Did you know October is Cybersecurity Awareness Month? Cybersecurity Awareness Month each year is hosted by the National Cybersecurity Alliance (NCSA). Usually there is a weekly theme, but this year the NCSA has chosen to focus on these four cybersecurity topics: multi-factor authentication, using strong passwords and password managers, updating your software, and recognizing and reporting phishing. The goal is to focus on the basics we can do to better protect our small businesses as the basics can go a long way!

Multi-factor authentication

This is one of the best ways to minimize unauthorized access to your accounts. Multi-factor can be implemented using different methods like push notifications, expiring passcodes, or text messages just to name a few. In many cases, multi-factor authentication is a free service built right into your accounts.

Strong Passwords and Password Managers

Passwords need to be unique, complex, and long. This means you only use a password once and for only one account. This also means a password needs to have upper and lower case letters, numbers, and special characters. Lastly, this means a password should be a minimum of 16 characters long or longer. Using unique, complex, and long passwords can be challenging though, how does one go about remembering them all? Try a password manager!

Password managers are great as they remember all of your passwords for you, usually in an easy to use app. Password managers are cybersecurity tools that can remember your passwords, create strong passwords, allow access on multiple devices, and most importantly store your passwords in a secure and encrypted vault.

Phishing emails and other scams

The last topic of focus for Cybersecurity Awareness Month is phishing and what to do if you receive a phishing email. We talk a lot about phishing at Security Bytes as it is one of the most used attack methods. Be on the lookout for emails that offer something too good to be true, emails that pressure you into making a quick decision, unusual work requests, and/or emails that just seem different. If you receive an email like this, try to contact the sender directly to verify if it is legitimate.

For more information on cybersecurity and your small business, check out Small Business, Big Threat!