How to Make Your Passwords Worthless to Hackers

How to Make Your Passwords Worthless to Hackers

Passwords have been around since the dawn of computers. Initially they were meant to prohibit employees from accessing the wrong accounts and keep competitors away from your company’s trade secrets. However, they have long outlived their effectiveness in today’s cyber risk world.

According to Verizon’s 2017 Data Breach Investigation Report, compromised passwords are, by far, the most prevalent gateway for hackers to get into personal and company information. 81% of data breaches last year occurred via weak or stolen passwords. Believe it or not, 17% of users still use 123456 and 10% use password as their passwords.

Here are six password strategies to keep bad actors at bay.

Create Hard-to-Guess Passwords

There’s been a lot of discussion about what makes up a good password. Most organizations endorse a password practice of length, made up of alpha, numeric and special characters. The problem is you may not remember it if it’s too difficult. Even worse, you’ll store it on a sticky note beside your computer, so you can reference it often.

NIST recently came out with a recommendation to choose a very obscure long phrase, something you only know. For example, your favorite movie as a kid. Or your childhood best friend’s first and last name. Their research states the right choice, if it is more than eight characters, is more effective than a combination of letters, numbers and special characters.

Use Different Passwords for Different Apps

If you use one or two of the same passwords for many sign-ins, you will make a cybercriminal’s day. Create a unique password for each sign-in.

Change Them Often

Establish a policy regarding password changes. I recommend they be altered at least every 90 days.

Use a Password Manager

Only want to remember one password? Companies like Dashlane, LastPass, and RoboForm store all your passwords in one location.

Use Multi-Factor Authentication (MFA)

First, there were passwords. Then, there was two-factor verification. Now, prepare for multi-factor where a password, code and something unique to you (i.e. voice, face, fingerprint) identifies that you should have access to that data.

While MFA isn’t available everywhere, I strongly recommend you implement 2FA now, so when the next layer is available, you are ready.

Check for Email Breaches on a Regular Basis

Using a tool like have i been pwned? can help identify which applications associated with your email address have been compromised and the type of data that was stolen. Change passwords immediately for those apps at risk.

 

Brought to You by Axiom Cyber Solutions

Even with the best password strategy, you still need a holistic solution that makes your company’s data nearly impenetrable. We’ll monitor your network 24 hours a day and update your systems hundreds of times per day to ensure your organization has the highest levels of protection. Give us a call today at (800) 519-5070 to learn more!

Everything You Need to Know About Studying Cyber Security at Degree Level

Everything You Need to Know About Studying Cyber Security at Degree Level

You’re interested in pursuing a career in cybersecurity, but aren’t sure where to start. What does a career path look like? Compared to other established industries, cybersecurity is still in its infancy in the civilian sector, which means there isn’t a clearly defined path to enter this growing sector. Unlike other industries, however, this isn’t one where you get your degree, land a job and then coast through it. We’ve mentioned previously on Axiom Cyber how jobs in this field require you to be driven and constantly on top of the latest technology and trends.

As with all computer science related degrees, cybersecurity studies are heavily math-intensive, and as such require strong analytics and statistical analysis skills. Cyber security degrees that are offered are associate, bachelor’s, master’s and doctoral levels. An associate degree will prepare you for entry-level positions related to support, programming, help-desk IT, and basic network administration. A bachelor’s degree will build on that knowledge to open up mid to upper level positions by providing you with skills in software development, network security, as well as forensics and tactics to defeat cyber-crime. Cyber Security Degrees website reveals that with a master’s degree you will be prepared for more senior level positions, or able to step into mid-level roles with less experience.

While it’s possible to find entry or mid-entry level positions with an associate or bachelor’s degree, many employers, like government agencies and established corporations, will require candidates to have a master’s degree in cybersecurity. In their feature on cybersecurity career paths, Learn How To Become notes that a master’s degree provides advanced instruction on protecting computer networks. While it will take an extra one or two years to complete, it does provide you with better skills to tackle network security defense techniques and countermeasures. A master’s degree also allows you to specialize in areas like cryptography, digital forensics and risk analysis among others.

Degree programs are available both in class or exclusively online, with the latter a convenient option adaptable around work and family schedules. Online degrees also allow you to work at your own pace without the need to attend classes every day. Maryville University breaks down how a master’s degree in cybersecurity also has a big return on investment, with top earners receiving six-figure salaries. Therefore, a master’s degree in cybersecurity can help you land management level or even C-suite positions, with companies offering better sign-on bonuses, relocation pay, and free medical insurance. You can later further your education by pursuing a doctoral degree, which will prepare you for leadership roles and allow you to innovate new solutions.

Even if you’re not in a tech position currently, VP of cybersecurity at IT security firm Infoblox, Rod Rasmussen recommends that you should start learning IT fundamentals on your own. Self-directed learning and experimentation are critical. Once you have that, build on that knowledge by applying for a degree program and complete certifications. Many established cybersecurity analysts got their start working in entry-level IT jobs and amassed experience in positions like network administration or programming. They studied on their own, then went on to complete degree programs and various certifications, to allow them to learn new skills and stay abreast of new technologies and security measures.

Article intended only for the use of axiomcyber.com

Submitted by HackersAway18

Own a Cannabis Business? You Need Cybersecurity

Own a Cannabis Business? You Need Cybersecurity

You wouldn’t necessary think this, but a cannabis business holds a treasure trove of information bad actors are anxious to steal. Because the industry is in its infancy, hackers are very attracted to it, hoping cybersecurity isn’t even on your radar. If they get in, they will sell your data on the dark web, encrypt it for ransomware, or even worse, provide it to your competitor down the street.

Consider this: At a minimum, your business holds a customer’s personal, and perhaps, their medical information. This includes their date of birth, driver’s license number, SSN, credit card number and medical information.

Add to the fact you are bound by at least two regulations, HIPPA if you are a medical marijuana establishment and PCI-DSS if your business accepts credit cards.

This blog will focus on ways to protect that data and keep your business going and growing!

Five Proactive Measures to Protect Your Business

  1. Use an airtight Point of Sale (POS) system.
    Make sure your POS network offers end-to-end encryption for credit card transactions. In addition, call your provider and review how your customer’s data is protected, where it is stored and how you will be alerted if critical updates are needed on the system. If there isn’t a systematic process to their offering, switch POS providers as soon as you can.
  2. Establish a system integration plan.
    Your business may have several apps such as QuickBooks and BigCommerce that you want to sync on a real-time basis with your POS system. While this makes great business sense, you may be leaving gaps for cybercrimes to happen. This is where a good cybersecurity audit comes in to measure your vulnerabilities and fix them before they become problematic.
  3. Keep employees out of data silos they don’t need to do their jobs.
    Establishing who can access your data and at what level is vital to making sure one of your own doesn’t accidently open the gate to a hacker.
  4. Make sure your operating systems, applications and anti-virus software is up to date.
    This is the number one method cybercriminals get into your system.
  5. Outsource cybersecurity.
    Look for a firm that has the following capabilities:

    1. Security Operations Center that can continuously monitor your network
    2. Security Information and Event Management analytical tool that provides real-time analysis of security alerts generated by applications and network hardware
    3. User and Entity Behavior Analytics models to identifies typical and atypical behavior of humans and machines within a network.

About Axiom Cyber Solutions

We can provide your cannabis business with a holistic solution that is nearly impenetrable, using all the tools and techniques listed above. We will monitor your organization around the clock and make hundreds system updates per day to keep hackers out. Contact us today for more information!