There is a lot of misinformation on the internet—and a lot of cybersecurity risk. To stay safe online on April Fools’ (and any other day of the year), cybersecurity awareness is as key as maintaining good cybersecurity hygiene. So, let’s correct the “survey findings” we published on our LinkedIn page and give you some real cybersecurity tips.
Backup your data
As a reminder, the traditional 3-2-1 backup strategy advocates maintaining three copies of crucial data: the original and two duplicates, stored across two different media types, with one copy securely stored off-site. However, in recent years, more sophisticated strategies have gained popularity, including the 3-2-1-1-0, 3-2-2, or 3-2-3 configurations. If you are interested in learning more about what each of these strategies entails, you can read all about it in last week’s blog that we wrote for World Backup Day.
Incident response
No, befriending bad actors is not a good strategy for avoiding having to pay a ransom. In fact, you should never communicate with bad actors directly. If your business experiences ransomware or another cyber incident, your first step should always be to shut down the infected computer (if possible) and immediately contact your cyber insurance provider. This will kick off the incident response process and gather a team of experts consisting of a breach coach, claims counsel, forensic investigators, and more.
Password Safety
Your kids, where you grew up, your birthday—all these things hold meaning in our lives. Unfortunately, this makes them easily guessable and therefore not good passwords. Both for your private and professional lives, strong password safety is key to staying safe online.
We strongly recommend that organizations establish a robust password policy that insists on a certain number of characters and a higher level of complexity (like numbers and special characters) for all passwords. This should be paired with semi-regular password changes. Additionally, signing up all employees for a password manager will enable all users to use a variety of complex and long passwords with just one master password to remember. If your organization needs a password manager, Cowbell partners with 1Password to give all policyholders access to a $100 credit for signing up for a new 1Password Business or Teams account.
Lastly, it is important to note that passwords alone do not provide adequate security; this is where 2-factor authentication (2FA) or multi-factor authentication (MFA) comes into play. 2FA/MFA requires you to input a further code verifying you are the person who should have account access after keying in the correct password. All systems should have 2FA/MFA enabled so that even if a bad actor were to guess or steal your password, your accounts will not be compromised as easily.
Establishing good cyber hygiene might seem overwhelming, but it is not as difficult as it may seem, and it can drastically decrease the chances of a successful breach. If you are a Cowbell policyholder, don’t hesitate to reach out to our Risk Engineering team for a scoping call. Our experts are here to support you in all your cybersecurity efforts.
