Last week both the Whitehouse and Microsoft released information regarding the increased risk of hacking and cyber vulnerabilities. The Whitehouse put out a fact sheet that outlines the potential for malicious cyber activity. You can read the fact sheet here. A Microsoft blog post addressed a recent attack. An increase in hacking attempts, ransomware attacks, and other nefarious exploits should place us all on notice.
The Whitehouse release makes several recommendations. The average computer and internet user can benefit from the list; more importantly, we each need to realize the potential for increased risk. Protecting ourselves from any malicious cyber activity does not require extraordinary measures. Proper actions will offer increased protection while using the computer or internet.
Incorporate multi-factor authentication whenever possible. Multi-factor authentication promotes a secure login by utilizing two or more steps for identity verification. Bolster your defenses using tools like Twilio Authy, Google Authenticator, or Duo Security.
Keep system updates and patches up to date to reduce or eliminate vulnerabilities. Software updates are a crucial part of the process to protect against exploits.
Regular backups with offline copies harden your defenses and help you recover rapidly from ransomware and other malware attacks. Protected or locked backups offer additional protection against ransomware. Some backup software vendors protect your backups from being encrypted with special rules that only allow changes within the software itself.
Protect every system with proper antivirus, malware, and firewall protection. These should be the foundation for any security protocol.
Be prepared and educate your staff regarding the dangers of malicious email links, phishing attempts, and nefarious websites. It is much easier to avoid these malware traps if aware of how they work.
Encrypt your data when possible. Encryption may not stop anyone from stealing your data, but it will protect it from being used or exploited. Maintain encryption keys in a safe place offline so you can recover your data when necessary.
Preparation is key. Rehearse the process of recovering data in case of an attack. It is crucial to know the steps necessary for recovery. Boot disks, quality backups, and a recovery plan will reduce stress and increase your chances for a successful recovery.
These steps implemented with your system and data requirements in mind will reduce the risk of an attack and make it easier to recover if one takes place.