October is not just about falling leaves, cool weather, and getting dark early, its also cybersecurity awareness month!
What can you do to be cyber smart as an organization?
To stay secure you have to understand your digital footprint as an organization. What is running in your data center? What devices are employee's bringing into your organization under your BYOD policy? What about IOT devices or embedded systems that run within your manufacturing operation? What about your access control systems? What about those very convenient internet connected thermostats? All of these provide an attack surface. You must be aware of their existence to be able to take the next step...
To be a cyber smart organization you must secure your digital footprint. Hands down the most effective security precaution you can put in place is multi-factor authentication. What does this mean? Simple put, when an unrecognized device attempts to login to your systems it will require an additional piece of information before the connection is allowed. Is this an annoyance for your users? Yes, but it has become a necessary annoyance in today's environment.
Once you have secured your footprint, you have to take action to protect it. Consider required password changes at as short of an interval as you as an organization can tolerate. This way in the event that valid credentials fall into the wrong hands, they have an expiration date on them. Additional, all systems should be configured to have a failed attempt lockout rule in place to prevent a brute force attack.
Cybersecurity requires diligent and consistent effort. Intruders can attempt to access your systems millions of times without success, but it only takes that one successful attempt to cause massive problems. Be Cyber aware!