Below are recommendations on cybersecurity best practices that are useful in protecting digital assets and reducing the likelihood and impact of a successful attack.
Invest in security awareness training. Invest the time, money, and resources to ensure users understand risks, the latest cyber threats, and best practices.
Lock screens. When stepping away from your computer or device, the manual lock function helps to protect the information stored on or accessible from your computer. Additionally, the use of security policies is useful in automatically locking screens after inactivity.
Secure physical devices. Safeguard devices and ensure a password/passcode or an additional authentication factor is enabled for all devices to prevent unauthorized access in the event a device is lost or stolen.
Check privacy and security settings. Checking these settings will help manage your cyber risk and limit how and with whom you share information. This will help safeguard information or resources if an unauthorized user gains access.
Cover and/or disconnect your camera when not in use. Covering or disconnecting your webcam and microphone when not in use prevents malware from taking control of your camera to spy on you and your surroundings. Additionally, when the camera is in use, ensure no sensitive information is visible.
Backup devices. Protect your information from malware, hardware failure, damage, loss, or theft by making multiple copies and storing them offline.
Keep devices up to date. Stay informed about publicly-disclosed vulnerabilities and update devices—including firmware—to the latest version to ensure they are patched against known vulnerabilities that could be exploited by threat actors to gain unauthorized access to your device and/or data. If a device is unable to receive updates from the vendor, consider not purchasing or discontinuing the use of the device.
Implement protective technologies. IT departments are advised to implement endpoint detection and response software, host-based firewalls, device, and file encryption, and keep devices updated with the latest security patches.
Remediate compromised and/or stolen devices. It is important to monitor logs for signs of access and exfiltration. When practical, wipe and reimage hard drives. Also, utilize remote administration and data wiping solutions to regain control of devices if they cannot be physically accessed.
Use unique, complex passwords for all accounts. Unique passwords for each account prevent password reuse attacks, in which threat actors obtain your password for one account and use it to compromise an additional account using the same credentials.
Refrain from sharing login credentials or other sensitive information. Login credentials and other sensitive information should not be shared with anyone, posted in plain view, or saved on your computer or other platforms.
Enable multi-factor authentication (MFA) where available. MFA is the use of two or more factors to authenticate to an account or service. This significantly reduces the risk of account compromise via credential theft in which your password has been exposed. Even if a cybercriminal obtains a user’s username and password, they will be unable to access that user’s account without their second factor. It strongly encouraged that users choose authentication apps, hardware tokens, or biometrics as a second factor over SMS-based authentication due to the risk of SIM-swapping, though using any form of MFA is beneficial verse none at all. The website TwoFactorAuth.org maintains a comprehensive list of websites that offer MFA.
Exercise caution with communications. Before providing sensitive information, confirm the legitimacy of the message or request via a separate means of communication—such as the telephone—obtained directly from official websites or welcome emails.
Navigate directly to websites. Navigate directly to authentic or official websites by typing the legitimate URL into the browser instead of clicking on links in messages, and refrain from entering login credentials on websites visited via links delivered in messages.
Use secure websites. When sharing personal or financial information, ensure you are using verified, secure, and encrypted websites.
Update passwords immediately following a data breach or potential compromise. Use a resource, such as haveibeenpwned.com, to determine if your information, such as an account password, has been revealed in a public data breach. Change exposed passwords for every account that uses it to protect against account compromise.
Implement strategies for emergency situations. It is important to implement strategies for leaving workstations and IT infrastructure behind in the event of sudden evacuations or when human life is at risk. The strategy may include planning and tabletop exercises, preparation and training, and monitoring.
Resources