The Midlands Business Journal interviewed experts in cybersecurity including Dave Koopmans, solutions engineering manager at Secur-Serv. From the article, here are the consolidated tips from all the experts including Dave.
- Build your passwords from pass phrases of mutliple words that may be unrelated. This defeats almost any attempt at brute-force hacking.
- Use a password manager application with one strong password for you to remember.
- Never re-use a password from another login.
- Refresh your passwords every 90 days or more often.
- When possible, take advantage of 2FA – two-factor authentication. For example, powerful multi-factor authentication applications include fingerprints and text messages to your mobile phone with verification codes.
- When a pass phrase isn’t possible, combine more than 12 characters – mixing numbers, upper and lower case letters, and special characters, and don’t use dictionary words. Some experts even take this out to 25 to 35 characters.
- Assume that you have cybersecurity blind spots and recruit a firm to help you assess your company routinely – annually is best.
When it comes to password and cybersecurity best practices in general, assume that the threat is always there, and always adapting, because it is. It’s not a matter of if, but when your environment will be attacked. Think of your security as layered, rather than as a single penetrable wall. It includes sound email security, active web filtering, antivirus and anti-malware applications, and a next-gen firewall. Never assume that you can be complacent after a successful penetration test or risk audit.