How can you keep your business safe in an increasingly risky digital landscape? Twane Boettinger, Director of Information Security and IT Risk at FCT sits down to answer your top questions around the evolving threats and risks of doing business in a digital world, and how best to mitigate them.
What is the most common cyber threat these days?
Social engineering, more specifically phishing. While most people picture cyber criminals as hackers looking to exploit code vulnerabilities in security systems, the most effective tactic most criminals have is to target the users themselves. All it takes is clicking a link in a legitimate-looking email, appearing to be from your colleague or even your financial institution asking for an urgent reply and the phisher has access to your data.
Is multi-factor authentication (MFA) really useful?
MFA adds a powerful second layer of security between a criminal and your personal information by requiring the additional login step of entering a code sent to a phone or email account. Phones are an especially effective MFA tool, since they’re completely separate from your login credentials, which might be together in the same password manager. Even with your username and password, a criminal won’t be able to access an account without also stealing your phone, something you’re likely to notice quickly.
How can we protect our network while working from home?
Using a company computer outside the corporate network can open up new vulnerabilities in your organization’s security system. It’s always important to ask your company what guidelines they have in place for using the computer from home, and stick to them. If those guidelines aren’t in place in your organization, make it a management issue. Ask them to define what exactly is and isn’t appropriate activity with the computer off the company network.
How can small businesses stay safe online?
Large organizations have dedicated teams to prevent security breaches—small businesses and organizations can find their options much more limited. But there are simple, cost-effective measures they can implement:
- Protect credentials with best practices like using different logins on every site.
- Use a password manager to enable a variety of complex passwords.
- Purchase a firewall with security intelligence.
- Apply security patches regularly to stay up-to-date and shore up any newly discovered vulnerabilities.
®Registered Trademark of First American Financial Corporation.