People's New Year's resolutions typically include developing healthier habits, making time for family, and creating a budget, among other things. Some individuals craft resolutions based on the lessons learned from the previous year, aiming to improve in the coming months. These types of resolutions are commendable and should extend to cybersecurity practices as well.
While a couple of weeks have passed since the new year began, it's never too late to initiate healthier habits, especially when it comes to your cybersecurity posture. In this article, we provide recommendations on ways to level up your cybersecurity habits in 2024.
1. Think twice before oversharing
The line between online persona and real-life self is very thin. We post vacation snaps, document meals, and live-tweet our thoughts, often forgetting the digital footprints we leave behind. While sharing can be fun and foster connection, for businesses and individuals alike, oversharing can spell disaster.
For businesses, the risks are manifold:
Customer data breaches
A casual social media post revealing a new marketing campaign or upcoming product launch could tip off competitors. Worse, disclosing sensitive customer information, even unintentionally, can lead to costly legal repercussions and reputational damage.
Employee vulnerabilities
Oversharing personal details or company routines on social media can make employees targets for phishing scams or social engineering attacks. Hackers can glean information from seemingly innocuous posts, such as vacation schedules or work anniversaries, to craft personalized attacks.
Before hitting "post," ask yourself, does this information need to be public? Can I achieve my goal without revealing sensitive details? Who could see this?
Consider the reach of your audience and the potential consequences of your post being shared beyond your immediate circle. As an added precaution, regularly review your privacy settings on social media platforms and other online accounts to ensure you're only sharing what you truly want to be public.
2. Ditch the bad password habits
Despite the wealth of online resources detailing best password practices, password-related breaches persist. The 2023 Data Breach Investigations Report by Verizon, for instance, revealed that almost half (49%) of the documented cases involved compromised passwords. As we progress into 2024, if you haven't already taken measures to enhance your password habits, now is the time to do so.
Craft complex passwords or passphrases
Use a combination of uppercase and lowercase letters, numbers, and special characters, creating a complex alphanumeric sequence that is not easily guessable. Think beyond the obvious (i.e., your birthday, maiden name, or pets’ names are easy to guess) and get creative. Use passphrases that are no less than 12 characters long — the longer the password, the more difficult it is to crack.
Make them unique
Steer clear of using the same password across multiple accounts. Embrace the practice of creating unique passwords for each platform, minimizing the risk of a security breach affecting multiple accounts in case one password gets compromised.
Use a password manager
Consider making a reputable password manager a regular part of your larger cybersecurity setup. These applications generate and safely store complex passwords, alleviating the burden of memorizing numerous intricate combinations.
Consider going passwordless
Explore the concept of going passwordless, where authentication methods such as biometrics or security keys replace traditional passwords. This progressive approach not only adds an extra layer of security but also simplifies the user experience.
3. Strengthen your backup practices
You wouldn’t want hackers holding your customer records hostage, a ransomware attack encrypting your crucial files, or a devastating fire engulfing your servers. Fortunately, these scenarios can be avoided with rock-solid backup practices.
Think of backups as your digital lifeboats. When disaster strikes, whether it's a cyberattack, natural disaster, hardware failure, or even accidental deletion, your data isn't lost; it's simply waiting to be restored.
4. Social engineering: Master the con to avoid getting conned
You’ve probably encountered one of these scenarios before: a tech support call claiming your computer's infected, a "prizewinning" email from a familiar brand, or a tearful plea for help from a distant relative on Facebook. These are just a few of the masks social engineers wear to steal your data and money.
Turn the tables by learning their tricks. Understand the tactics they use (urgency, threats, emotional manipulation) and make sure you’re fully capable of identifying them. Think critically, verify information, and never share sensitive details haphazardly.
eBook: FREE eBook download: Tips to ensure the productivity of your remote work staff
5. Knowledge is your cyber shield
Hackers constantly evolve their tactics, weaving new webs to trap the unsuspecting. Keep yourself informed to stay one step ahead of them. Follow security blogs, listen to podcasts, and attend webinars. Learn about the latest threats, phishing scams, and malware trends. The more you know, the better you can recognize red flags and navigate the online landscape with caution.
If you're a business in Maryland, empower your digital future by partnering with NetQuest. Connect with us today and let's strengthen your cybersecurity defenses.
