Microsoft has revealed that more than 35.7 billion malicious emails were sent to its customers last year. The great news is Microsoft successfully blocked 1,000 of these malicious emails every second of 2021. Many of these attempted attacks came in the form of phishing emails - where attackers attempt to trick us into doing something that compromises company security or protocols. As well as this, 9.6 billion attempted brute force attacks were stopped in their tracks. That’s where a hacker will attempt to guess login credentials to gain access to your data.
Microsoft is doing a brilliant job! But while this is great reading for those of us who rely on Microsoft’s applications on a daily basis, there’s still some work that we can all do to make sure that security is as tight as it can be. Although attackers are using very simple methods, they are often really effective. That’s because both consumers and businesses are at fault for not protecting their credentials properly.
Many people are stuck in a rut of having poor password hygiene. This means they are using either the same passwords across multiple accounts and applications or similar passwords which have a slight variation. They could also just be using very simple and common passwords which are too easy for attackers to guess. As well as failing to use clever tools which are available to them which can help keep their data protected. Are you guilty of this in your business?
If you, or you know of people within your business who are prone to some of these security hiccups then one of the first things you should do is introduce multi-factor authentication across the company. This is a low-cost yet highly effective way to add an extra layer of security to all of your accounts and applications.The way 2FA works is by generating a second, single-use login code for your accounts. This can be accessed via an app (Which we can help you get set up with when your company wants to integrate 2FA!), sent to your phone via text message so that only you can see it and if required emailed to specific email addresses.When you’ve used the code once to login, it then becomes redundant. Codes are also time sensitive, so they refresh for added security. This means if anyone else were to find it, it simply wouldn’t work for them. And the next time you log into that account you’ll be sent a completely different login code to use. You probably use something similar to log into your online banking and really, you should use it for all accounts where possible.
But don’t stop there. There are even more additional security measures you can use such as:
- Password managers, which will create strong, impossible-to-guess passwords made up of random characters and symbols for all of your accounts. They will then encrypt and store them securely so you don’t need to note them down on your phone/notes.
- Or biometric logins for devices, just like the Face ID you probably use on your phone. The majority of new laptops with webcams built in have this functionality or even have finger print scanners built into the power button!
At Affinity, we can help you to implement cybersecurity both quickly and easily to help secure your business accounts from cyberattacks. Contact us today, we even offer a Free Review of your IT infrastructure and IT security to get you started!