Security Awareness. Seems like such a basic thing, as everyone is concerned about cybersecurity and data breaches, especially with an increasing number of staff now working virtually from home. However, cybersecurity starts and ends with you. You can have all the best security software, but use an easy-to-guess password, and your defenses don’t add up to much. Even though you say you have a wickedly complex password that no one could guess, can it pass the password cracker test?
Test Your Security Awareness with Our Password Cracker Challenge!
Put your current passwords to the test. If your password passes through all of the challenge levels, then you’re on the right track to greater cybersecurity and we’ll explain why.
LEVEL 1) ARE YOUR PASSWORDS PASSABLY COMPLEX?
Is your password a minimum 8 characters, with one capital, one numeral, and one symbol?
Move forward if it is. And congrats! All online sites should be secured by a complex password, and this type of password is safer but can be tricky to remember. Try an easy-to-remember phrase instead that incorporates a numeral, capital, and symbol. Spaces really help too (especially two spaces in a row). A great example would be: “my all time favourite moov1e is ET”.
It might seem too much to memorize, but after using it a couple of times, it’s a breeze to remember. Plus, it would literally take a million computers a million years to crack.
Level 2) ARE YOUR PASSWORDS PERSONALIZED TO EACH PLATFORM?
Do you have different passwords for each site or login you use?
If you’re still using your pet’s name or last vacation destination as a base for all your passwords (or heaven forbid, the same password for all accounts), you are risking a major security breach. We recognize that you probably have too many passwords to remember, but please, get yourself a free password manager to help you keep track. That way, you only have to recall one password to gain access to all your others.
Level 3) ARE YOU PROTECTED AGAINST “PASSWORD FATIGUE”?
Are you changing your password every 90 days, or changing them so frequently that you need notes to keep track?
That’s a big mistake. Surprised by this answer? Experts used to recommend changing your password every 90 days. Now? Not so much. Regular password changes bring on password fatigue which will result in you using simpler passwords just to keep up (like sticking a 1 or “!”at the end of the same old password), and those are easy to hack.
Frequent password changes can also lead to some dangerous behaviours, such as leaving your password on a sticky note hidden under your keyboard. Bad idea. Save yourself the hassle and use that versatile password phrase that is so unique and distinctive, even the best password-cracking bots won’t be able to figure it out in 90 days, or 90 years.
Level 4) CAN YOU SPOT ATTEMPTS AT PASSWORD HACKS?
Do you know what to look for in a password-stealing attempt?
Many emails are sent from legitimate-looking institutions, like banks or big companies. They often warn that your account could be compromised and often ask you to reset your password immediately.
But gone are the days when bad English was a way to detect a phishing scam. Hackers are getting frighteningly good at imitating the formal language of official documents and financial institutions.
So what do you look for in a suspicious email?
- Domains (that name to the right of the @ symbol) that are misspelled or unrelated to the email content
- A link to reset your password, but when you hover over it, it appears to lead somewhere else
- Banks that send out random emails asking you to click a link to reset your password
If you answered yes to all of the above, then you’re pretty cybersmart! Because all of these things are common “tells” that may indicate a fake email or a scam. A genuine institution will NEVER make any of these mistakes. If you spot any of them, beware, and trash that email rather than risk it. Hackers are getting increasingly better at crafting convincing looking emails using authentic logos, colours, looks and feel.
Made it this far? Your password strength and your password awareness are both on point.
Here are some added tips that should be part of your company-wide (and personal) IT Security policy.
PROTECT WITH PATCHES AND UPDATES
Most data breaches are a direct result of vulnerable software, and hackers often exploit poorly written code. The good news is that over 80% of all known exploitations are patched within a day of discovery. But here’s the hitch. You need to keep your systems updated in order to gain that protection. All it takes is missing one critical patch and your whole system could come crashing down.
Even your everyday apps like Acrobat Reader need to be kept up to date. It’s the best way of keeping the gremlins from the gates.
REBOOT REGULARLY TO REINFORCE SECURITY
Are you rebooting your computer on a regular basis? Good. Because many people aren’t aware that a large number of updates don’t get fully installed until you reboot.
Plus, a good reboot clears the decks, and in a way, “dusts” the cobwebs from your computer. You see, the continuous opening and closing of applications leaves remnants that often don’t get swept away until after a reboot. This tends to gum up the system with temporary files (like dust bunnies under the couch).
Reboot at least once a week and you’ll probably notice a marked improvement in your computer’s performance.
WHEN TO BOLSTER YOUR BUSINESS WITH PROFESSIONAL IT SECURITY
Prevention is priceless. But maybe you’re a small company that thinks they can’t afford expensive IT Security plans?
Fear not. Nowadays, good support doesn’t have to be costly. There are so many flexible options, from a flat monthly fee to pay-as-you-go, and everything in between.
Want to know what’s costly? Never maintaining your equipment or failing to patch it and getting hacked.
Think of security as an investment, just like your car and your furnace. Paying for regular maintenance may seemlike a waste. But spending a modest amount now to keep things in top shape could save you from expensive fixes down the road. Which could save you from costly downtime.
MAKE SECURITY AWARENESS PART OF YOUR COMPANY-WIDE DEFENCE
Whether you outsource your IT security or do it yourself, every company should have an IT Security Policy that employees can follow, on how to spot common threats, warning signs, and how to implement security best practices to keep hackers out. It will keep your staff, and your systems, safe.
Need help securing your systems against unwanted intruders? Check out our affordable Managed IT Solutions for every size of business.