M A Y 2 0 1 9 | I S S U E 3
What Can I Do?
As a Managed Service Provider and Cybersecurity Analyst, I understand all too well the balancing act companies go through to protect themselves while trying to understand the best way(s) to do just that. With this in mind, I wanted to give everyone a few ideas of how they can strengthen their current security posture. Bear in mind that these suggestions are not the end all, be all, to bulletproof your organization. Any great cybersecurity posture requires constant assessment and adjusting as the company and threats evolve.
- Firewall – The Federal Communications Commission recommends deploying a firewall to better protect your organization. The idea is not that a firewall will be a magic wand that stops attacks; it is just one piece of a defense-in-depth strategy that makes it difficult for a cyberattacker to penetrate your overall security.
- Policies – Documenting your cybersecurity policies is strongly advised. In fact, the Small Business Administration has a cybersecurity portal that provides businesses with online training, checklists, and information specifically designed to help you protect your business.
- Mobile Devices – If you haven’t already noticed, mobile devices are everywhere. It is estimated that 59% of businesses allow employees to BYOD (Bring Your Own Device) (Tech Pro Research). Add in the increasing popularity of smart wearables and it is easy to see why having policies that include these devices is essential to the security of your company.
- Education – The saying goes that “you are only as strong as your weakest link.” In any company, the employee is the weakest link in cybersecurity. This is why social engineering is the most prevalent method used to initially breach a company’s outer defenses. Tactics evolve, methods adapt, and attackers become more and more savvy, which is why continuous employee cybersecurity awareness training is critical to the security of your organization.
These are just four of many ways that businesses can easily and affordably increase their security posture. If you are already doing one of more of these, then hats off to you! If you are not doing any of these, do not worry! Let’s have a conversation about how to design and implement one or more of these strategies into your company.
MindSpout LLC works with companies big and small on how to strengthen, or even start, their own cybersecurity posture. Contact us today for a complimentary business evaluation, after which we will help better protect you, your employees, and your company from the digital threats that abound.
In last month’s issue, I talked about the need to use strong passwords and have an effective password policy in place for your organization. I also mentioned password managers and I wanted to take a moment to discuss this more in depth.
The concept of a password manager is quite simple, you remember one master password to your password manager and within the manager resides all your other passwords for websites, accounts, etc. Password managers are cloud-based, which means that are accessible from anywhere in the world. All reputable password managers have apps for both Android and iOS devices, which allows you access on your smart devices.
I know the question on your mind and yes, reputable password managers are secure. Could they be breached? They are vulnerable, just like any other piece of software, which is why I only recommend password managers that take security seriously.
There are a number of both free and paid password managers on the market. For the most part, the difference between free and paid is simply the ability to sync on one device or between multiple devices.
Free Password Managers
- KeePass – Basic, free solution with password sync on one device; available for Windows and Mac/Linux
- Bitwarden – Can store 4 types of data: passwords, debit/credit card information, identity documents, and secure notes. Offers browser plugins for Chrome, Firefox, Safari, and Edge.
- LastPass – The only free one that includes syncing across devices. Does includes ads in the free version, which can eliminated for $36/yr.
Best premium password managers
- 1Password – $2.99/month, paid annually. One of the longest running managers on the market. Also offers a family subscription
- Dashlane – $3.33/month, paid annually. Unlimited amount of password storage w/ automatic syncing that includes VPN and Dark Web monitoring. Offers a business subscription as well.
If all of this has your head spinning, do not worry. This is where MindSpout can help you. Having a track record of both testing and using these products gives us the knowledge to understand which option may be the best fit for you and your organization.
Contact us today and we will sit down and discuss your current situation and outline a strategy to help you better secure your business through the deployment and use of an appropriate password manager.