Secure your data with these password tips

bruce-mars-FWVMhUa_wbY-unsplash

In 2018, billions of people were affected by data breaches and cyberattacks and not only did people lose money, but they also lost their security. We hear about these cyberattacks every day and it's easy to think, "Why should I protect myself if the stats are against me?"

Or are we against the stats?  52% of us use the same passwords for different online services. This means that half of us have decided we're happy to risk our financial security and personal identity, and that can be a costly mistake. It turns out, one of the easiest ways you can protect yourself from becoming just another statistic: use a password manager. At Five Nines, when a company comes to us for managed IT solutions, we consider how they can tighten up their data security. Let's talk about ways you can quickly improve your cyber-security habits so you avoid the risk and become less of a predictable target. 

 

World-Password-Day

 

1. Choose a password that's not obvious.

 According to the National Institute of Standards and Technology's updated guidelines as of 2019, your passwords should be user-friendly and memorable, but not easy enough for a stranger to guess. You can use longer phrases that are easier to remember than complicated passwords, such as “I support the NE Huskers.” You should also avoid overly simple passwords. Hackers take bad, commonly used passwords like "huskers1" and try to test it against lots of people to see who they can breach online. Since many people in Nebraska probably have a password like this, it's a good rule to avoid this style of password.

 

2. Use a password manager to track all of your passwords in one place.

At Five Nines, we recommend two password managers: LastPass and 1Password. LastPass has a free option and allows you to automatically save and fill passwords on Windows, macOS, Android, and iOS devices. It can automatically change passwords for you and even shows you how strong your passwords are on its platform. The Emergency Access feature also lets you pick one or more contacts who can access your passwords if anything were to happen to you.  

1Password is a great paid option for families or small businesses who want to store some of their passwords  and it's Watchtower feature lets you know if any of your passwords are known to be compromised. Bottom line: you can vary up your passwords more often when you have a place to put them. 

 

3. Be aware of data breaches.

Stay aware of when breaches are reported and when they do, double-check that your information wasn't compromised. Right now, according to a new report by Risk Based Security, 2019 is on track to being the “worst year on record” for data breach activity. Besides checking places like the Identity Theft Resource Center (a California based non-profit that puts out information on the latest data breaches), you can also use free tools, like Credit Karma. Their identity monitoring service will alert you about data breaches and exposed passwords so you're in the loop about a potential threat. Your managed IT solutions provider should discuss potential data breaches with you. 

As IT professionals, we know how cumbersome changing passwords can be, but these are the tools we use at Five Nines, and we hope by passing them along, your information stays safe and out of sight.  We’re here to help as your managed IT solutions provider.

 

Have questions on how this affects your business? 

LET'S CONNECT

Topics: Security, Cybersecurity, password, passwords

Why Businesses Need Multi-Factor Authentication

Untitled design-7

Typing in a simple username and password is no longer enough to protect your data in the business technology world, which is why multi-factor authentication is such an important security measure. The cybercrime industry is after our most vulnerable information, and businesses are now forced to fight back with stronger cybersecurity practices.

According to the Verizon Data Breach Investigation Report, 81% of confirmed breaches involve weak, default, or stolen passwords. Multi-factor authentication is something that will benefit both your users and your organization. 

WHAT IS IT?

According to Yubico, there are plenty of opportunities available for hackers to take advantage of, as 55% of users do not use any form of multi-factor authentication at work.  While it is good to have a strong password, taking extra precautions is always recommended. When using multi-factor authentication, a user is only granted access into an account after completing extra steps to confirm that it is indeed their account. For example, if you are trying to access your email, instead of only entering your password for access, you may also receive a push notification on your mobile device to confirm that it's actually you. If the information doesn't match up, you don't receive access to the account.

How else does multi-factor authentication protect your personal information? If a hacker attempts to gain access to your account, you should receive a notification of some sort to complete the second step of logging in. If you are not attempting to access your account, and you are alerted by a notification, that is an immediate sign that someone could be trying to hack you. From there, you will have the ability to respond immediately by changing your passwords and contacting your IT provider. 

