Everyone is familiar with “Spring Cleaning,” but with October upon us, now is an excellent time to take a moment to check your cyber hygiene with the following tips!
- Install anti-virus application: If you are a Windows user, Defender comes built-in to Windows 10. However, if you want additional security, there are many anti-virus applications available for installation. Additionally, it is important to remember with the increased popularity of MACs comes the increased threat of viruses. Most major anti-virus applications have a version created specifically to defend MACs. But don’t forget your mobile devices. Increasingly users spend a significant amount of time on mobile devices, and they require protection as well!
- Patch regularly: Regardless of the operating system in use, it is important to apply patches when available. Microsoft provides patches on the second Tuesday of each month, but Apple and most Linux distributions provide monthly patches as well. Remember, it is not only the operating system requiring patches. Always check the applications installed on any device for possible patches and upgrades to ensure any device’s security.
- Strong Unique Passwords: Although it may never have been advisable to use a birth date or a pet’s name for a password, the need for strong, unique passwords is greater today than ever. It is important to avoid password reuse. Reusing passwords means a cybercriminal need only to break the password once to possibly access hundreds of other assets such as bank accounts, credit card accounts, or even medical data. Each password should be strong and unique. Making use of password managers such as LastPass or KeePass helps ensure each password is strong and unique.
- MFA: Multifactor Authentication is an enhancement to standard passwords that dramatically increase the security of tools such as email or online banking. With MFA, a password is augmented with a code or pin provided by an MFA application such as Google Authenticator or DUO Mobile. This enhanced security means that even if a bad actor has obtained a user password, the login fails without the application’s pin or code.