October is National Cybersecurity Awareness month. Unfortunately, cybersecurity is not something that requires our attention only one month out of a year. Bad actors are hard at work every day of the year trying to steal your data. As deep and complex as cybersecurity can be, it often comes down to the most basic measures to prevent disaster. This is a great time to review some basic security hygiene practices.
Starting with the most obvious, awareness and training, at home and work, create a security-minded culture. Without some basic understanding of what bad actors are trying to do, it is impossible to prevent them. Only through continuous education do we stand a chance against cyber criminals. So, share what you know and what you have learned to help others.
Bad actors don’t break in, they log in. Hackers like to play on two basic emotions, fear and curiosity. They will try to lure you in by making you either fearful that if you don’t click the link something bad may happen, OR if you don’t click the link, you may not win the big prize. Who hasn't been tempted? In both cases, they are trying to get you to do something you would not otherwise do. Please pay attention to what you are clicking or opening. Watch out for suspicious emails or texts. Are they coming from a known source? Emails will often have a familiar display name, like that of a coworker, so pay close attention to the address.
Mistakes will be made, but antimalware can help mitigate the damage if a malicious link is clicked. Utilize a trusted antimalware tool.
P@ssw0rd is not a good password, and neither is loveyou123. Utilize strong passwords that are not easily guessed. A password created to ease your memory will most likely not be a strong password.
If we assume that somehow a bad actor will eventually get your credentials at some point, the most crucial defense is enabling multi-factor authentication (MFA). Of all the basic security hygiene practices, MFA provides the most significant impact. By requiring multiple forms of authentication, you will make the hackers’ work much more difficult but not impossible. MFA-enabled accounts are compromised at a rate of less than 0.1%.
Monitor and Control Permissions
What a bad actor can do once they are in your system depends on a number of things; however, the most significant factor is the compromised account’s access level. It is important that users are granted only the least privileged access required to do their work. Elevated permissions should be given only when needed and should be reviewed frequently to reduce the damage if their access becomes compromised.
Just patch it. Bad actors are always hard at work searching for new weaknesses in software. However, they will always continue to exploit the vulnerabilities that have already been exposed and are known. Don’t give them an easy way in via a software vulnerability that has already been identified and has a fix available. Apply those updates and patches routinely.
If your organization is currently using Dynamics 365 Business Central on-premises, you can find the latest updates here. If you are currently using Business Central SaaS, you don't have to worry about security updates because the updates are automatic, your data is encrypted, and your system is backed up and under constant surveillance for threats.
Again, training and awareness are the most important cybersecurity defenses we have. Use this opportunity to create a security-minded culture within your organization and talk with your family to reduce your chance of disaster.
If you are worried about your organization's security, contact us, we can help. Call 800-834-7700 or click the link below to start a conversation.