Episode 1: Passwords
- Use a password manager. They are many to choose from and some are free. A password manager can assist in automating the fixes to the below mentioned threats.
- Don’t write or print passwords on paper or in unsecured digital files. For example, a sticky note with the password on the backside of a laptop or a list of passwords in an unprotected excel sheet.
- Use long, random, but memorable passwords – also known as passphrases. For example, “Cherry Wire Sparking!”
- Don’t use the same password everywhere. Try to use unique passwords everywhere you login. If one website or company gets hacked, and the passwords are leaked, then all accounts using that same password are at risk.
- Where possible, use multi-factor authentication (MFA). If a password is known, then the second (or third) “factor” of authentication is an additional layer of protection. A good resource for checking if MFA is available on different services is https://twofactorauth.org/
- Finally, properly destroy your sensitive data properly.
Episode 2: Data Handling
- Only share sensitive information with those who have a need to know.
- Encrypt emails containing sensitive information.
Episode 3: Computer Theft
- Use strong authentication to access your computer or mobile device. No matter how inconvenient it is to authenticate each time you need access, do not turn it off!
- Where possible, use technologies to encrypt the data.
- Where possible, install tools for and enable remote wiping.
- Back up your data.
Episode 4: Phishing and Ransomware
- First, be wary of suspicious emails and look for the signs.
- Second, make sure your antivirus software is up to date and running. It’ll help stop the ransomware in its tracks.
- Third, if ransomware is installed, then if you’ve backed up your data, you can ignore the threat and restore the data. Unfortunately, in many cases and especially for large enterprises, the cost of the ransom is significantly less than the cost to restore the data, even if it’s backed up. Therefore, the first and second layers of protection are critical.
Episode 5: Removable Media
- Install, run, and update anti-malware/anti-virus software on your computer.
- Do not enable auto-run features. These features automatically run whatever programs are installed on the media or device.
- Delete data on your computer, media, or device once its usefulness has expired. Redundancy of data results in more potential risks.
- Use a data blocker.
- Use strong passwords and rotate them if you suspect they’ve been compromised.
Episode 6: Vishing
- Don’t share personal or company information with unknown, unfamiliar or untrusted sources
- Report suspicious calls or messages to security
Episode 7: Internet Downloads
Episode 8: Wifi Use