10 Simple Dos and Don’ts for Better Cybersecurity Smarts
Here are tips security installers can share with their clients and use in their own businesses to protect against cyber attacks.
A popular magazine features a monthly pictorial of fashion’s winners and losers called “Dos and Don’ts.” Unsuspecting people going about their everyday routines are photographed on the street wearing outfits that are ruled either fashion-friendly “Dos” or fashion faux pas “Don’ts.” The fashion offenders’ identities are subtly obscured by a black bar across their eyes, while their style missteps are aired in an associated caption.
Though I’ve never been caught off-guard with a style citation from the fashion police, I must admit that I have been caught with my defenses down in the usage of my PC. I was sitting in an office seminar with colleagues a few years ago when the session took a break. Heading off to grab a quick refill on my beverage, I returned to find my PC rendered locked and unresponsive to my login credentials. As it turns out, one of my security-conscious colleagues sought to teach me a lesson about leaving my PC unsecured, even for a few minutes. It was annoying, but it was a good lesson learned. Besides learning not to sit next to him again, I’ll remember to never leave my PC unsecured, even in known company.
RELATED: Confronting the Cybersecurity Challenge
Take Good Care of Your Cyber Hygiene
There is a lot of great information about cybersecurity and what we have come to understand as “cyber hygiene” that security installers can share with customers and use in their own businesses. Cyber hygiene refers to steps users can take to improve their cybersecurity. One of the first times I encountered the term was in a discussion about information security best practices with Darnell Washington, CEO of SecureXperts. I asked him for a list of cyber “Dos” and “Don’ts,” and here are his top 10 recommendations (in no particular order):
1) DO make sure that when you connect to a wireless connection, you are connecting to the proper network, otherwise known as SSID.
DON’T assume that because the name may sound similar that it comes from a trusted source.
2) DO use passwords that include a mix of upper and lower-case letters, including special characters.
DON’T use names/numbers of your dog, family members, street address and birthday.
3) DO take advantage of dual or multifactor authentication. Many Web sites now offer securities beyond just a username and password, such as a token, smartcard, PIN, or even user-selected security images that you will recognize upon login.
DON’T use username and password only when other options are available.
4) DO maintain a list of passwords in a safe place, and change them at least quarterly.
DON’T keep the same passwords without changing them.
5) DO keep your corporate passwords separate from your personal passwords.
DON’T keep reusing your personal password for you company password, or vice versa.
6) DO make sure that your computer has the latest patches and virus signatures loaded.
DON’T assume that the virus detection software works perpetually with computers.
7) DO use cloud data systems to upload and share nonconfidential data.
DON’T trust friends, family and associates with using your personal computer when you are not present.
8) DO back up data onto removable media and store in a safe place.
DON’T assume someone else has the responsibility to maintain and protect your data.
9) DO check E-mails carefully to ensure that the source header is from a valid address.
DON’T fall prey to clicking a link to malicious Web sites that load malware into your computer.
10) DO establish a relationship with a reputable cybersecurity firm. Ask questions in advance about policy and procedures to keep your company safe on the Internet.
DON’T wait until you are confronted with an incident to seek advice.
As fashion trends and critics come and go, we can expect the fashion police will continue to issue their harmless citations. Fortunately, the chances of your being photographed with odd outfit selections by a national magazine are fairly remote. Unfortunately, the chances of your being caught violating one of these cyber “don’ts” is much more likely. While ready-to-wear missteps may cost you little more than some temporary humiliation, malware incidents can cost you plenty.
Barbara Shaw, CPLP, is Director of Education at PSA Security Network. Shaw earned the Certified Professional in Learning and Performance credential from the American Society for Training & Development (ASTD) Certification Institute.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.