IT professionals do everything we can to keep your systems safe, but these days technology-based security measures are simply not enough to fully protect you.
Security is everyone’s responsibility
Modern attacks are no longer just technical. It’s common for attackers to use Google and LinkedIn to figure out who has the ability to move money, or to access a specific system, and then target you directly with a combination of phishing, social engineering, and technical attacks. Everyone needs to adopt good security practices and learn how to spot phishing attacks.
There are simple ways to keep yourself safe
The Cybersecurity and Infrastructure Security Agency (CISA) recommends four things you should do before anything else.
- Use multi-factor authentication whenever possible. (MFA, 2-step, 2FA — it’s all the same thing.) 2fa.directory will help you find instructions to enable MFA for all your accounts.
- Always update your software. Enable automatic updates for your operating system and your apps, and always update when prompted. Pay special attention to OS updates for your computers, phone, and tablets, as well as your web browsers and any apps you use for work. (See our guide to software updates for more on this.)
- Learn to spot phishing. Here’s a great phishing quiz from Google: https://phishingquiz.withgoogle.com
- Use strong passwords. Strong passwords are long, at least 15 characters, and unique — never used anywhere else. Forget about remembering passwords. Instead, use a password generator (like https://correcthorse.pw) to create every password, then save it in a password manager such as 1Password.
For more info:
- CISA’s 4 things you can do: https://www.cisa.gov/4-things-you-can-do-keep-yourself-cyber-safe
- Avoiding Social Engineering and Phishing Attacks: https://www.cisa.gov/uscert/ncas/tips/ST04-014
- Update macOS on Mac: https://support.apple.com/en-us/HT201541
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-us/HT204204
- Is my browser out of date?: https://www.whatismybrowser.com
- Getting Started with 1Password: https://askadam.io/news-links/articles/getting-started-with-1password/