Cybersecurity Resolutions for the New Year

How many of last year’s cybersecurity resolutions did you actually deploy in 2018?  Not as many as you had hoped?

The new year gives us the opportunity to plan and deploy the computer and network security upgrades we need to implement to protect us from the exploits of cyber-criminals and other bad actors.  What is on your list?  Going to start using a password manager?  Signing up for two-factor authentication?  Starting to use encryption?  Or adding a security proxy?  Moving from a simple firewall to a unified threat management system?  Maybe this year we will really get them done!!

Here’s my list:

Authentication

  • Use a password manager
  • Long passwords of at least 12 characters
  • Use passwords randomly generated by your password manager
  • Set up a two-factor authentication app or USB key
  • Enroll in two-factor authentication at web sites and services that support it.

Encryption

  • Add a TLS certificate to your website to provide for encrypted communications.
  • Use the encrypted ports for email.
  • Turn on Bitlocker encryption for your computer or laptop.
  • Encrypt contents of on-line databases.
  • Encrypt all data in storage devices
  • Encrypt everything.

Web filter proxy

There of course are other initiatives that you could add to your own cybersecurity to-do list.  Please leave your comment to share what plans your company has for 2019.

 

 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.