Cybersecurity is a trendy topic these days, and following best practices is essential not only for small businesses but also for home users. But which should you be following?
Secondly, because cyber criminals employ bots – an automated means of conducting cyberattacks – everyone who uses a device connected to the internet is a target. Every piece of your information has value to these cybercriminals, from email addresses to credentials to financial information. Some are looking to collect this information and sell it, while others intend to use it for financial and identity fraud.
In addition to following these best practices to keep employers from potentially going out of business, doing so also serves personal self-interests. That being said, you don’t need to be in the field of cybersecurity to be secure and follow these best practices.
With that in mind, here are 3 Cybersecurity Best Practices.
Admin Rights on User Accounts
This is one of the most significant issues we still see both in small businesses and for home users. Every person who uses a computer should have only user rights, with a separate admin account.
Because admin accounts have full rights to the computer, accidentally clicking on malware gives it full access to your computer. On top of this, admin accounts can bypass antivirus and other security measures, making code insertion and other efforts to take control of the computer far more likely to succeed.
The primary reason people want to use admin accounts is for convenience, but it’s not worth risking your security. Besides, current computer operating systems prompt user accounts to enter the admin password when attempting everyday tasks such as software installs. So there simply is no good reason to use an admin account as a user account, in business or at home.
Use 2-Factor Authentication
By requiring a second form of identification to go along with your strong password, 2FA helps keep you secure if your password has been breached.
To put this in perspective, the recent Colonial Pipeline ransomware attack happened because a cybercriminal purchased a group of breached passwords on the dark web that included one of their unused accounts. Had the company required 2FA, that attack almost certainly would have been thwarted. This one security protocol could have saved the company 4.4 million dollars and prevented a gas buying panic on the east coast of the United States.
Embrace Zero Trust
A relatively new concept is a mindset of not trusting people or technology to be secure enough on their own. It includes everything from changing default user names and passwords on devices to establishing a secure guest network for visitors to installing antivirus and checking for security updates.
One of the vulnerabilities that get exploited the most by cybercriminals is awareness. Phishing emails are one example of this, but they also include cybercriminals using default credentials to take over camera systems and taking advantage of old, pirated, or custom software. Therefore, never trust that the devices you purchase are secure enough, be skeptical of any email, text message, or phone call that seems threatening or manufactures a sense of urgency, and question anything that seems too good to be true.
In essence, Zero Trust means that we are not going to trust our security to anyone else.
Whether we are talking about work environments or home environments, cybersecurity is a consideration we can no longer leave to someone else. Everyone who uses a device to connect to the internet must be aware of the risks in this new threat landscape. Failure to do could put yourself, your friends, and your family at risk.
I’ve always had a love of working with technology, being fortunate enough to have grown up with a grandfather who taught me how to fix things for myself and not be afraid to jump in and get my hands dirty. Over the last three decades, I’ve worked as a technician, trainer, technical writer, and manager in small business, enterprise organizations, and government. In addition, I’m an author, having published multiple works available online and in print. You can find my creative work at https://WritingDistracted.com