• Remember that the longer the
password, the longer it takes for digital
adversaries to crack it, thus deterring
successful brute force attacks
• Avoid overused practices like
adding an exclamation point at the
end, including phrases associated
with family or pets or using
incremental numbers. Hackers use
these well-known patterns to guess
your password and you’ll make their
jobs easier
• Give only fake answers to security
questions that would help you
recover your password, so hackers
cannot mine that information from
snooping you online. One example
would be your mother’s maiden
name – with some social media
searching, this would be easy to
identify, so choose a made-up name
that only you would know
Steve Nice, Chief Security Technologist
at Node4
• Implement multifactor authentication
wherever possible to create extra
hurdles for cybercriminals
“There will always be varying degrees
of account compromise,” said Ryerse.
“If someone hacked my LinkedIn, they
might post something embarrassing,
but it’s easy to change the password
and regain control. However, if they
broke into my online bank account
or used my credit card on Amazon to
rack up charges, we’d be looking at
significant damage. Wouldn’t it be better
to prevent all of these incidents though?
Sascha Giese, Head Geek at SolarWinds
Implementing these best practices
across your online presence will do
just that and protect both you and your
company on an ongoing basis.”
Keeping the public sector private
Although the mass migration to remote
working has brought a handful of
benefits, the cybersecurity landscape
has never been more muddled. “The
sudden increase in the number of
remote workers has been accompanied
by a spike in phishing scams and spam
attacks as hackers ruthlessly use the
COVID-19 crisis to their advantage,”
said Sascha Giese, Head Geek at
SolarWinds. “In the public sector –
as in every sector – IT pros have to
contend with keeping stressed IT
systems functioning while working from
home, and now this dramatic surge in
cybersecurity threats as well.
“But in the face of such adversity, the
simplest measures, such as password
protection, can often prove the most
effective. At times like this, remember
passwords act as vital gatekeepers to
the most sensitive data. Strengthening
password habits such as regularly
changing them and using two-factor
authentication (2FA) makes it harder
for hackers to gain access to data
and information. For the public sector,
2FA is a very effective additional
layer of security that requires not just
a username and password but also
Mihir Shah, CEO, Nexsan, a StorCentric
company
something completely unique to that
user, whether it be a piece of information
or a physical token. It’s based on the
concept that only those users will gain
access based on something they know
(knowledge) and something they have
(possession). Such a system makes it
much more resistant to attack, and in
our current times is reassuring for both
system administrators and the public.”
Monitoring operations remotely
Ordinarily, it is important to remember
how crucial it is to change and update
passwords frequently but especially in
current circumstances. Steve Nice, Chief
Security Technologist at Node4, said:
“One of the biggest threats to IT security
is ‘shadow IT’ – where the security
It’s important to
look at the practical
solutions to this
impractical problem,
accelerated by
more and more
aspects of our lives
going online.
www.intelligentciso.com | Issue 28
75