How to avoid cyber attacks?
The year 2020 was not only marked by the COVID-19 health crisis, but also by a sharp increase in the number of cyber attacks. According to the French National Agency for Information Systems Security (ANSSI), "the number of victims of cyberattacks increased fourfold in 2020". (1)
Any company, from public services to SMEs and large international groups, can be of interest to a hacker. Data protection therefore becomes a priority for companies. Preventive action can help avoid such attacks.
Here are 5 good practices.
1. Train employees in IT security
Educating employees about the risks involved is the first step in avoiding these attacks. For example, it is recommended not to open suspicious emails asking for confidential information, download an attachment or click on a link from an unknown recipient. If in doubt about a message, ask your employees to contact the IT department.
2. Change your password
Password management is a key issue in securing your systems. It is therefore essential that your employees choose complex passwords. We recommend using numbers, upper and lower case letters and special characters. To generate a complex password, you can, for example, encrypt a word :
Example sentence: Complex password
Encrypted example: M0t2p@ss3c0mPl3x3?
This makes it more difficult to "crack" the password. It is also recommended to change all passwords regularly.
3. Software updates
It is imperative that you update your operating system, as well as the applications on your computer as soon as possible. This will allow you to correct certain bugs and avoid security breaches.
4. Make regular backups
Regular and automatic backups should be part of your computer security plan. In the event that your computers are hacked, the backup will allow you to recover all the data stored.
5. Control remote access
Employees are using more and more connected devices, starting with laptops, but also phones and tablets. This is especially true since the democratisation of teleworking. The increase in the number of these devices represents an additional risk. To limit this risk, it is possible, for example, to alert users to each new connection to their account.
To go further, you could, for example, look into the implementation of a single sign-on (SSO) tool, as well as a glossed multi-factor authentication (MFA) solution.