YOU HAVE OPTIONS

While any form of multi-factor authentication is a good start, here are some options you can consider:

  • Any multi-factor authentication that requires an SMS, email, or voice call with one-time codes.
  • "Push" prompts where users receive a notification on another device with an "approve" button as a way to confirm it is really them attempting to access their account.
  • Universal 2-factor security keys users can plug directly into their computer to confirm access.

A strong security tip is to ensure your accounts are protected with strong, unique passwords and the best multi-factor option you can reasonably use. There are plenty of multi-factor authentication platforms out there, so it's important to consult your IT team on an option that works best for your business. While you can make multi-factor authentication an optional security setting, many businesses decide to make this extra step required to ensure they are following the strongest security practices.

Want to learn more about how you can take your cybersecurity to the next level? Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: A Layered Approach To Cybersecurity.

Click Here To Watch The Webinar

Topics: Security, Cybersecurity, Multi-Factor Authentication

What Makes Cylance An Impactful CyberSecurity Solution

Cylance

Cybercrime is a real threat to all businesses, SMB's included. Statistics are only showing an increase in cyberattack methods, and successful attacks result in a significant loss of productivity and data. We want to show you why we stand by Cylance for Five Nines and our partners.

 

THE BASICS

Before diving into what Cylance is, it's important to understand what the software is protecting you from.

Malware: software that is intended to damage or disable computers and computer systems.

Ransomware: a type of malicious software designed to block access to a computer system until a sum of money is paid.

Since 2013, there has been a significant increase in malware and ransomware. In fact, since 2014 there have been over 120 million new malicious programs per year, and ransomware attacks have increased over 97% in the last two years. According to Symantec, 1 in 13 web requests lead to malware, up 3% from 2016. These statistics show that cybersecurity threats are at an all time high, which is why having the right tools in place to keep your organization protected is so important.

Want to jump straight to our free in-depth webinar about all things Cylance? Click here. 

 

WHAT IS CYLANCE

Cylance is a tool that prevents cyberattacks with artificial intelligence (AI). Artificial intelligence is the development of computer systems where systems are able to perform tasks that normally require human intelligence. Cylance is able to do this through machine learning, an application of AI that provides systems the ability to automatically learn and improve from experience without being explicitly programmed.

Cylance began in 2012, and has over 6,000 global customers, as well as over 10 million endpoints, and those numbers are growing each day. Cylance developed predictive endpoint threat prevention, which allows the software to predict, and then block cyber attacks on the endpoint in real time using pre-execution AI algorithms. They have an extremely high success rate at 99%+. Cylance also doesn't need a cloud connection to stop malware, as it can still do its' job without an internet connection, making it a one-of-a-kind product in the industry.

 

WHY COMPANIES CHOOSE CYLANCE

There are several reasons why Five Nines and other companies choose to utilize Cylance.

Effectiveness. Cylance is an extremely effective program with 99.7% effectiveness against all known malware.

Simplicity. Cylance is also very simple to manage, companies don't have to spend a lot of time managing it once it is set up within their environment, yet it increases ROI up to 250%.

Performance. Cylance only has a 1-2% impact to CPU, therefore user systems run faster, hardware lifespans are extended, and network bandwidth is reduced.

Cybercrime is a real threat, but protecting your business doesn't have to be guesswork. If Cylance is something that interests you, and you would like to see it in action while learning about how to apply it to your own business, our Power Hour might be a great resource for you. While the information above is a great overview, it may be more impactful to see exactly how Cylance works. 

Click below to access our free webinar, Cylance - Proactive Protection For Your Business, and tune in as one of our engineers provides in-depth information on Cylance while taking you through a series of demonstrations where you can see the software in action.

Click Here To Watch The Webinar

Topics: Security, Cybersecurity, Webinars, Cylance

Cyber Insurance: Do You Need It?

