by Elizabeth Parsons, IT Services

As National Cybersecurity Awareness month comes to a close, we’re reflecting on everything we learned this month (and reinforcing a few important topics, too!). Cybersecurity isn’t something we should be aware of just once per year – we should make sure we’re implementing these tips and staying vigilant all the time.

Especially as members of the Miami community, we have a shared responsibility to do our part to be secure online. It doesn’t have to be scary!

Let’s take a look at how you can be even more cybersecure – this month and all months that follow!

Quick password tips

Here’s something spooky: Keeping your passwords on a scratchpad next to your computer – or even a sticky note hidden under your desk! – is a surefire way to have your accounts hacked. You also shouldn’t re-use passwords – now that’s scary! But who has time (or brain power) to remember every single password for every single online account they have? Internet users have an average of 100 online accounts, and that is probably too many for us to remember off the top of our heads.

The good news is that this problem has been solved: Use a password manager to generate and store all of your unique passwords. This thorough guide from tech.co analyzes some of the major competitors in the password manager space, including:

• LastPass
• 1Password
• Dashlane
• Nordpass

Bitwarden is another manager that you can try out, as well. Try them out and see which one works for you. There are free versions of most of these programs. Just remember: Don’t reuse passwords, and don’t write them down! Save them in these programs instead.

Put two-factor authentication on all your accounts

You know all about Duo Two-Factor authentication. We have it on Miami accounts to provide an extra layer of security to all of our accounts. That way, if a hacker gets a hold of your password, but they don’t have your second factor (e.g., your phone, a Yubikey, your tablet, etc.), they won’t be able to get into your account. You could say we’re… keeping your accounts under wraps!

You should also consider putting two-factor authentication on non-Miami accounts, as well. Bank accounts, emails, credit union accounts… even your online gaming accounts (e.g., Steam) need to have a second factor so that your important information doesn’t get snatched by someone nefarious.

Keep software up-to-date

Software updates often contain new security features and patching for newly discovered vulnerabilities. Outdated software can be vulnerable to hackers – because as soon as new software is released, these malicious actors get to work trying to find exploits they can use to get into your account.

It’s for this reason that you should update software regularly – stick to a schedule of checking for updates, and if there are updates, don’t wait to install them. It could make a difference!

Familiarize yourself with phishing tactics

Phishing tactics may change with time, but the basics tend to stay the same. Look for grammar errors, check any URLs by first hovering over them, and make sure the person who sent the email (the “from” address) belongs to your organization or is someone you’re expecting a message from.

Check out our in-depth guide from earlier this month to put the scaries about phishing to rest.

Don’t get social-engineered

Phishing is a type of social engineering. Other social engineering tactics include vishing (which involves using voice, like phone calls). Some malicious actors are pretty savvy – take, for instance, this video of a person gaining access to the interviewer’s cell phone account:

The person creates credibility by finding some information about you from a source, and they may try to infiltrate your network by asking you leading questions (after establishing that they are a credible person).

The easiest way to avoid being social engineered is to be suspicious of any phone call you receive that you did not expect to get, or any phone call from outside your organization. For instance, Miami phone numbers all start with 513-529-xxxx – so if you receive a call from a number that doesn’t start with those six numbers, treat it with extra caution and don’t give out any personal information.

Don’t get spooked!

As we move into November and look toward the end of the calendar year, just remember: Cybersecurity doesn’t have to be a big, scary thing. Just taking these small steps and incorporating them into your daily routine is a good start.