BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Are You Still Using 123456 as Your Password?

Using 123456 as Your Password?

Is your company’s cybersecurity repeatedly swept under the rug? While reinforcing passwords and setting up firewalls can seem daunting, you may not realize the severe risk of neglecting these and other routine security practices. Unfortunately, as the Internet evolves to meet our needs and desires, the same can be said of malicious hackers and programs. Ill-intentioned parties are constantly becoming more adept at accessing private information and what is meant to remain secure data.

Despite this growing threat, many of today’s Internet users and company employees have not reacted accordingly to increasingly well-equipped hackers. In fact, a 2019 Forbes article cites that ‘123456’ remains the most commonly used Internet password in the US and the UK. By maintaining such basic passwords, cyber-intruders are granted easy access to personal or professional information, and quickly cash in your data for billions per year. It’s officially time to protect your business’ sensitive information and data. This article will detail the importance of ramping up your company’s cybersecurity measures as well as a few simple ways to get started. Discover the following achievable strategies to significantly decrease your company’s risk of hacking and intrusion.

Password 123456

Eliminate the “Not Much to Steal” Mentality

An extremely common line of reasoning within mid-size companies is that cyber hackers probably won’t bother taking advantage of them because “there’s not much to steal.” This statement could not be further from the truth and it tends to lure employees and leadership alike into a false sense of security. The fact remains that 43% of all cyberattacks are aimed at small businesses. Hackers can just as easily sell a smaller company’s information as they can a larger corporation’s. However, the major difference is that larger businesses tend to allocate funds to cybersecurity, whereas smaller or mid-size companies might not prioritize this cost. Many professionals hesitate over the cost of cybersecurity but may not consider the potentially catastrophic costs of not having it.

To remain vigilant, employees should keep an eye out for attachments from unknown accounts. These documents could be in the form of a Microsoft Office attachment that initially appears legitimate. As a rule of thumb, do not open emails or messages from accounts you’re not familiar with. Because it takes a company 6 months on average to discover a security breach, it is well worth your time to evaluate your company’s current cybersecurity situation and consider where there might be room for improvement.

Prioritize Employee Education

One of the easiest ways to head off potential security threats in your mid-size company is to thoroughly educate team members on cybersecurity practices and procedures. If there currently aren’t any, create and enforce protocols that can be communicated through online training, checklists, and seminars. Make sure to discuss the specificities of your company as it applies to Internet safety and data protection. Without this crucial step of employee education, your company will waste time and resources trying to rectify security issues that could have been resolved through open communication.

Keep in mind that cybersecurity is frequently evolving. Therefore, employees should be updated regularly on the best ways to protect company information. An easy measure to increase employee cooperation is to ask them to sign a document attesting that they have understood and will abide by your business’ security practices. The document can also mention that should the cybersecurity measures be disregarded, there could be repercussions for the employee involved. All in all, if leadership takes the time to discuss cybersecurity, making it relevant and applicable for all employees, your company is much better equipped against a potential security threat.

Invest in Cybersecurity Measures

If your mid-size company has yet to invest in cybersecurity measures, there’s no better time than the present to start protecting your valuable information and data. It’s not difficult to get started — begin by setting up a firewall that serves as a barrier between your sensitive information and potential hackers or intruders. In a time when remote workers are becoming more common, your company’s “work from home” staff should also implement a firewall within their personal networks. After all, they regularly access the same important information and data as your in-office employees. Consider providing remote workers with a complementary firewall to eliminate any potential hacking risks.

It’s worth noting that many businesses now allow employees to BYOD (“bring your own device”) to work. In this regard, BYOD calls for the same security measures as a remote worker, since your employees likely transport their laptop, tablet, or other electronics to and from the office each day. On top of that, those who bring their own computer to work are probably using it for personal tasks after hours, which increases the chances of a possible breach. Most importantly, employees should respect the cardinal rule of cybersecurity: do not use the same password for multiple sites, especially as a universal password between personal and professional sites. Urge company leadership to enforce automatic security updates on employees’ devices and inform all staff about your password policy.

Consider Using a Password Manager

An effective solution to your company’s password creation and storage problems is a password manager. A password manager helps your business manage your team’s passwords within a centralized digital “vault.” The primary advantage of a password manager is that your business’ IT team can create intricate, long and random passwords for various sites or accounts that employees gain access to just by logging into the password manager. By streamlining password storage, you can make massive amounts of information secure and basically eliminate the need for staff to create their own passwords. This quickly limits the possibility of a cyber attack and keeps company leadership in control of who can access what information.

Ultimately, password managers dramatically improve cybersecurity in businesses. Research shows that employees often keep their sensitive passwords written down on a Post-It note that could easily be accessed by any passing visitor or coworker alike. Reduce the risks of cyber threats both from internal and external sources by implementing a system that keeps track of who logs into company sites and when. Without this kind of accountability, it can be much more difficult to pinpoint the source of a security breach. Gone are the days of the ‘123456’ passwords — reach out to a local IT managed services provider to implement any of the previously mentioned tactics to strengthen your company’s cybersecurity.

More Like This

AA21-209A: Top Routinely Exploited Vulnerabilities

Original release date: July 28, 2021 Summary This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI).  This advisory provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities …

AA21-209A: Top Routinely Exploited Vulnerabilities Read More »

Read More

How New Windows Server 2022 Features Improve Hybrid Integration and Security

How New Windows Server 2022 Features Improve Hybrid Integration and Security Microsoft recently announced the preview of the latest Windows Server. The new release comes with several key features, such as Azure automanage (hotpatching) and virtualization-based security (VBS). Windows Server 2022 allows users to leverage the cloud to maximize uptime and keep virtual machines (VMs) …

How New Windows Server 2022 Features Improve Hybrid Integration and Security Read More »

Read More

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Original release date: July 20, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise (IOCs), provided in this advisory in 2012 to affected organizations and …

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013 Read More »

Read More

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S.

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S. America’s critical infrastructure, the Federal government, and commercial institutions are undoubtedly under attack. The sophisticated cyber threats facing the country emanate from various parts of the world. A wide selection of state actors and hacker groups are working tirelessly to paralyze …

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S. Read More »

Read More

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

Original release date: July 19, 2021 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced defensive tactics and techniques. The National Security Agency, Cybersecurity …

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs Read More »

Read More

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and …

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department Read More »

Read More