Company security is no longer just the responsibility of an IT person or team. The scenes of hackers breaking through firewalls and stealing company data are a myth made for movies. In reality, the easiest access to a company’s private information is through its employees. It is everyone’s responsibility to ensure they are doing what they can to protect themselves and their companies’ interests online.

Passwords used to be the best way of doing this, but passwords alone are not enough anymore.  Advanced algorithms and hacking abilities have weakened the password’s ability to keep our accounts and data safe. In an article from Microsoft, they go as far as to make the argument that “your password doesn’t matter.” While we aren’t quite ready for a world sans password yet, we get what they are going for. So, what can you do to protect your accounts? Here are the best steps you can take. 

Tip#1 – Enable Multi Factor Authentication

The biggest difference you can make to secure your account is to add Multi-Factor Authentication (MFA). There are 3 general types of authentication and MFA ensures anyone trying to access your account needs at least 2 of them to get in. This greatly decreases the likelihood of a breach even if your password is compromised.

Forms of Authentication:

  • Something you know: A password
  • Something you have: A cell phone or tablet
  • Something you are: Fingerprint

The most common form of MFA is taking something you know (your password) and also requiring something you have (your cell phone).

Worksighted can review your organization’s current security setup and work with you to find the best way to implement MFA and increase your organization’s defense against breaches.

Tip #2 – Protect your credentials from hackers

Hackers are getting increasingly sophisticated and their attempts at getting your credentials are sneaky. Be on high alert for unexpected prompts, emails, and attachments.

  • Don’t sign up for personal websites with your work email
    • Breaches are more common on consumer-driven sites and can expose your email account and business data to these consumer-targeted breaches
  • Report to your IT team any malware or viruses on your PC
  • Watch out for odd emails impersonating someone from your company or including a request you weren’t expecting 
  • Don’t type your credentials into a website you weren’t expecting to visit
    • Many phishing websites will create fake login pages to trick users
  • Never click on unknown links or download unknown attachments

Tip #3 – Make your password matter

Passwords aren’t completely out of the picture, yet. So, while they have decreased in significance and can be easily hacked, it is still a piece in your defense puzzle. Here are some things you can do to amp up your defenses and strengthen your password:  

  • Don’t reuse passwords
    • This is especially true when it involves your work email.
  • Don’t use common words
    • Common passwords like “Summer2020!”, or “Password123” are overused and hackers often try these first for easy access
  • Use a longer passphrase
  • Don’t write down your password
    •  Having your password on a sticky note on or around your computer could lead to others stealing your password
    • Dumpster divers may look through company trash for thrown away passwords

While passwords are here to stay (for now) you will see more and more sites branching out to explore a variety of different ways to secure your account. Using the tips above will ensure that your (and your company’s) data is protected and secure. Breaches can, and will, happen, so do your best to make sure you aren’t the reason for one. If you’d like a free review of your security risks and opportunities, get in touch today!

Schedule a Risk Review Today!