October is Cybersecurity Awareness Month - a month-long event with the goal of raising awareness of good cybersecurity practices.
As a law firm focused only on technology, data security, and privacy, Octillo is dedicated to helping organizations create robust cybersecurity programs that help prevent or lessen the impact of potential cyber attacks. This starts with helping organizations, and their employees understand the important role they play in protecting their systems and safeguarding data.
In recognition of this important educational opportunity, we have compiled some of our top cybersecurity tips to help your organization improve your cyber hygiene. Do your part, #BeCyberSmart!
1. Use Multi-Factor Identification
Add multi-factor authentication to your accounts. These tools require you to grant access to your accounts every time someone tries to log in.
2. Update your Systems
Updates may be a pain, but they are important. Updates often include patches for recently identified security issues. Neglecting updates may leave you vulnerable to threat actors exploiting these vulnerabilities.
3. Emphasize Employee Education
Human error is one of the most commonly cited causes of cyber incidents. Conduct regular cybersecurity trainings, including tabletop exercises testing your incident response plan, to help employees understand their role in incident response and prevention.
4. Use Strong Passwords
Choose unique passphrases as an alternative to passwords (ie. Myd0g1sth3b3st! vs. Fido123). Use a different password for each account. To help keep your credentials straight, consider using a password manager.
5. Examine Emails Carefully
Scammers often mimic a legitimate site or email address by using a slight variation in spelling. Pay attention to email and website addresses and independently verify links and attachments before clicking. Know where/how to report any suspect emails because you may not be the only one who received it. Sharing is caring!
6. Avoid Public or Unsecure Wi-Fi Networks
Do not connect to a public or unsecure Wi-Fi network, such as at a coffee shop or hotel. Any sensitive information transmitted over these unsecure connections can be accessed by other users on the network. When a secure network is not available, opt to use your mobile hotspot.
7. Create Email Forwarding Alerts
Set up alerts when forwarding rules are added to your e-mail account and routinely check email forwarding rules. If threat actors gain access to an email account, they may create account rules to hide their activity.
8. Do Not Use Personal Devices to Access Sensitive Data
Personal devices, such as your phone or personal computer, are often not as secure as devices in the workplace. Downloading or accessing sensitive information on those devices could lead to the information being compromised. Unless your Security Officer says otherwise, never access sensitive information from personal devices.
9. Keep Track of your Backups
Make sure to have backups of important backups in place and these backups are stored separate from your normal environment. Check the integrity of your backups regularly.
10. Find A Data Security Team
Creating data security policies, procedures, and plans be daunting. Partnering with a team that understands the legal and threat landscape surrounding data security is a great first step towards improving your cyber preparedness.
*Attorney advertising - prior results do not guarantee future outcomes.