re up to date on all the latest news.
While one of the biggest takeaways from NCSAM is that cybersecurity is everyone’s job, you’re still the leader. Training on safety procedures is not a one-and-done event. Instead of an annual meeting that tests employees’ focus and endurance, hold smaller monthly tech jams that cover a single topic, and if you’re looking for the latest news, insights, and tips to keep your company and job secure, be sure to subscribe to Tektonika by clicking the blue “subscribe” button on the top right of the page.