Do your managers ever become employee of the month?
This one will.
Which manager? It’s your password manager.
Because using a password manager is the best way to keep your passwords safe and strong. Without you having to remember anything.
Better still, it ensures that none of your passwords are the same. And that no one will be able to guess them, because they’re genuinely random (strings of characters that make no sense at all).
We’ve helped loads of our clients to implement password managers in the last couple of years. Not only does it add that extra level of cyber security, but it also makes it easy to lock out former staff when they leave.
Shall we talk about getting this implemented for you and your team?
With a large portion of the UK workforce still working from home, security best practices have undoubtedly been relaxed and with that in mind, it’s even more important to have good password hygiene in order to protect your business from threats.
So, what kind of password storer are you?
Write all passwords in the same place
Have the same password for everything
Create weak passwords all in lowercase
Disguising your passwords as phone numbers
Write them on little scraps of paper you always seem to lose
If any of the above apply to you, you’re potentially compromising the security of your business in a massive way.
It’s understandable though. According to recent research from Nordpass, the average person has around 100 passwords they need to remember. But with the best practice when it comes to password creation being to randomly generate a string of letters, numbers and symbols for each application or piece of software you use both personally and at work, how on earth Is anyone meant to remember them all?
There is a secure solution to help you keep your password security tip top without you having to hammer the ‘forgot password’ button.
Watch our password manager video to discover how they work, and how using one will benefit you.
Multi-factor authentication, sometimes referred to as two-step authentication, is a way of adding one or more extra steps to any login process, in addition to your password in order to increase security.
This can take quite a few different forms, the most common is probably in the form of a code, either being sent to a separate device, your email address, or generated by an app. But other types of MFA can include: facial recognition, fingerprint scanning, phone authentication, or even security questions.
Why would I want to make it harder for myself to log in?
The reality is that the extra few seconds it takes for you to input a code after your password could be the difference between a cyber criminal gaining access to one of your accounts, and your account remaining secure.
Despite our best efforts discussing good practice when it comes to password security, a distressing number of people still use the same password for many things. That means if there was a hack on a particular website or service and your email and password for that becomes leaked online, cyber criminals are likely to try the same email and password combination on other websites such as Amazon or eBay, and it could even give them access to your email. If they have access to your email, they’ll not only be able to read any sensitive information you may have in your inbox, they’ll also have the means to ‘request a new password’ for other accounts that you log in to using your email.
This is hugely important on a personal basis, but perhaps even more important for businesses where you’re not only responsible for protecting your own business data, but any data you hold on your customers. In the event of a data breach, you can be liable for fines if it’s found you weren’t following recommended security practices.
In conclusion, it might take an extra few seconds to sign in to things, but it’s more than worth it for the peace of mind!
If you’d like us to take a look at your data security setup and look at implementing multi-factor authentication, give us a call on 01732 617788 or drop us an email to [email protected]. Your security is our priority.
Online scams have been around since the emergence of the internet, and as the web has grown in sophistication, so have the scams. One method scammers use to try and target their victims, is by sending an email with a compromised link, or with a view to panicking recipients into parting with financial details.
The National Cyber Security Centre (NCSC) is reporting an increase in online threats as a direct result of the COVID-19 pandemic, so scammers are looking to capitalise on the raised anxiety levels of the general public for their own financial gain. These raised anxiety levels can also make it harder to spot a dodgy email pretending to be HMRC or pretending to be the NHS telling you that you need a COVID test.
You can have the best technical security plan in the world in place, but if your employees aren’t part of the security equation then they could unwittingly fall for a scam and cost your business time and money as a result of a compromised network. Everyone on your team needs to know exactly how to verify if an email is genuine.
How to tell if email contents are genuine
The NCSC has a list of things to look out for, when it comes to evaluating the contents of an email:
Cyber criminals want you to react, without even thinking and they do this by sewing the seeds of fear. If your email includes an impossible-sounding deadline for a response or makes you feel panic and dread, this is one indicator that there’s something not right with the contents.
As we previously mentioned, they also like to pretend to be in a position of authority. Whether they’re falsely claiming to be from HMRC, the NHS, the boss, an accountant, or anyone else who might hold a respected position. It’s worth noting that no organization like the above will pressure you into giving details.
If, for example, a charity sends you an email, but it makes you feel especially upset or guilty this can be another red flag that it’s a fake email trying to get you to give up your financial details.
As mentioned above, many online scammers are looking to profit from anxiety and panic caused by the COVID-19 pandemic. If you get any emails you weren’t expecting in relation to COVID then check them out with trustworthy sources first, like the NHS or gov.uk websites.
If you miss out on getting tickets for a hotly anticipated event but get an email a few days later offering you tickets – it’s more than likely too good to be true and you should proceed with extreme caution. Scammers often make use of scarcity and desperation in their attempts to gain money.
Is your email security up to scratch?
With 46% of businesses reporting identified breaches or attacks between March 2019 and March 2020 according to the Cyber Security Breaches Survey: 2020 Email security is everything if you don’t wish to end up joining their ranks for the 2021 survey.
With a combination of both technical solutions and human training, you can be confident in avoiding email scams and associated breaches.
If ever you’re not sure on an email and would like us to have a look at it for you and advise whether or not it’s genuine, or you’d like some help tightening up your current email security setup, give us a call on 01732 617788 or drop us an email to [email protected] and we’ll be happy to help.
This Christmas might be somewhat different to what we’re all used to, and with a temporary lifting of Covid restrictions across the UK so people can spend Christmas Day with their families, mobile security is understandably going to be pretty far down the list of things to think about for most people.
However, with the ability to travel and eat in restaurants, the opportunities for mobiles to become lost or stolen are still going to exist – leaving a laptop on a train, a phone being swiped from a pocket.
We have a couple of questions for you to think about:
If something like that happened to you, could you have complete confidence in the safety of your data?
Even if you feel confident that your personal data is well protected, can the same be said for team members who have access to sensitive business data on their mobile devices?
They might pose some head scratching, but you’re in luck – problem solving is our job, and we’re here to think about things like mobile security so you don’t have to. There are certain things we can look into such as password protection, encryption, or the ability to wipe sensitive business data remotely.
If you’d like us to take a look at your data security setup as it is at the moment, and check that your mobile security is up to scratch, give us a call on 01732 617788 or drop us an email to [email protected]. We can ensure you’re heading for a Winter Wonderland, and not a Blue Christmas!
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.