Cybersecurity etiquette: how to do your part

It’s easy to put cybersecurity in the too hard basket. Words like hacking, breach, encryption and phishing can seem foreign and daunting, understanding them might feel like climbing Everest. 

The thing is, security compromises are mainly caused by human error. It’s actually me, you and the person right next to you that are most likely to be the weakest link – not so much an anonymous hacker (although that happens too). 

So how do you tackle it alone? One way is to take keep your own security practices in check. First, change your mindset. Instead of considering cybersecurity to be out of your realm of understanding, approach it like regular office etiquette. You always turn off the lights when you leave a room, right? 

Here are some ways to do your part and be cybersecurity smart: 
Do not use the default password or names

Day one of any new role is exciting. You meet new people, get a new desk and are most likely given a generic password to gain access to the company system. As soon as you log in, change that password.

Make it hard, make it a sentence, make it something that is not what you were initially given. Nope, it’s not as easy as Password123 – put some effort in because it’s not only your info that would be compromised if someone guessed your password, everyone’s data in the system is at risk. 

And do not use the same password across your corporate, social and other accounts

Basically, if one of those password becomes compromised than all of the account are vulnerable. Passwords should all be significantly different too in order to make sure they are more secure. This password guide will give some tools on how to beef them up, Kiandra IT’s Security Expert Dan Weis, says “this is  one of the biggest and easily avoidable risks.”

Using third party file sharing tools for sensitive documents

Whether it’s a document too big to send, or you prefer to use a free online editing platform, make sure to lock that down under a password. These links can go anywhere and sharing strategy plans, client data or business intel online makes the information vulnerable. 

To better guard your data, and also your job, make sure it’s not hackable or it won’t go into the wrong hands, make it password protected and always share the password with the person you are sharing the document with over the phone or in a separate email, instead of in the same line of communication. 

Get a password manager

There are a ton of free password manager tools out there that will help you keep tabs on multiple passwords across your accounts so you can move across them seamlessly. They notify you when it’s time to change them and help replace them according to best practice and keep them crazy-strong.

Double, triple check your email recipients

Oops, you hit send really fast after typing up an email about your company’s financial position, but instead of sending it to Suzy Smith, your CEO, Suzy Smart was first on your ‘To’ box recipient list. She’s a journo for the Daily Mail and now everyone knows your financial projections.

That’s a big cybersecurity fail and you could compromise your position – be vigilant.

Don’t just throw it away, delete first

Lost or stolen removable media, USB sticks or mobile devices, are a big part of human error breach. Always make sure your devices and sticks are password protected and if you are getting rid of them delete everything that’s on it before binning it. 

Following a leaked memo, IBM banned USB use for all employees because it’s too much of a risk to have them otherwise. While not every company will be this extreme, it outlines the danger.  

MFA

No this is not some mixed martial arts acronym – MFA is multi-factor authentication and a popular method for keeping things super secure. Many platforms already employ this like MyGov where they can text you a code in order to access the system on top of your established password. Google Authenticator, Duo and Microsoft Authenticator, are all great free MFA solutions that will help you keep your accounts secure.

It’s important to stay on top of your cybersecurity in order to reduce any risk to your company or clients. Check out our awareness training security services to learn more about how you can educate yourself and also your entire business.