Strong passwords/passphrases
Having a strong password is an essential step in providing tighter security. It’s shocking that many of the top passwords being used today are “password”, “123456”, “letmein” and “welcome”. Creating a strong password should begin with a few simple requirements:
-
- Make sure it contains upper- and lower-case letters, symbols, and numeric characters.
- Password phrases are another good way to create strong passwords. Take a phrase like “I love the beach”, add a few capital letters, symbols, and numbers, and then you have a very strong password. (ILove#thebeach2018!). Share this tip with your team ASAP!
Anti-Virus and Anti-Malware
Many agencies fall into the trap of using the free versions of anti-virus and anti-malware software. These versions only check for potential issues when you execute the program. For better protection, make sure you purchase the software and set up the system to have continual monitoring and scheduled scans. This will provide better protection.
Risk Assessment
At least once a year, your agency should complete a risk assessment to determine any new potential areas for data protection. If your agency has purchased new hardware, make sure those devices are listed in your Written Information Security Plan and have both anti-virus software and login passwords.
Cybersecurity Training
Each year, your staff should attend a cybersecurity training session. Cybersecurity training should cover your cybersecurity procedures and any potential new threats, as well as review your incident response plan and Written Information Security Plan.
Written Information Security Plan (WISP)
Your WISP should be updated and reviewed every year. Updates should include new devices, a review of cybersecurity policies, a review of your agency’s risk assessment, a review of the Incident Response Plan, and an update on any new potential threats.
We hope this has been beneficial to assist your agency in protecting your employees’ and clients’ Personal Identifiable Information!
