Employee Account and Device Security
Securing Your Accounts
Attackers can use credential stuffing to test username/password combinations. Attackers will use information from one hacked site to infiltrate accounts on other sites.
To protect yourself you should never:
- Use weak passwords
- Reuse passwords
Using Multi-Factor Authentication (MFA) can make your accounts even more secure, even if your password is compromised.
Virtual Private Networks (VPNs)
Virtual Private Networks (VPNs) keep you safe by providing both network security and anonymity.
They can protect against attacks like Man-in-the-Middle attacks because of their ability to encrypt web traffic.
Software Updates
Keeping your knowledge and your software up to date will protect you against many cyberattacks.
Software updates often include updates that can protect against recently discovered threats.
Hardening Your Device
Hardening is the process of fortifying a system against attacks
Hardening a personal device should strike a balance between:
- Security
- Usability
You should base your decisions on the risks associated with the asset being hardened.
Researching Hardening Techniques
It’s important to do research before implementing hardening techniques.
This is for two main reasons:
- Different systems might require different techniques
- Malicious actors might suggest fake security tips in order to gain access to your machine
