According to IBM’s X-Force Threat Intelligence Index 2018, inadvertent insiders (employees who are unknowingly the root cause of a security incident through their unaware or negligent actions) were responsible for more than two-thirds of total records compromised in 2017 – with security incidents on the rise as a result of these inadvertent insider actions. As we enter a new year, SDI offers the following 2019 Cybersecurity Resolutions to minimize cyber risk from an internal employee perspective:
1. Keep your devices physically secure.
– Make a note of all IT equipment serial numbers to enable reporting if stolen.
2. Keep all your software and operating systems up-to-date and running.
– Check for OS, web browser, and antivirus updates each week
– Make sure the firewall on your machine is enabled
3. Safely store and share your data.
– Don’t keep unnecessary data on your local device — take advantage of corporate share sites to store data in a secure and encrypted location whenever possible
– No un-encrypted flash drives!
– Share links vs attached documents when possible
– Use an IT-department designated content collaboration/file sharing/sync solution to securely share large files (25MB+)
4. Maintain a strong first line of defense: password management.
– Lockdown screen settings and proactively lock your machine/session when you leave your workspace
– Select strong and long passwords
– Use a password manager (such as LastPass or 1Password)
– Choose two-factor authentication
5. Take the time to be wary of potential email phishing attacks.
If you don’t know the sender or the URL is suspicious (hover over a link to reveal its URL):
– Don’t open the email
– Don’t click on links
– And *REALLY* don’t send user/passwords or financial info. Trusted vendors will never ask for this information via email.
Should you receive a suspicious email, follow your IT department’s designated process for handling (and not spreading) potential threats.
6. Apply a strong cybersecurity posture across all devices.
– Secure your smartphones (set a lock password), tablets and home computers/networks used for your organization’s business
– Don’t use open/public wifi networks
– Enable Lost Mode in device geo-location services (ie: Find My iPhone) to assist in finding/locking down lost devices
7. Practice safe web browsing.
– Interact only with reputable/secured (https) websites
– Be conservative with online downloads – don’t install unnecessary applications or apps
8. Don’t become complacent about cybersecurity.
– Always assume you’re continually under attack from outside threats (because in this day and age – you are!)
– Never let your guard down!
SDI Presence offers cyber vulnerability assessments and remediation services to address the different technologies, devices, and data impacted by a cyber breach. SDI’s cyber remediation teams are certified in leading industry technologies (MS, Cisco, Oracle) and NIST-based remediation best practices to quickly identify and contain breaches and restore operations.
Contact SDI to launch the SDI cyber team within your organization.