Oct 16, 2013

3 Tips for Creating Security-Savvy Teams

For the 3rd week of National Cyber Security Awareness month, we’re thinking about cyber security education, and how to help our workforce be more security-savvy. There’s certainly a need to educate more cyber security professionals who can lead these efforts, but we should also need to be sharing our knowledge with those around us now. We can help our colleagues by giving tips for better protecting their personal information online, and provide them with suggestions for tools to do so successfully.

If you’re reading this post, we’re guessing you have a pretty good understanding of how to protect yourself online. That knowledge could also go a long way in educating your colleagues (or your family) in how to better protect themselves.

Here’s 3 tips to get you started helping your coworkers and others, which in turn helps us create a more informed workforce when it comes to online security:
  1. Test their knowledge. The STOP.THINK.CONNECT initiative has created a great presentation to quiz your knowledge on online safety, security, and ethics. Have an informal presentation of the quiz over a lunch hour, or have a “security huddle” with family (even virtually) to walk through the quiz and the answers.
  2. Post actionable tips where people will see them. Staysafeonline.org has dozens of posters, handouts, and tip sheets for you to share with others and hang up on your walls. Post them on community boards or near communal workstations. Even better, schedule a few minutes each week to walk through each bullet point of their Tips & Advice sheet, so you all can get up to speed and be prepared moving forward. 
  3. Get them started with a password manager. National Cyber Security Awareness Month touches on the importance of strong, unique passwords that are securely stored, and this is best accomplished with a password manager like LastPass. Do your colleagues and family know that with LastPass you only have to worry about creating and remembering one strong master password, and that LastPass does the rest of the hard work of typing, remembering, and creating passwords? Refer others to LastPass for Premium credit today: https://lastpass.com/friendemail.php
How have you been helping to spread your knowledge of online safety for Cyber Security Awareness Month? What great resources have you found for helping colleagues and family?

Oct 14, 2013

Social Media Managers: Are You Following These Security Tips?

Many businesses and industries now recognize the benefits of social media. If you’re a Social Media Manager or a Marketing professional tasked with that role, you understand the gains for your company in customer service and brand perception by regularly participating in social communities. You also understand that building up brand awareness, leadership, and trust can take years, forged through carefully crafted messages and consistent engagement.

Unfortunately, all of that can be jeopardized with the compromise of just one password. Remember what happened when the Associated Press’ Twitter account was hacked? The posts uploaded by hackers caused a national scare and managed to affect the stock market.

Although not all social media account hacks have that outcome, a compromise could still cause a huge headache for your team, damage your reputation with your online communities, and even put critical company assets at risk. With digital theft now surpassing physical theft for businesses, there’s more at stake in protecting your online accounts and communities.

If you’re a Social Media Manager or oversee your company’s social media communities, here’s your security action list today:

1. Scan your computers: Do you have the latest, up-to-date security software running on your computer? Perform scans, check all browsers for updates, and reboot your computer if you haven’t in ages. This is the best defense against viruses and malware.

2. Implement password security basics: If you don’t have a company password policy, consider implementing one with LastPass Enterprise. You can then require strong, unique passwords, without the usual hassle it creates for employees. If your whole team isn’t quite ready to get on board, you should definitely get yourself started with a password manager. Eliminating password reuse and weak passwords is an easy way to prevent hacked accounts.

3. Protect your smartphone: Your mobile device likely contains access to company accounts or networks. Protect your devices with a passcode or PIN, especially if you use social media apps on your phone to access company accounts.

4. Revoke access by unknown apps: When was the last time you reviewed the 3rd party apps that have access to your LinkedIn, Twitter, Facebook, and other social accounts? Only allow access to apps that are trusted, and regularly review your settings to remove unneeded apps. In Twitter, for example, go to your account’s Application page and click “revoke access” for each app.

5. Avoid clicking suspicious links: As you actively monitor conversations about your brand and industry on social media communities, be careful with what you choose to open. If a follower has DM-ed you a link with no context, or if someone you follow posts about some weird diet trick, do not click the link. If you’re unsure, respond to them and ask for more details - it can’t hurt, and they may not know that their account has been sending spam.

These are just a few simple action items to get you started with better protecting the accounts you manage.

If you manage any social media accounts for your company, what are your tips for locking them down? Please share in the comments below.