Cyber Insurance Blog

You might be thinking to yourself, cyber insurance… is it really necessary? Think about it this way - cybercrime damages will cost the world $6 trillion annually by 2021. A lot of these cybercrimes will be conducted over the internet as a Symantec study showed that in 2017 1 in 13 URL's were identified as malicious, an increase by 3% from 2016. Regardless, the internet has continued to become a large part of how organizations work and operate, and that trend is only going to increase as technology advances even further.

What will also continue to advance is the way cybercriminals try to attack businesses and exploit data online. For example, Symantec found the number of URL's resulting from malicious botnet traffic increased by 62.3% from 2016 to 2017, and the number of URL's resulting from phishing activity rose by 182.5% as well. While managed IT organizations and IT professionals will always do their best to set up IT infrastructures for success, technology will consistently evolve and change. In order to stay ahead of the curve, and have peace of mind, cyber insurance may be a practical investment for your organization.

WHAT DOES IT COVER?

Cyber insurance is a sub-category of general insurance that is meant to protect businesses and/or individuals against internet-based liability and risks. While general insurance may cover tangible aspects, it will not protect your organization's intangible information. Cyber insurance is typically broken up into 2 categories of coverage: first-party and third-party cyber liability coverage. The first-party coverage will take into account the direct losses to an organization, while third-party coverage will extend to claims taken by the organization's customers as well. Another way cyber insurance may cover your company is through a method called incident response, where your organization could receive support via legal services, public relations services, forensics, and much more. Coverage will look different for everyone, it will all depend on your organization as well as your provider, but a huge area of coverage for business is typically loss caused by a data or security breach. Cyber insurance may also cover trademark liability, business interruption caused by a data breach, restoration efforts, etc. 

THE SAVINGS

Whenever there is a data breach, data isn't just compromised, organizations will almost immediately lose money as well. There will be legal fees and costs associated with the breach, as well as organizational downtime, forensic investigations, recovery costs, etc. The point of cyber insurance is to save your organization from all of those unforeseen costs if you are ever put in that position. With a study showing that 54% of companies experienced one or more successful attacks that compromised data, investing in cyber insurance has the potential to save you a lot of money.

Click below for free presentation slides presented by Unico Group at the NE Tech Summit titled: Your Digital Shield - How Cyber Insurance Protects You. This presentation covers how cybercrime is not a matter of "if", but "when", as well as the common misconceptions in regards to cyber liability insurance.

Click Here To Download The Presentation

 

THE PEACE OF MIND

According to Cyber Insure One, the cyber insurance market is expected to grow from $2.5 billion in 2015 to $7.5 billion by 2020, which shows that cyber insurance is becoming a standard component when it comes to organizations executing cybersecurity strategies. While cyber insurance is NOT a replacement for additional cybersecurity efforts, it will provide you peace of mind knowing you wont be left with piles and piles of costs trying to restore your business if you were to ever fall victim to an attack. It's all about asking yourself if you would rather know you are supported and covered in the event of a cyber attack, or if you would rather take the risk and deal with the costs later on if your business was ever impacted.

The right cybersecurity efforts will protect you, the right cyber insurance will give you peace of mind, but it is all about focusing on what solutions will best support your business. Don't overlook the rising statistics that reflect cyberattacks and data breaches each year, take time to map out solutions that will protect and reinforce your organization and your IT environment.

Want to learn more about what we recommend in terms of cybersecurity efforts? Click below to download the free Five Nines webinar about Cylance and how it proactively protects businesses.

Click Here To Watch The Webinar

Topics: Cybersecurity, Cyber Insurance

What Are Botnets & What Do You Need To Know?

Botnets Blog

A new technological threat has been increasing in popularity and strength in recent years - botnets. These are not the kind of botnets that productively crawl search engines to provide you with the best search results, these botnets are malicious and have the potential to hijack your computer.

Here's what you need to know about botnets:

WHAT ARE THEY?

