Page 85 - Cyber Defense eMagazine December 2022 Edition
P. 85

Educate Your Workforce On Security Best Practices

            The efforts of your cybersecurity team will go a long way; but they can only do so much. If your workforce
            is not well-educated on security protocol, or doesn’t take their security training seriously, the chances of
            a breach are significantly higher. Take the time for ongoing security training for every team member in
            your company. Continue to do compliance, security, phishing, social engineering, and privacy training to
            ensure your employees and contractors are all aware of how to keep sensitive data out of harm’s way.
            This is especially crucial for remote employees and the security issues that arise from insecure work-
            from-home environments.


            Implement A Strong Password Security Policy

            Weak Passwords = Big Trouble. If your employee leaves their computer at a cafe, you want to make sure
            it can’t be easily accessed with a predictable password. Many insurers will outright refuse to insure you
            if you don’t have a strong password policy in place. Everyone online today has heard of the dangers of
            identity  theft,  hacking,  and  cyber  fraud,  yet  we  consistently  hear  that  the  two  most  commonly  used
            passwords are "123456" and "password." At minimum, strong passwords are at least 8 characters, do
            not contain words that are found in the dictionary and include a combination of lowercase and uppercase
            letters, numbers and symbols, and are frequently updated.


            Have A Strong 2FA

            A phrase we hear often: “Attackers aren’t breaking in, they’re logging in.” Compromised credentials are
            the root cause of cyber breaches. And with 65% of people reusing the same password across multiple
            websites — including their company logins — it’s easy to see why cyber insurers are nervous. With so
            many remote workers now either working remotely or in a hybrid manner, it is not enough to focus on
            firewalls or enhanced passwords — today, robust MFA must be part of every login scenario.


            Least Privilege Access Control

            Every team member doesn’t need access to every file. Give your workforce only the access they need to
            perform  their  particular  job  and  complete  their  job-related  tasks.  No  more,  no  less.  One  of  the  key
            determining factors in the cost of your cyber insurance policy is the number of records you access, store,
            and transfer on a normal basis. An easy way to keep your insurance premium down is to tightly control
            the volume of records you deal with. The other is limiting who actually has access to those records.


            Continuous Endpoint Authentication On Every Device

            Cyber insurers want to mitigate the risk of a data breach. But when employees work remotely, device
            sharing may actually be your company’s biggest threat. To reduce your premium — in addition to the tips
            above, you’ll need to prove to your insurer that you’re taking precautionary steps to ensure that only
            authorized employees are accessing the company laptop and the sensitive information that lives on it at
            all times.




            Cyber Defense eMagazine – December 2022 Edition                                                                                                                                                                                                         85
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
   80   81   82   83   84   85   86   87   88   89   90