The COVID-19 pandemic has taught Americans to prioritize health above everything else. We learned the importance of washing our hands regularly, wearing masks in public, and staying at home to reduce the risk of spreading the virus.
But the pandemic has also taught us a few things about cybersecurity. While data breach reports in the United States went down in the first half of 2020, cyberthreats continue to multiply, so businesses in the San Jose and San Francisco Bay Area still need to protect themselves. Here are some cybersecurity lessons you need to learn post-pandemic:
1. Keep your programs and security software updated
Much like a zero-day attack, COVID-19 was an unknown and unprecedented threat, which allowed it to proliferate. And pretty much like any malware on the planet, the virus was able to infect many people before the infected ones showed any symptoms.
Regularly update all your programs and operating systems to mitigate the effects of zero-days and malware. This way, cybercriminals won’t be able to exploit software vulnerabilities to attack your system.
Additionally, make sure that your antivirus and anti-malware software receive definition updates. Cybercriminals are constantly developing new malware variants, and updates contain important files that prevent malware from damaging your system.
2. Adopt a zero-trust security model
The COVID-19 pandemic forced many countries to close their doors to outsiders to abate the spread of the virus. Those likely infected were immediately tested so they could be isolated to prevent the disease from spreading further.
This approach is similar to zero-trust security, where a user undergoes a strict identity verification process when accessing any part of your IT infrastructure. With zero trust, you test, isolate, and quarantine users and programs before they can access your system.
The principle of least privilege involves granting users only the level of access they need to do their job. For instance, your human resources department should only have access to the files relevant to their tasks. This not only protects confidential information, but it also boosts your staff’s efficiency.
3. Use password managers
Many people switched their devices when they started working from home, which meant losing access to their saved passwords. To address this problem, use password managers like LastPass or 1Password. These apps generate and store your passwords in an encrypted vault.
Promote good password hygiene as well. Passwords should at least be a 12-character-long sequence with a mix of numbers, letters, and symbols. They should be easy to remember but hard to guess, so passphrases such as “juicysaturdayonlyremover#523!” or “handsfreemonogramrankeddensity912?” are ideal.
4. Educate your employees on cybersecurity best practices
Your employees will still be vulnerable to cyberattacks after the pandemic, so you need to train them on cybersecurity best practices accordingly. For example, your staff must be critical of every email or website they open. If they receive an unsolicited email with strange links and attachments, they should immediately flag it as a phishing scam.
You can also simulate a cyberattack to test your business’s defenses and teams’ reaction times; such simulations will reveal your strengths and points for improvement so you can prepare for future attacks. For example, you can send out a fake phishing email to everyone in the company and see who falls for the bait. Reward those who perform well, and provide a refresher course to those who struggled.
You need a reliable partner as your business faces the new normal. At USWired Managed IT Services, we will monitor and maintain every aspect of your network 24/7/365 for a fixed monthly fee, so you can ensure maximum productivity and uptime. To learn more about the benefits of outsourcing your IT to us, download our FREE eBook today.