Five new year’s resolutions for your computer systems

Five new years resolutions for your computer systems

Recent research has found 80% of people fail to meet their New Year’s resolutions, with most quitting by 19 January. So now that you’ve got those out of the way, let’s talk about some resolutions for this year you could realistically achieve.

Here are five new year’s resolutions for your computer systems:

  1. Multi-factor authentication
    In the past year we have noticed a significant increase in the number of hacking attempts to gain access to secured information both ourselves and our clients. We have concluded that multi-factor authentication (MFA) is now a critical aspect of your cybersecurity to protect against hackers. This includes activating MFA on your email, website, financial management software, banking and other critical services. Since its introduction, MFA has become less intrusive in that you can whitelist common IP addresses such as your workplace and home so you only have to go through the authentication process if you are working offsite.
  2. Passwords
    We all know they’re important but it’s so easy to forget about changing them and it’s hard to remember new passwords. There are two options here. Firstly, there have been recent changes around what the definition of constitutes a strong password. The biggest change is that the longer the password, the stronger it is, because difficulty of cracking a password goes up exponentially with each letter. A second option is to use a password manager, which stores your passwords for you so you no longer need to remember them. The other big advantage is that it can enable you to easily see whether one requires changing, whether it has been compromised or is in use across multiple websites.
  3. Windows 10
    If you’re still using Windows 7, act as soon as possible as it is no longer supported by Microsoft and you are now vulnerable. as no further software/security updates or technical support are being available. Due to this, it is possible that security risks will arise from the continued use of Windows 7. Windows 8.1 users have until 10 January 2023 until it goes out of support.
  4. Cloud services
    Using cloud services such as Office 365 gives you access to the latest tools in the Microsoft Office suite and can help make your business more productive by making communication and collaboration easier, allowing remote access and reducing downtime. You can easily scale as your business needs grow and take advantage of products and services previously only available to larger businesses.
  5. Cyber Insurance
    Protecting your environment from hackers is a bit like protecting your home from intruders: you can take reasonable precautions, but if Bruce Willis or Arnold Schwarzenegger want to break in they’ll probably find a way. In these situations, cyber insurance can protect you from potential losses incurred. Just be wary because like health insurance, there are a lot of junk policies out there which don’t offer any real protection.

Much like a business coach helping you implement new practices in your business, or your personal trainer keep you accountable for undertaking regular exercise, it is important to find an ICT partner that can assist in support you in implementing and maintaining these resolutions. If CyberGuru can assist in any way, please contact us.

“Collection #1” Data breach lists 773 million accounts online

“Collection #1” Data breach lists 773 million accounts online

Collection #1

Barely a day goes by without news of another data breach or new security issue. But late last week security researcher Troy Hunt announced the discovery of what is possibly the largest data breach ever. Known as Collection#1, the data breach contains approximately 773 million accounts online from multiple sources.

Collection #1 is a large collection of email addresses and passwords which was made available on a public hacking forum. It appears to consist of multiple breaches across several websites.

Since the original announcement by Hunt, it is further now understood Collection#1 is just one of seven collections, so it is likely that the number of breached accounts is likely to increase dramatically when the remaining collections become public.

The recommendations made are always:

  • Set strong passwords and don’t use the same passwords on multiple websites.
  • Change passwords where you may have used the same username and password.
  • Set up multi-factor authentication on your accounts to ensure that you require a secure code as well as your password.

We strongly suggest everyone review their accounts on the Have I Been Pawned? website (link opens in new window) to see if you have any vulnerable accounts. You can also check your password to see if it on any known exposure.

If we can be of any assistance to you in implementing these recommendations, or would like any further advice on cyber security, please let us know.

Five recommendations for password protection

Five recommendations for password protection

Passwords

May the fourth be with you! Today is 4 May, also known World Password Day. How do you record your passwords? Do you save them in your computer browser’s history or in sticky notes on your computer? Have you considered using a program to help you manage these?

Personally, we have over 500 passwords to manage, let along the number we manage on behalf of our clients for their servers, computers and websites. We strongly suggest a good password policy is put in place in all organisations and provide the following recommendations:

  1. Set strong passwords and use different passwords for different accounts. If this is too difficult, use different passwords for different groups of services. We don’t believe it is practical to have different passwords for every account you may have (unless it is financial or business critical)
  2. Change your passwords regularly, at every three months. Some services require you to change your password more or less often, however the more often you change your password the less chance of it getting into the wrong hands!
  3. Select ‘no’ when the computer offers to automatically remember your password. These can be accessed by password viewer that can scan and access passwords saved in your computer’s memory.
  4. Make the password complicated and not a word that can be found in the dictionary or easily guessed. Depending the service you are setting it for, the password may require more complicated, but at least choose a password that contains:
    • At least eight characters
    • Upper and lowercase letters
    • At least one number and symbol
      You can make a sentence and use the first letter of each word changing some of the letters to symbols and other characters. For example, “The Brisbane Broncos will win in 2017!” becomes TBBwwi2017!.
  5. Use a password-protected document or spreadsheet, or a program such as 1Password, LastPass or KeePass. If you have a list of passwords on your computer make sure you encrypt it. If you do decide to keep a printed copy or a password somewhere, this should be kept securely in a safe place.

As the number of devices in own possession grows and number of websites increases, so will the need to effectively manage our passwords. We trust these tips help you manage your passwords. If we can be of any assistance, please feel free to contact us for further advice.

Password expiry for Office 365 – don’t leave it until the last minute!

Password expiry for Office 365 – don’t leave it until the last minute!

Password expiry for Office 365 – don’t leave it until the last minute!

One of the key security elements in Office 365 is the requirement by default to reset your password every 90 days. Whilst the expiry period can be changed, having to regularly change your password ensures your account remains secure and reduces the risk of the password being found and your account accessed.

Notification of password resets usually begins around 10 days prior, however depending on the device you are accessing your email on, this notification may not appear until later, or not at all. You can reset your password once it has expired, but your email will stop working until the password has been changed and account details updated, so it is best to change it when you can rather than needing to do this.

Therefore, we strongly suggest you don’t leave changing your password to the last minute. We suggest that it may be worthwhile having a recurring appointment every two months to reset your password.  Once you have changed your password you will need to update any device which is using this (such as your computer, tablet and mobile phone).

To change your password, please follow the steps below:

  1. Login to the Office 365 Portal.
  2. Click Settings (the cogwheel located on the top right-hand side of the screen), then click the Password option.
  3. Enter your old password, then your new password twice.

Within a few minutes, you will be prompted to update your password on your email program and devices. Enter your new password in these devices and you’re done!

Microsoft have determined the following requirements for strong passwords on Office 365:

  • The password needs to have at least 8-16 characters.
  • Don’t include common words or names.
  • Combine uppercase and lowercase letters, numbers and symbols.

CyberGuru provides Office 365 consulting, support and training to small businesses, not-for-profit organisations and individuals of all sizes and industries. If you need a hand and would like us to assist you with Office 365, please contact us today.