Page 85 - Cyber Defense eMagazine December 2022 Edition
P. 85
Educate Your Workforce On Security Best Practices
The efforts of your cybersecurity team will go a long way; but they can only do so much. If your workforce
is not well-educated on security protocol, or doesn’t take their security training seriously, the chances of
a breach are significantly higher. Take the time for ongoing security training for every team member in
your company. Continue to do compliance, security, phishing, social engineering, and privacy training to
ensure your employees and contractors are all aware of how to keep sensitive data out of harm’s way.
This is especially crucial for remote employees and the security issues that arise from insecure work-
from-home environments.
Implement A Strong Password Security Policy
Weak Passwords = Big Trouble. If your employee leaves their computer at a cafe, you want to make sure
it can’t be easily accessed with a predictable password. Many insurers will outright refuse to insure you
if you don’t have a strong password policy in place. Everyone online today has heard of the dangers of
identity theft, hacking, and cyber fraud, yet we consistently hear that the two most commonly used
passwords are "123456" and "password." At minimum, strong passwords are at least 8 characters, do
not contain words that are found in the dictionary and include a combination of lowercase and uppercase
letters, numbers and symbols, and are frequently updated.
Have A Strong 2FA
A phrase we hear often: “Attackers aren’t breaking in, they’re logging in.” Compromised credentials are
the root cause of cyber breaches. And with 65% of people reusing the same password across multiple
websites — including their company logins — it’s easy to see why cyber insurers are nervous. With so
many remote workers now either working remotely or in a hybrid manner, it is not enough to focus on
firewalls or enhanced passwords — today, robust MFA must be part of every login scenario.
Least Privilege Access Control
Every team member doesn’t need access to every file. Give your workforce only the access they need to
perform their particular job and complete their job-related tasks. No more, no less. One of the key
determining factors in the cost of your cyber insurance policy is the number of records you access, store,
and transfer on a normal basis. An easy way to keep your insurance premium down is to tightly control
the volume of records you deal with. The other is limiting who actually has access to those records.
Continuous Endpoint Authentication On Every Device
Cyber insurers want to mitigate the risk of a data breach. But when employees work remotely, device
sharing may actually be your company’s biggest threat. To reduce your premium — in addition to the tips
above, you’ll need to prove to your insurer that you’re taking precautionary steps to ensure that only
authorized employees are accessing the company laptop and the sensitive information that lives on it at
all times.
Cyber Defense eMagazine – December 2022 Edition 85
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.