Since 2004, October has been marked as National Cybersecurity Awareness Month. This month raises awareness about the importance of cybersecurity and how to protect yourself from cybercrime.
- Perform third-party due diligence on all critical vendors. Ensure that they have either a SOC2 report or a similar certification that covers the services you leverage from that organization.
- Provide regular security awareness training to your staff. Test the staff at least semi-annually to ensure that they understand the ramifications of a breach and the process for escalating an incident.
- Be ready for an incident. Create and distribute a formal incident response plan. Test the plan at least annually so that all critical employees know their role if and when an event transpires.
- Use multi-factor authentication (MFA) wherever possible. Traditional authentication requires an ID and password; MFA requires an additional layer of protection, such as entering a code / PIN sent to a secure device.
- Do not ignore operating system or security patch update notifications. Ensure all devices (phones, tablets, laptops, desktops) have the latest operating system versions and security updates.
- Back up your data regularly. This way, if you are hit with ransomware or malware, you will be able to restore your data.
- Use strong passwords and avoid using the same login ID and password for different systems. Make usernames and passwords unique for each system. Use a password keeper to remember your passwords.
- Be wary of Phishing scams via suspicious emails, phone calls, and texts. Don’t believe your caller ID. Technology makes it easy for scammers to fake caller ID information, so the number you see may not be legitimate. Do not click on links from people that you do not know.
FoxPointe Solutions, a division of The Bonadio Group, specializes in cybersecurity, IT consulting, and compliance.
To schedule a one-hour cybersecurity readiness session, contact me at cwood@foxpointesolutions.com or one of my talented colleagues.