Security Best Practices You Should Implement Now

Good cyber hygiene isn’t only important at work, but also at home. Below are a few key pointers for people looking to improve their remote office and home cyber security.

Remote Office Security

Password Strength Policy 

  1. Require at least one uppercase letter from Latin alphabet (A-Z)
  2. Require at least one lowercase letter from Latin alphabet (a-z)
  3. Require at least one number
  4. Require at least one non-alphanumeric character (! @ # $ % ^ & * ( ) _ + – = [ ] { } | ‘)
  5. Should be at least 8 characters long
  6. Enable password expiration (90 days)
  7. Prevent password reuse for the past 3 passwords
  8. Enable 2FA everywhere possible

Password Storage Policy

  1. Delete any/all passwords stored on computers or phones
  2. Disable auto save password in browsers. If someone has access to your device
    they then have access to any account that will sign in automatically.

The following is a breakdown of secure vs. not secure password storage methods

Secure

  • In Lockdown
  • On paper in a safe
  • Password Manager

Not Secure

  • Remember in browser (an attacker with physical access to your computer will have access to all accounts auto-saved in browser)
  • Plain text store on Hard Drive

Router/modem security

  1. Change all passwords for admin account to strong passwords, never leave
    default account in place.
  2. Use only WPA2 wifi with a strong password
  3. Make sure there are no unneeded ports open for incoming traffic
  4. Make all suggested manufacturer updates to firmware

Ransomware and theft prevention

  1. Make sure any critical files or information on your computers is backed up to
    an external (not-connected) drive or in the cloud.
    • Don’t backup bank information or other private data to cloud unless it is strongly encrypted.
  2. Make sure you have no banking, financial records, medical records on your computers that are not strongly encrypted.
  3. Consider your computer may be an insecure place to store anything.

Personal Security

Finally, here are some guidelines for your personal security. 

  1. Look into a password manager, or store on paper in a secure location, or LockDown.
  2. Remove any stored passwords from your computer, files, browser etc.
  3. Consider purchasing identity theft protection.
  4. Be cautious and skeptical of all links sent in any medium, text or email.
  5. Use strong passwords and change them periodically, never use the same passwords once reset or for different services.
  6. Change email to a strong password with 2FA, most store accounts use your email account to reset passwords, so a weak email password can lead to all your other accounts being compromised.

Recent Posts

You’ve heard of Signal, but what about LockDown?

Last week, following a viral tweet from Elon Musk, Signal became the #1 downloaded free app in both the Apple App and Google Play stores. Here at LockDown, we’re often … Read More

The SolarWinds Hack Screams Need for Containerization

The SolarWinds hack that impacted the U.S. Treasury, Department of Homeland Security and Commerce departments, as well as other government agencies and private companies was a big wake up call … Read More

Why privacy matters more than we think.

What is privacy? Contrary to widespread belief, privacy is more than just personal identifying information, medical records, and personal communication. Privacy, by our definition, includes any digital information you decide … Read More