This week our CEO Adrian Scutti gave a presentation on Cyber Security to a group of business leaders in the Toronto area. There have been many large organizations recently that have suffered large losses due to cyber attacks. Though these organizations have large IT budgets, and high level’s of security, so if they can be exploited, is it possible to protect ourselves as individuals, and SMB businesses?
The answer is both “No” and “Yes”. Here is why:
No – The concept of “being secure” is never absolute. Similar to physical security, there is always a way to get around any measures put in place.
Yes – There are very simple things that we can each do to make it significantly more difficult for an attack to be successful.
Here are 4 simple things, each of us can do.
(1) Strong, Unique Passwords
Take a minute to think about your passwords, especially the ones for important accounts. It is important to ensure they are unique (not used for other accounts), and we suggest at least 12 digits in length. See this chart:
(2) Multifactor Authentication
Yes, it can be annoying, but this one is critical. Enabling MFA on your important accounts is a safeguard against is someone does get your password.
(3) Confirm any New Financial Transactions
Most cybercrime, especially when it comes to personal accounts or on small businesses have the goal of a quick, instant pay-off. Often this involves tricking the victim to send money to a new account by pretending to be a vendor or employee. All such changes should be checked verbally, and not done over e-mail alone.
(4) Delete Old Accounts
Many companies are exposed through accounts from former employees that were not closed, and are not being maintained. Likewise, personally, we may have old Hotmail, Yahoo, or DropBox accounts that have not used for years. Keeping good account hygiene, and closing accounts no longer in use will limit our exposure to a hack.
Conclusion
As with any form of security, a little prevention can go a long way in avoiding a cyber crime incident.