Supply Chain Defense
Stay Cyber Aware: Three Easy Controls to Protect Yourself
Spotlighting Cybersecurity Awareness Month, Downs highlights how implementing multi-factor authentication, paying attention to password management, and thoughtful engagement all go a long way in hardening a risk profile and strengthening cybersecurity.
Interconnectivity is expanding every day. With each new phone activation, smart bulb installation, and streaming service account creation, the internet expands further into business operations and personal lives, creating greater ubiquity and capability.
However, this amazing growth comes with several acknowledged risks such as identity theft, privacy invasion, and monetary loss. When facing these myriad risks, many individuals seek a silver bullet or one action that they can take to ensure that their information is protected from compromise. Yet, like most things in life and business, protecting your data online isn’t a simple turnkey solution. In reality, there are several different steps that individuals and organizations can take to protect themselves. Specifically, implementing multi-factor authentication, password management, and thoughtful engagement are three straightforward, yet impactful measures that can harden a risk profile and improve cybersecurity.
Implementing Multi-Factor Authentication
As insurance companies become more interested and involved in cybersecurity policy requirements, one of the most common controls that most policies take into account is the use of multi-factor authentication (MFA). Several studies have shown that implementing MFA into an organization’s security profile dramatically increases the security of the organization. Specifically, Microsoft claims that “by providing an extra barrier and layer of security that makes it incredibly difficult for attackers to get past, MFA can block over 99.9% of account compromise attacks.”
The requirement ensures that passwords alone are not enough to access an account or profile — necessitating an additional login acknowledgement by the user through either email, SMS, application prompt, or other means. This additional step serves as a stopgap against attackers and oftentimes prevents them from accessing a targeted account, even if the password is compromised.
Managing Your Passwords
Although MFA protects an account from potential password compromise, most individuals and organizations would rather ensure that their passwords are never exposed to malicious actors. Effective password management protects passwords from compromise, keeping accounts safer than those without the control. Specifically, password managers offer increased security “principally through the capability of most password manager applications to generate unique, long, complex, easily changed passwords for all online accounts and the secure encrypted storage of those passwords either through a local or cloud-based vault.” The control allows for an individual to generate, use, and save passwords unique to each service or application with which they engage. The ubiquity and ease of some managers go so far as to allow users to generate and use passwords without ever knowing the actual password itself for each service. By establishing unique passwords for every online experience and mitigating password re-use, other accounts are protected if one service’s password is compromised.
A Mindful Approach to Connecting
While protecting passwords is a pivotal consideration for effective cybersecurity, individuals can protect their passwords from ever becoming exposed by demonstrating thoughtful engagement online. While broad in label, thoughtful engagement includes some specific elements, such as avoiding unexpected emails, SMS, and other online outreach. One of the first lessons that most of us are taught as children is “never talk to strangers.” That sage wisdom carries on into the future as we become more connected adults. Specifically, using thoughtful engagement by avoiding unexpected or suspicious outreach from unknown parties helps protect individuals and companies from potential exploitation attempts by hackers and other malicious cyber actors.
While the three controls of MFA, password management, and thoughtful engagement are not the only mechanisms necessary to protect users and companies online, they are powerful capabilities. Through implementing these controls, individuals can dramatically increase their cybersecurity and cyber maturity, protecting business operations and personal information online.
The internet can be a wonderfully enabling tool for everyone, as long as users engage it smartly with the right tools to stay safe.
T. Frank Downs serves as Senior Director, Proactive Services at BlueVoyant.