Employee Account and Device Security

Attackers can use credential stuffing to test username/password combinations. Attackers will use information from one hacked site to infiltrate accounts on other sites.

To protect yourself you should never:

• Use weak passwords
• Reuse passwords

Using Multi-Factor Authentication (MFA) can make your accounts even more secure, even if your password is compromised.

Virtual Private Networks (VPNs) keep you safe by providing both network security and anonymity.

They can protect against attacks like Man-in-the-Middle attacks because of their ability to encrypt web traffic.

Keeping your knowledge and your software up to date will protect you against many cyberattacks.

Software updates often include updates that can protect against recently discovered threats.

Hardening is the process of fortifying a system against attacks

Hardening a personal device should strike a balance between:

• Security
• Usability

You should base your decisions on the risks associated with the asset being hardened.

It’s important to do research before implementing hardening techniques.

This is for two main reasons:

• Different systems might require different techniques
• Malicious actors might suggest fake security tips in order to gain access to your machine