The Midlands Business Journal interviewed experts in cybersecurity including Dave Koopmans, solutions engineering manager at Scantron Technology Solutions. From the article, here are the consolidated tips from all the experts including Dave.
- Build your passwords from pass phrases of mutliple words that may be unrelated. This defeats almost any attempt at brute-force hacking.
- Use a password manager application with one strong password for you to remember.
- Never re-use a password from another login.
- Refresh your passwords every 90 days or more often.
- When possible, take advantage of 2FA – two-factor authentication. For example, powerful multi-factor authentication applications include fingerprints and text messages to your mobile phone with verification codes.
- When a pass phrase isn’t possible, combine more than 12 characters – mixing numbers, upper and lower case letters, and special characters, and don’t use dictionary words. Some experts even take this out to 25 to 35 characters.
- Assume that you have cybersecurity blind spots and recruit a firm to help you assess your company routinely – annually is best.
When it comes to password and cybersecurity best practices in general, assume that the threat is always there, and always adapting, because it is. It’s not a matter of if, but when your environment will be attacked. Think of your security as layered, rather than as a single penetrable wall. It includes sound email security, active web filtering, antivirus and anti-malware applications, and a next-gen firewall. Never assume that you can be complacent after a successful penetration test or risk audit.