9 simple cybersecurity awareness tips to keep you and your company safe from cybercriminals!
Avoid the phish
Phishing attacks are one of the most effective tools in a hacker’s toolkit. You receive an email that looks like it came from a legitimate source, such as your supervisor or FedEx, or your bank, but in reality, it’s from a malicious source. Phishing can lead to everything from a stolen identity to a full ransomware attack on your company. If you receive a message that seems a bit off or is unexpected, don’t hesitate to reach out (via phone or in person, not email) to verify that the message is legitimate. Alternatively, you can contact your Auxiom support team or internal IT staff for assistance.
Your passwords are sacred
Use complex passwords, change them regularly, and never give them out to anyone. If you receive a call from someone saying they are with a company you do business with and need your password, offer to call them back at a known number to ensure they are who they say they are. Also, never share company accounts with another employee.
No unwanted guests
When a vendor, client, or other non-staff person visits your office, always make sure they only connect to the “Guest” wireless network for internet access. Only employees of your company (and others as authorized) should be allowed to connect to the “official” internal wireless network. Even though a guest might be a long-time and trusted client, you can never be sure that the device they are connecting is free of malicious software that might propagate throughout your environment if allowed to connect to your internal network.
Be a nosey Ned or Nellie
If you see someone wandering around your office that you don’t recognize (especially if they are in a sensitive area like a wiring closet or server room), say “Hello!” and then ask what they are working on and who they are working with. Better yet, ensure all visitors check-in with someone and are given a badge, label, or lanyard they can wear while on-premise. You never know, a little diligence could save your company from the theft of its data, or worse!
Lock it up!
Whenever you step away from your computer, remember to lock the screen to ensure it is secure while you are away. On a PC, hold down the Windows key and pressing “L”. On a Mac, click on the Apple icon at the upper left side of the menu and choose “Lock Screen”. If your computer doesn’t require a password to unlock it, contact your IT team to set that up.
Public Wi-Fi isn’t your friend
Although it’s always nice to have Wi-Fi wherever you might need it, if it’s a freely accessible public Wi-Fi network (like those found at airports, coffee shops, etc.), it can pose a security risk. It’s relatively easy for hackers to mimic a public Wi-Fi network then capture your network traffic. To you, things will continue to appear like they are entirely normal. If you have a mobile device you can use as a hotspot, you should rather than connect to a public Wi-Fi network. Otherwise, be sure to use a VPN solution to ensure a private, secure connection while using public Wi-Fi.
Not so helpful apps
As technology evolves, many applications and tools that used to be considered necessary can become much less critical. In some cases, they can even become a liability. Such is the case for Adobe Flash and Java. In the case of Flash, it is so insecure that Adobe has sent out warnings to uninstall and move away from its use. For Java, it is still occasionally used for some legacy applications, but it’s now considered an unnecessary security risk. Unless you are certain one of these tools is still needed to run something you must use, the best thing you can do is uninstall them.
USB drives are deceptive
When given a USB flash drive or external hard drive with data, be sure it comes from a trusted source. Many types of malware and ransomware can be transferred between networks via removable storage devices. When in doubt, don’t plug it into your computer until you have verified the source is trustworthy.
To a hacker, every company is sexy
Just because you think your company is dull or your organization doesn’t store valuable data doesn’t mean that a hacker wouldn’t love to use your network as part of a larger scheme. Many tools used by hackers will scan the internet indiscriminately, finding vulnerabilities on the perimeter of a corporate network. So always be aware that good cybersecurity practices apply to everyone – no one is safe from an attack.