Password, password, password
Sounds like a broken record, but having a strong password is critical to ensure that hackers cannot easily hack through a software tool
Good policy is to change passwords every 30 days
Lock your computer when you’re away from your desk
If you are working with sensitive information, don’t leave this open to chance. A rogue employee could exploit an open laptop by quickly taking information onto a USB key. “Windows Key +L”, shortcut to lock your screen
BC Government has some good tips for companies
Be vigilant of Social Engineering
Treat the office like your home. If there are people wandering round the office that you are not too familiar with. Stop them and say hi, and figure out who they are.
Social engineering is on the rise, it’s much bigger than ever. Scammers are trying any means possible to break entry and access the crown jewels
Companies are paying for specialist Ethical Social Engineers to test both physical security and network security.
Phishing Emails
The No 1 threat to organisations today… without fail!
Employees must be conscience of suspicious emails and employ a “think before you click” mindset.
How to train employees for phishing attacks
Engage, Educate, Train
Employees need to be trained to break habits, so they become more vigilant, more secure, and think safety first
You do not want to be the next Equifax
Give onus to employees for training their staff, rather that having management implement the cybersecurity awareness policy. This has worked well for large companies like Salesforce and Adobe. Read about it in Walls Street Journal piece on Better Way to Teach Cybersecurity to Workers
Week 2, we’ll talk about systems and locking down access.
#staycybersafe