Botnets are controlled by an administrator, meant to either crawl the internet or directly hack into your computer. These botnets are highly illegal, and are typically used for the purpose of making money or stealing data. Once a botnet hacks into your device, it runs in the background of your computer as your device gets added to a network of other computers that have been attacked. Your computer then waits on commands from the botnet administrator. Some of these commands include emailing spam to a significant number of users, shutting down websites, generating fake website traffic for financial gain, or generating "pop-ups" that entice users to pay a fee to get a botnet off of their computer. Botnets are not decreasing in popularity, as Fortinet found 268 unique botnets through their data so far in 2018, which is a 3% increase from their last study.

Related: Be Prepared to Fight Cybercrime with User Training 

WHAT ARE THE RISKS?

The initial risk of your computer being hijacked by a botnet is that it can run in the background and remain undetected for a significant amount of time. During this time, other risks include the loss of money, access to your data, stolen passwords, and potentially complete control of your device. According to the 2018 Fortinet study, 58% of botnet infections last one day. That may not seem like a long period of time, but 24 hours is all it takes for your organizational data to be compromised.

HOW WILL YOU KNOW IF YOU'VE BEEN INFECTED?

Botnets are usually very hard to detect - occasionally an antivirus software may pick up on botnet activity, but they are typically designed to fly under the radar. If your computer has been infected with a botnet and added to a large network, your device may start to consistently run slowly. If you are worried about whether or not your device has been infected, or if a website you want to view has malicious content, visit this Fortinet Web Filter Lookup as a resource.

Related: Cylance - Proactive Protection for Your Business

PROTECTING YOUR BUSINESS

There are several precautions you can take to avoid getting infected by a botnet. First of all, be sure that your computer operating systems are updated as soon as new updates are available. Botnets are often installed within the flaws of your operating system, so staying on top of updates could protect your system later on. Ensure you have implemented security software that can provide proactive protection for your business. It's also important to be weary of clicking on suspicious website links or attachments, especially from emails that don't seem right.

For the tell-tale signs of what NOT to click on, click here. 

Download The Social Engineering Red Flags Flier

Malicious botnets are consistently searching for easy targets. Make sure you keep your devices updated, educate your team on what suspicious links and attachments look like, and pay attention to whether or not your device begins to run slowly. Consult your IT team if you feel uneasy about your computer being compromised. It's always better to be safe than sorry and to becoming an easy target for botnets.

Topics: Security, Threat Landscape, Cybersecurity, Botnets

Don't Be The Next Big Catch: Register For Your .Bank Domain

 BANK

.BANK is not just another way to change up your domain name, it's a proactive and protective measure put in place to give you peace of mind that your customers are protected. Phishing in the financial industry is all too common, as it is the #1 cyberattack and starting point of most breaches. This reason alone is why .BANK domains are so important to implement.

If you'd like to skip straight to a downloadable flier that further explains how .BANK protects your customers, click here.

Not convinced yet or want more information? Here's why you should register for a .BANK domain:

VERIFICATION

Having a .BANK domain provides extra verification for your organization, as only verified members of the global banking community are approved for these domain names. These domain names make it easy for your customers to distinguish authentic emails or communications from your financial organization in comparison to a phishing attempt.

According to Kaspersky Lab, in 2017 the share of financial phishing increased from 47% to 54% of all phishing detections, which is a record-breaking high for financial phishing. You want your customers to confidently recognize and communicate with your organization, and without a .BANK domain nothing is promised. Anyone can register for a generic domain such as .COM or .NET, but only legitimate financial organizations can register for a .BANK domain name.

Related: What is Phishing?

EXTRA SECURITY MEASURES

Kaspersky Lab also found that more than every 4th attempt to load a phishing page was related to banking phishing. Financial organizations are the "big catches" when it comes to phishing, which is why extra security measures must be taken. These special domains include those extra security measures, from further authentication, to an increased level of encryption, to abuse monitoring and compliance enforcement so that only verified financial organizations can utilize .BANK domains.

