It’s October which means it’s Cyber Security Awareness Month!
We’re not only massive advocates for having the strongest cyber defence possible in October, we’re constantly updating customers about the benefits all year round – that’s how important it is!
You see, as technology has developed, most of us have moved to using the internet for nearly all aspects of our business - from simply sending emails and storing confidential data in the Cloud, to even hosting telephone systems. This has brought so many benefits to our productivity, but it has also brought some pretty tricky risks. Notably the risk of cyberattacks which, unfortunately, has never been higher.
Everyone in an organisation has a role to play in safeguarding the data that belongs to that business, you can’t just rely on one bit of software or your IT Team. There is no magic bullet! Keeping cybercriminals at bay has to be a team effort.
It sounds crazy but it’s all about the ‘IT Security Onion’! Each layer represents policies/procedures, firewalls, training, software updates, and so on, with every individual layer playing a critical part in your overall protection.
This month, we’re going to be raising awareness of things to look out for, ways to spot cyber attacks and the defences that you can put in place to secure your networks.
Cyber Security Awareness Month 2023 – Key Themes
This year, Cyber Security Awareness Month is focusing on four key practices of cyber security hygiene. These are:
- Enabling multi-factor authentication
- Using strong passwords and a password manager
- Updating software
- Recognising and reporting phishing
Let’s take a closer look at each action and explain how practising them every day will lead to a stronger cyber security defence.
Enabling Multi-Factor Authentication (MFA)
Implementing Multi-Factor Authentication (MFA) adds a vital layer of security to all logins. In most cases, a hacker can't breach an account protected by MFA. This is the case even if the cybercriminal has the password.
According to Microsoft, MFA can block 99.9% of attempted account compromise attacks. That strong track record is why, at Affinity, MFA comes highly recommended to be used on all your logins!
Strong Passwords & Password Manager
Passwords remain a critical aspect of securing online accounts. Despite the increased use of biometrics, passwords still lead the way. Encourage your team members to use strong, unique passwords for each account, and avoid using personal information like birthdays or names.
At Affinity, we recommend that companies set strong password enforcement rules in addition to using a password manager. For example, you may set up a policy that requires a password to have:
- At least 12 characters
- At least 1 upper case letter
- At least 1 lower case letter
- At least 1 number
- At least 1 symbol
Updating Software
Outdated software creates vulnerabilities that cybercriminals can exploit. Regularly update operating systems, applications and firmware. This ensures the latest security patches are in place.
Automating updates is a good way to ensure they’re done promptly. This is actually something that you can access through the Proactive Managed IT Support available at Affinity, along with a load of other amazing security benefits!
Recognising and Reporting Phishing
Phishing attacks are a common vector for cyber threats. Train your team to identify phishing emails, suspicious links, and unsolicited attachments. Encourage them to verify the sender's email address. As well as never provide sensitive information unless certain of the recipient's authenticity.
It’s also important to educate employees about phishing beyond email. Phishing via text messages has been increasing significantly. Some criminals phish via direct messages on social media platforms.
Another important and often overlooked aspect of phishing awareness is to report phishing. If it’s reported, then other employees know to avoid that phishing trap. Products like Microsoft Outlook has built in a reporting feature that improved protection with every report.
The organisation’s IT team also needs to know so they can take action to mitigate threats. Be sure to let employees know how they can report a phishing email when they suspect one.
We Can Help Build Your Cyber Defences
Cyber Security Awareness Month is an important time in the year where we can all refocus on the significance of cyber security, as well as reprioritising essential cyber hygiene practices.
As part of this, we can’t recommend a review of your current IT security enough.
Our comprehensive reviews not only check around 100 elements of your set-up to get the whole picture, we will then provide you with some practical solutions, all completely free!