Top 10 Tips for improving cyber security in your organization
Improving cyber security in your organization is a complex initiative involving multiple audiences (HR; senior leadership; IT; vendors; employees) and all aspects of your supply chain. In this newsletter, we propose adopting the NIST framework as a comprehensive approach to cyber security.
However, there are a few simple principles that all employees of any organization can adopt to improve cyber security. Here are our favorite top ten tips:
- Don’t leave your devices (e.g., laptop and smartphone) unattended in public spaces.
- Always lock your desktop (i.e., screen) when leaving your laptop unattended (e.g. leaving your desk or office to go get a coffee, retrieve something from the copier, or chat with someone, or to go check on the kids). Don’t wait for your screensaver to kick in to lock the screen.
- Don’t trust e-mail from people you don’t know.
- If your anti-virus warns you, believe it!
- Use two-factor authentication whenever possible to ensure that you're the only person who can access your account, even if someone knows your password.
- Use smart passwords (numbers, uppercase, 10 characters).
- Don’t use work passwords for personal logins.
- Backup your data.
- Don’t broadcast your Bluetooth information and/or airdrop info. This is an open invitation for hackers to attack your mobile devices.
- Don’t trust public computers ever!
These are simple yet effective cyber security practices to integrate into your organization’s culture. Additionally, requiring all employees to participate in e-mail security training is quickly becoming a standard in most organizations.
Please share your cyber security practices, so we can learn collectively on how to improve together. (E-mail dhenry@donahue.umassp.edu)
November 06, 2019