Further authentication is just another road block in recognizing and stopping malicious attempts to steal personal information. If your customers see something linked to a .BANK domain, they know they can trust it. An increased level of encryption will help to drastically decrease the chance that customers are redirected to sites disguised as your own that could steal their account information. .BANK domains also come with compliance and requirements to maintain a strong level of security, so financial institutions must allocate a point of contact from their organization to help continue to verify their organization.

Related: Fight Cybercrime With User Awareness Training

.BANK domains play a huge role in preventing cybercrime in the financial industry. Phishing attempts are becoming more and more common, and financial institutions are the big catches. With the security, verification processes, and requirements of obtaining a .BANK domain, you can ensure your customers that anything from your domain name can be trusted and that their data is safe with you.

 

For more information on how .BANK protects your customers through verification, domain name integrity/domain name system security extensions, and strong encryption, click below.

Click here: Protecting Your Customers With .Bank

 

 

 

 

 

 

 

 

 

 

Topics: Security, Outsourced IT, Phishing, Cybersecurity, Financial

The IT Software Life Cycle: 3 Things To Know

3 Things To Know_ (1)-1

Your organization's users interact with different IT software platforms every single day, so it's important to ensure they are not playing a role in a potential security breach without even realizing it. If software end of life schedules aren't prioritized, these breaches could happen, which is why IT software life cycles must be top of mind to increase overall up-time and eliminate any possibility of a breach.

What does end of life really mean for software? How do end of life schedules impact the security of your organization? How can you implement application dependency planning to keep IT software life cycles at the top of your to-do list?

END OF LIFE SCHEDULES AND PROCESSES

End of life schedules are inevitable, all products have a supported life cycle where they will be the most protected and work more efficiently. These end of life schedules represent a period of time when a version of a software product is no longer supported, and security is no longer actively provided, to make room for the newer available versions. Once the end of life date of a product has arrived, the provider will no longer provide security patches or updates for that version, regardless if users are still utilizing it. Companies such as Cisco, VMware, and Microsoft release software end of life dates typically 18 months ahead of time so organizations can plan and budget for these changes.

When analyzing an entire IT environment, it's important to be prepared to transition with these end of life schedules. How can you prepare for potential upcoming changes? Start by mapping out all of the business critical software platforms that are in use, and keep a documentation of them so you know exactly what your organization's IT environment is working with at all times. Using this list, refer to the websites of any vendors used to figure out any deadlines that you must be aware of and keep an inventory of deadlines. Not only does this help you and your IT team to budget changes to your IT infrastructure ahead of time, it also allows your organization to be out in front of any security risk.

SECURITY RISK

If you don't prioritize the life cycle of your IT software, there are significant security risks that can leave your IT environment exposed and vulnerable. According to Security Scorecard, out of 349 breached companies analyzed, 58% were found using products that had exceeded their end of life dates. A potential breach in your organization's IT security could occur if IT software life cycles aren't taken seriously. End of life dates are important to keep in mind, because products don't immediately shut down once end of life is reached. The application will still work the same, but you will be vulnerable to exploits, and the software provider won't create any new patches to fix these potential security risks.

APPLICATION DEPENDENCY PLANNING

Application dependency planning helps manage all changes within an IT infrastructure, including changes regarding IT software life cycles. It's all about tracking how everything cohesively works together through an application within an operating system. This planning looks to see how applications can update and run within an operating system, making sure the entire application ecosystem is compatible. Tracking how everything cohesively operates helps to manage budget creation, timelines, and allows IT teams to make recommendations during quarterly planning. Working through these IT software requirements within an IT ecosystem helps to gather processes that can be used to benefit and support the entire environment, not to mention keep it protected in the process.

All in all, prioritizing software life cycles is just another way to be sure your IT environment is running as efficiently and securely as possible. For technology to support your organization in the most beneficial way, be sure to pay attention to end of life schedules and implement application dependency planning.

