In this day and age where most if not all of us are so reliant on the internet, cybersecurity is now a necessity for all individuals, and no longer an issue for large companies and enterprises. In 2020 alone, 28% of all data breaches have small businesses as the target while at the same time the total number of cyberattacks and cybercriminals is still increasing rapidly.
In fact, more and more cybercriminals are now moving their targets from big companies to smaller businesses and even individuals because they tend to have less secure infrastructures, making them more vulnerable targets. While the potential profit from targeting a small business might be significantly smaller than those of big enterprises, the success rate will be higher and the attacker can make it up by breaching hundreds if not thousands of small businesses in a fairly short time frame.
With that being said, here we will discuss some of the most important cybersecurity best practices to implement in 2021, and without further ado, let us begin with the first one.
1. Use Strong And Unique Password
A basic, but very important best practice is to strengthen your password: make sure your password is complex and long enough so attackers can’t easily guess it via brute force/credential cracking attacks.
However, we have to also make sure we are using unique passwords for each of our accounts. A very common mistake performed by many people is to use the same credentials for all our different accounts, and in the event of credential stuffing attacks, all our accounts will be compromised.
Make sure your password is at least 10 characters long and use a combination of uppercase, lowercase, symbols, and numbers. Nowadays, you can use various password manager tools to help generate and ‘remember’ very complex passwords for all your accounts, so there’s simply no reason to use weak and non-unique passwords in 2021.
2. Using Multi-Factor Authentication
Multi-Factor Authentication (MFA) is an added layer of security in cases where your credential is already compromised.
Also called 2-Factor Authentication (2FA), it is essentially asking for a second factor besides the password before someone can access the account, which can be a secondary password/PIN, an answer to a security question, SMS/email confirmation, USB dongle, and even fingerprint or face ID.
With how it’s now very convenient to attach 2FAs to any accounts, again, there’s simply no reason not to use one for all your accounts in 2021.
3. Install Anti-Bot Solution To Protect Your Network
Since most cyberattacks are now executed by malicious bots, it’s very important to have a proper bot management solution in place to detect and manage these bot activities accordingly.
We can no longer rely on traditional bot detection solutions due to two main challenges:
- Aside from the bad bots operated by hackers and cybercriminals, there are good bots that can be beneficial for your network. We wouldn’t want to block, for example, Googlebot which will effectively prevent our site from being indexed by Google.
- Malicious bots are getting better at impersonating humanlike behaviors like visiting other pages before executing their objectives, performing non-linear mouse movements, and so on while also using various technologies to mask their identity (i.e. rotating IP address). We wouldn’t want to accidentally block legitimate human users instead (false positives).
A sufficient bot management solution is needed to tackle these issues and an AI-powered bot management solution like DataDome that can use behavioral analysis to properly differentiate between good bots and bad bots is very important.
4. Update Everything Regularly
Security patches and updates are there for a reason. No software and OS are 100% secure, and this is why software manufacturers regularly release security patches to ‘patch’ the vulnerabilities.
Keep a habit of updating everything regularly, ideally as soon as these updates are available.
Cybercriminals are always on the lookout for vulnerabilities they can exploit, so you wouldn’t want to have all your systems compromised just because you forgot/neglected to update your software.
Also, uninstall software and apps you are no longer using.
5. Reduce Your Digital Footprint As Much As Possible
The idea here is to make the attack surface smaller, so cybercriminals have fewer targets:
- Manage your social media activities: in general, if you don’t need your posts to be made public, consider making them private always. You might want to restrict your social media to friends only (and friends of friends). Be careful not to accidentally post something that might compromise your credential and sensitive information on social media.
- Unsubscribe: make a habit to unsubscribe from old email lists that you no longer need, and you might want to create a secondary email address for risky activities like making online purchases, making inquiries, etc. Protect your primary and business emails at all costs.
- Configure access: turn of location sharing on your phone unless you absolutely need it. Disable face recognition and any other features that might compromise your privacy.
- VPN: when accessing public Wi-Fi, make a habit of using a VPN especially when making sensitive transactions.
The threats from cybercriminals are rapidly evolving each and every day, so if we don’t properly implement the necessary cybersecurity best practices, there is a huge chance that your credential, device, and/or system are compromised.
The five best practices we have shared above certainly aren’t the only ones, but they are the most important ones in preventing data breaches and protecting the integrity and security of your data.