What are cybersecurity statistics and best practices you should apply in 2020? Read this article to learn more.
Cybersecurity Statistics and Best Practices in 2020
How strong are your passwords? Do you know how to use them securely? Do you have a policy for them? If not, you should.
In addition, it is so important to have strong passwords. How many times have you heard someone say they use a password like this: 1234. This is a very weak password and anyone can figure it out.
Strong passwords are essential in your security plan as are strong authentication practices like two-factor authentication (2FA). Passwords are often the weakest link in the chain of security. If one person has access to your files and passwords, you are at risk for a breach.
Best Practice: Passwords need to be complex, unique, and long enough to make guessing difficult and time-consuming.
Passwords should be at least 15 characters long and include upper- and lower-case letters, numbers, and symbols (i.e., !@#$%^&*()_+|<>,.?/).
It’s also helpful that users employ password management software. So they can ensure that they have unique passwords for every application and website they access.
How do you control access to your data? Do you use access controls?
Access controls help limit user access to data based on their role or position in the organization with the least privileges required to perform their job functions.
It’s also critical that organizations implement multifactor authentication (MFA) in addition to the use of access controls or personally identifiable information (PII) stored in the cloud or on mobile devices and laptops.
The use of MFA helps protect against credential theft attacks by requiring users to type in a second factor (e.g., a code sent via text message). Especially when accessing an application or website where MFA is enabled.
MFA can be used with traditional username/password authentication or biometric factors like fingerprint readers or facial recognition software at login time. Multi-Factor authentication also guards against phishing attacks.
It works by requiring employees and privileged users alike to enter a second factor whenever accessing sensitive corporate data from an untrusted network such as public WiFi networks at airports, coffee shops, etc.
Best Practices: Use multi-factor authentication where possible. Also, don’t share passwords with others.
It’s also important to change default passwords on all devices. Then, ensure that all privileged accounts have unique complex passwords and use MFA.
How do you protect yourself from the bad guys? One of the most important things you can do is secure your perimeter. If you have not already done so, it is time to turn on two-factor authentication for remote access via VPN.
Best Practices: Turn on two-factor authentication for remote access via VPN. Also, make sure that your network is segmented into multiple virtual LANs (VLANs) or subnets with limited access to servers or data housed behind the firewall.
Finally, it’s also critical that you have up-to-date antivirus software installed on every device in your environment (including servers). It’s recommended that you also use an integrated intrusion detection and prevention system (IDPs) to detect unauthorized attempts to connect to servers.