5 Tools to Minimize Cybersecurity Risk in 2023
Cybersecurity risk management is just a part of doing business in 2023. Digital hygiene is an integral part of minimizing cybersecurity risk and a cornerstone of a strong cybersecurity program.
In your physical office you clean off your desk, shred old papers and dust your physical space.
Digital devices are like office spaces. When you sit down at your computer, you start at a desktop, open and close a number of folders–like desk drawers–to access files you need to alter to push the ball forward.
Just like a physical office, devices need a regular scrub, polish and shine. These actions keep your work environment organized and clean, but also to keep it a safe place to work.
We’re always looking for the best tools to lighten the load. Here are five cleansing practices and tools tested by our team to keep your digital office squeaky clean, just in time for #CleanOutYourComputerDay.
1. Create Complex Passwords, Use a Different One for Each Login & Change Them Often
SideChannel Principal Consultant, Mike Waters recommends unique credentials for each login. Overwhelming right? Not with a password manager. A password manager is an app that remembers logins, creates complex passwords unguessable to most humans, and verifies the site you’re entering your credentials in the legitimate one and not a look alike.
We like 1Password. They have personal and business versions available to keep your business under lock and key.
2. Patch Operating Systems Regularly & Often
SideChannel Principal Consultant, Matt Klein reminds us that patches aka software updates contain so much more than new emojis. They often also include fixes for vulnerabilities discovered after the software was released.
Similar to a vehicle recall, delaying software updates make your machines easy marks for bad guys, who document the details of the vulnerabilities and share them with each other on the dark web.
If you’re managing a fleet of machines, device management tools make managing patches and software updates easier by increasing visibility and sending alerts. We like Windows Server Update Services for Windows machines; JAMF or Kandji for Mac OS machines.
3. Encrypt Full Disks & Backups
SideChannel Principal Consultant, Terry Chapman recommends full disk (volume) encryption for all machines. Encryption protects the data on a machine using sophisticated math functions. Encryption acts like a password, and will render a disk unreadable to anyone without the encryption passkey. If the drive is removed, or if it is reformatted–even with quick option–if the encryption key is not available, so is the data.
4. Enable the “External Email” banner within Google Workplace or Microsoft 365 for all email that originates outside of your organization
This essentially free feature is a surprisingly effective tool to help people detect spam, phishing, and other malicious emails. Given that 96 percent of phishing attacks arrive by email, this is one is a small action with the potential for big impact.
Again this one requires the workplace admin to enable the feature, but it is already included if you use Google Workspace or Microsoft 365.
5. Enable Multi-Factor Authentication
Turning multi-factor authentication or 2FA, as its sometimes called, for all logins is a small step you can take with a massive cybersecurity payoff.
Multi-factor authentication requires a person to verify their identity using more than just a username and password. There are a number of ways this concept is applied. Some companies use apps, others use hardware devices. We find the app path is the most practical option for most roles in smaller companies.
Tools are the cleaning products of the digital hygiene cleaning caddy. Despite advances in automation, tools still require a human touch to really make your cybersecurity efforts shine in a way that attracts admiration from leadership, your team and your customers.