To wrap up Cybersecurity Awareness month, we bring you some helpful practices that any company can start today to reduce their attack surface and avoid getting hacked. Unfortunately, as the sharp rise in breaches indicates, getting hacked can happen to any of us. Read on to see what you can do to prevent it.
According to IT Chronicles, about 4,000 cyber-attacks occur each day in the United States, and about 30,000 websites are hacked daily across the world. These alarming statistics point to the fact that anyone can fall victim to a cyberattack if they are not careful.
Luckily, everyone can take certain precautions to keep their personal data as secure as possible.
Here are 5 simple ways to avoid being hacked:
1. Use Multi-Factor Authentication (MFA) to refrain from getting hacked
Multi-factor authentication (MFA) is a method used to help keep your data secure when accessing online accounts or workstations. MFA is defined as a method of security that requires multiple independent methods of authentication to verify a user’s identity for a login or other transaction.
Most people have used MFA whether they realize it or not – MFA includes passwords, time-based codes, biometrics, and more to make it more difficult for hackers to get into a user’s account. For instance, a hacker could have some luck guessing a password (particularly weak ones), but the odds of a hacker having additional access to the device that received a time-sensitive code are much lower.
In other words, MFA puts more obstacles in the way of the hacker as they try to access a given resource. Fortunately, many personal and work accounts – from email and social media to secure workstation login – offer MFA options that you can turn on to keep your information safe.
2. Create Unique Passwords
Creating strong passwords seems like a no-brainer; however, many breaches have shown that users still create weak passwords susceptible to brute-force attack. According to Tech Republic, “password” is still being used as the most common password across all industries. Ideally, we would use the strongest passwords possible for all accounts, but especially ones that have personal information that can be traced back to one’s identity (Social Security Number, home address, etc.).
When creating a new password, make sure to include eight characters at the bare minimum. These characters should be a combination of letters, numbers, and symbols. Additionally, using both uppercase and lowercase letters make the password even more difficult to guess. Many websites now enforce these rules by default and will tell you when a password needs some more characters added. And finally, make sure to avoid using names or common words since these types of can be rather easy to guess.
In recent years, we have seen the rise of passwordless authentication, which attempts to avoid the weak password issue by relying on other login modalities. This can include biometrics, PINs, and hardware tokens, often used in conjunction with each other. AuthX supports a passwordless authentication experience on our workstation client.
3. Keep Your Technology Updated
Making sure that your software is up to date can considerably help ward off cyber-attacks. In September 2021, Apple had to implement an emergency software update after it was discovered that spyware could be downloaded onto Apple devices – putting millions of users’ data at risk.
According to USA Today, hackers had the ability to secretly install the spyware on Apple devices even if the user did nothing wrong, such as click on a malicious link or open a bad document. Once it became known that the spyware made it possible for hackers to steal sensitive information, Apple immediately implemented a new software update to fix the problem.
Knowing is only half the battle and making sure your organization always keeps its devices up-to-date ensures your data stays as secure as possible. Some security platforms allow you to only grant access to those users running the latest patches, such as with AuthX Adaptive Policy.
4. Learn to Recognize Phishing Attacks
Phishing is a type of social engineering where a hacker tries to steal personal information from others by using deceptive emails and websites. These attacks have grown increasingly sophisticated, using an evolving set of tricks to hid malicious links and convinces potential victims of their authenticity. According to Expert Insights, 75% of organizations across the globe where hit with phishing attacks in 2020, and 74% of phishing attacks that targeted American enterprises were successful. These numbers suggest how vulnerable organizations of all types are to such cyberattacks.
Thankfully, numerous ways exist to spot phishing attacks and to prevent yourself from falling victim to one. According to Microsoft Support, one should be immediately suspicious if an email or text urgently demands that you click on a link or open a document. Bad spelling and poor grammar can also give away a phishing attempt, especially considering most organizations ensure that their copy has as few errors as possible. In addition, emails sent with incorrect domains are a strong sign of a phishing attack. In other words, the email content may appear to originate from a reputable company, but the email address may not be from an official company email address.
Keep an eye out for these telling signs of phishing attacks to avoid giving out your personal information to a malicious actor.
5. Get Off Public Wi-Fi
Although convenient, public Wi-Fi can pose a potential threat to the security of your connected devices. According to Good Speed, a major reason why using public Wi-Fi presents a risk is its frequent lack of encryption.
But why is encryption important? When Wi-Fi is not encrypted, it allows virtually anyone to have access to information on smart devices that are using unencrypted Wi-Fi. This could allow hackers to steal your information, your company’s information, and any other sensitive data you send over public Wi-Fi.
To add an additional layer of security, only connect to these networks when using a VPN to keep your data safe. For additional security, using MFA to authenticate to your VPN extends enterprise security policies to the edge of the network, such as with AuthX’s integration with OpenVPN.
Looking to Improve Your Cybersecurity and Avoid Getting Hacked?
AuthX is a seamless solution to keep your data secure. We offer MFA services using RFID readers, push notifications, biometrics, SMS/call, remote unlock, and more to ensure that your data is protected from hackers. Sound interesting? Click HERE to sign up for a free trial for AuthX!