Want more advice on ways you can prepare your users to recognize a potential IT security breach? Click below to download our flier on Social Engineering Red Flags to share with your team!

Click Here For The Free Guide

Topics: End of Life, IT, Tech Solutions, Cybersecurity, IT Software

Spam Filtering: Why It's Important And How It Works

SPAM

Once spam hits your email inbox, you become a target. When it comes to technology, humans tend to be the weakest link in most IT security situations. Attackers will constantly try to trick them, manipulating users to click on things that they shouldn't through a variety of methods. Oftentimes, these "tricks" are via email, as email platforms can target a very large number of people and is a very "budget-friendly" attack. If users happen to click the wrong thing within the spam email, bullseye, internal data then becomes exposed.

Since email is commonly used as a way to exploit users and their data, spam filtering has grown in importance and relevance. Organizations must utilize a spam filter to reduce the risk of users clicking on something they shouldn't, in turn keeping their internal data shielded from a cyber attack.


Related: What is Phishing?

HERE'S HOW IT WORKS

Spam filtering uses a filtering solution within your email run by a set of procedures that help determine which incoming emails are spam and which are safe for the user to open. According to Spamhaus, the United States is ranked #1 among which countries have the most live spam issues. Spam is getting sent to users, and it's getting sent a lot.

The main types of filtering analyzes the source of the email, whether the source of the email has had any complaints or has ever been blacklisted, the content of the email, and subscriber engagement. All of this is tracked and sorted before hitting a users' inbox. Spam filtering solutions can be hosted in several ways to support organizations, whether it's through a cloud service, on-premise technology, or software installed on organizational computers that can collaborate with email platforms. 

WHY IT'S IMPORTANT

Implementing spam filtering is extremely important for any organization. Not only does spam filtering help keep garbage out of email inboxes, it helps with the quality of life of business emails because they run smoothly and are only used for their desired purpose. Spam filtering is essentially an anti-malware tool, as many attacks through email are trying to trick users to click on a malicious attachment, asking them to supply their credentials, and much more.

Related: Be Prepared to Fight Cybercrime With User Training

According to Radicati Research Group Inc., email spam costs businesses up to $20.5 billion each year, and that number will only continue to rise. Spam filtering prevents these spam messages from ever entering an inbox in the first place, keeping organizations from adding to the growing statistic of lost revenue.

Graymail. Another important aspect of spam filtering is the ability to eliminate "graymail" from user inboxes as well. Graymail is an email that a user has previously opted to receive, but doesn't really want or need in their inbox. Graymail isn't considered spam, as these emails aren't used to infiltrate an organization. What is considered graymail is determined by the actions of the user over time, and spam filtering platforms will pick up on that to determine what is or is not wanted within an inbox. A good spam filtering platform lets users adjust to block a lot of graymail, rather than having to manually unsubscribe from every single one.

PROOFPOINT

According to Proofpoint, 40% of organizations targeted by email fraud received between 10 and 50 attacks in the beginning of 2018, and the number of companies receiving more than 50 attacks rose by 20% in comparison to 2017. Five Nines has utilized Proofpoint as its' spam filtering platform for a couple different reasons.

First, Proofpoint is hosted as a spam filtering cloud service, this is preferred as inboxes get filtered before getting inside the Five Nines or client networks, which cuts down on malicious traffic immensely. Because spam and email attacks are constantly evolving, the threat response must continuously evolve as well, which is why Proofpoint spends a lot of time and money improving their spam filtering platform continuously.

Without spam filters, an organization's email setup wouldn't function properly, and internal data would have a higher risk of exposure to a cyber-attack. Consult with an IT team about properly implementing a spam filtering system for the well-being of your organizational email system, the safety of your data, and the peace of mind of your users.

 To learn more about the red flags users should watch for when navigating their email inbox through a free downloadable graphic, click below.

