Work from Home Cybersecurity

The 4 Most Important Things You Can Do to Improve Security at Home

October is National Cyber Security Awareness Month.  The CIT Security team has put together a few articles that will be shared throughout the month designed to help keep you informed about current threats and a few recommendations to help secure you and your personal data.  Today’s article is about passwords securing your personal information, but these tips can and should be used in the workplace as well.

Most organizations work to keep their users and their data safe, but what should you be doing at home?

PASSWORDS AND PASSWORD MANAGERS.

• Passwords continue to be a painful requirement for nearly everything online. Banking, Social Media, etc.  You name it, you need to create an account.
• The biggest issue is also the biggest risk that users face, daily. They reuse passwords. If passwords are reused and ultimately exposed via phishing, they could be used to access many different accounts.
• We highly recommend using a password manager to help create unique and strong passwords. There are several options, many have a free version for personal use. These will help you generate passwords, provide plugins for your web browsers to help streamline logging into sites, and so on.  Many also have an application for your mobile device allowing you to access your passwords wherever you may be.  A few options include Lastpass, Dashlane, 1Password, etc.

USE MULTI-FACTOR EVERYWHERE POSSIBLE.

• Even if you are using a password manager the risk of the password being harvested and used is still very high. Phishing attacks are incredibly prevalent in your daily life. Phishing attacks are often focused on obtaining your passwords.
• To help mitigate the risk of your password being used by someone other than you, we highly recommend implementing Multi-Factor Authentication. Multifactor has been made available for most applications, including Social Media, Gaming platforms, email, and Banking all provide methods to add a layer of authentication.
• Passwords are something you know. A second factor would be something you have.  For example, a physical device such as Yubikey, an application like Google Authenticator or even SMS messages are considerably stronger than just a password.
• A quick web search should help you with finding what Multi-factor is available for any given application.

USE CAUTION WHEN OPENING ATTACHMENTS AND LINKS.

• Users can be exposed to risks of Phishing, Viruses, Malware, and Ransomware by following malicious links or opening attachments
• Be diligent. Pay extra attention to what has been sent to you. If you are unsure, it’s better to be safe than sorry.  We would highly recommend going to sites directly versus following links in the email.
• Another option would be to use Virus Total. This toolset will allow you to paste in a URL or upload attachments to validate if they are malicious or safe

PATCHING WINDOWS AND SYSTEM APPLICATIONS

• Our last tip is about keeping your systems up to date, try to keep up with Patching. Enable automatic Windows patches or use a patch management tool such as Manage Engine, PDQ Deploy or Thor by Heimdal security are all excellent choices with free versions available.