Download The Social Engineering Red Flags Flier

Topics: Security, Phishing, Cybersecurity, Spam Filtering

A Layered Approach To Cybersecurity

Layered Approach Webinar

We've talked about software that proactively protects your business from cyber attacks, and how to train your staff to spot phishing attempts. Now, it's time to focus on the advancement of your cybersecurity protection.

In this webinar, we will discuss how you can take your cybersecurity to the next level by adding Cisco Umbrella and the Five Nines Cyber-Security Operations Center to your IT environment, for a well-rounded, protection-focused approach. 

WHAT YOU'LL LEARN:

  • Why cybersecurity requires a layered approach
  • Tools that will provide your IT environment with a layered cybersecurity approach 
  • What the Five Nines Cyber-Security Operations Center entails

 

Presenter: 

Jarrod Daake: Project Engineer at Five Nines

Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: A Layered Approach To Cybersecurity.

Watch the Webinar

 

Topics: Security, Managed IT Services, Cybersecurity, Webinars

What Are Password Managers And Why Are They Important

PASSWORD SAFETY-1First, take a moment to test how secure one of your top-of-mind passwords really is by clicking this link:

https://lastpass.com/howsecure.php

Did the test tell you that you needed a stronger password? Did it tell you that your password is strong enough? Do you use that same strong password for everything?

When users have to make up a password, two strategies are typically used:

  1. They use a password that is simple and easy to remember.
  2. They use one strong password for every single account. 

These strategies are good in theory, but bad when it comes to security purposes, which is why password managers are highly recommended to break the cycle of bad password practices.

It's something everyone does several times a day - typing in a password. And for 92% of people surveyed by SecureAuth Corp. and Wakefield Research, the SAME passwords are being typed in for all of their accounts. While this may seem like the easiest solution to consistent password annoyances, this type of online behavior leads to the 91% of Americans who have experienced an online breach at some point in their life. See the correlation?

According to LastPass, passwords are the key to our digital lives, and users often forget the importance of passwords because of the "inconvenience" they may cause when trying to do things online. The importance of the information that is kept online is worth going the extra mile to protect, which is why we recommend the use of password managers to ensure your organization and its' employees are maintaining secure online habits.

WHY PASSWORD MANAGERS

Having one strong password simply isn't good enough anymore with the current technological landscape.

Over time, users have gradually become connected to more and more accounts that require passwords, which generated the habit of users wanting to use one password for everything to avoid getting locked out of accounts. While it may be habitual to input the same password for everything, the increased amount of data breaches that are seen in the media have made it apparent that it's best to have a unique password for every account that requires one, to ensure overall account security.

That's where password managers such as LastPass or 1Password come into play. These applications assist users in organizing and safely storing all of their different passwords. Gone are the days of putting pen to paper and storing sticky notes around your desk with all of your passwords on it, now all passwords can be easily accessed and found in one application. When logging into an account, all you have to do is retrieve your password for that account if it's not memorized from your password manager. An extra 15-30 second step that can save you time and money in the long run. Not to mention, your accounts are way more secured as a result. 

WEAK PASSWORD TESTS

Ensuring your employees are maintaining a high standard of strong passwords is also necessary in keeping your organization protected. Five Nines conducts tests internally to monitor all user passwords for any potential vulnerabilities. These tests are similar to the one you took above, but on an organizational scale. Conducting these tests not only provides peace of mind that employee passwords are secure, it also holds employees accountable in keeping password safety top of mind. These tests are conducted along with the use of password managers for an extra boost of security.

Maintaining high security of your IT environment requires time, money, and extra effort. Compromising internal files and data due to poor password practices simply isn't worth it. Take the time to set up a password manager account, encourage fellow employees to do the same, and take the extra few seconds to  avoid a security breach.

It's worth it, we promise.

It's always best to be prepared for the worst to keep your organization at its' best. Click below for a free Ransomware Rescue Guide to have on hand that will guide your team through the initial steps of a potential ransomware attack if you ever experience one.

Click Here For Your Free Ransomware Rescue Guide

 

Topics: Security, Threat Landscape, Cybersecurity