Speaking Engagements

diego-ph-249471.jpg
 

If you're here than you must have been in on one of the Cyber Hygiene talks I had the pleasure of giving to a smart and great looking audience!

Please see below for recommendations on maintaining cyber hygiene best practices.  You may also download the most current presentation slide deck here

Protecting your company:

“Harden” the hardware & software
This is a fundamental premise to ensure all updates to your operating system and software products as well as your primary router and firewall(s) are regularly checked for updates.  Additionally, install cloud based anti-malware solutions such as BitDefender (https://www.bitdefender.com/business/) to monitor and be alerted on any unusual activity. 

Implement Secure Communication Methods (email and VPN)
Never send passwords or other sensitive information over unencrypted email.  Instead, use a service like Sendinc (https://www.sendinc.com) to send this or similar information.

A VPN should be mandatory when employees are accessing company data on free wifi services such as a coffee shop or airport.  Use a VPN service such as VyperVPN (https://www.goldenfrog.com/vyprvpn/business) on all your mobile and PC devices. 

Mandate a password strategy (mobile, too)
All companies should implement a required set of rules in securing and rotating passwords (at a minimum, every 90 days.)   See this article (https://technet.microsoft.com/en-us/library/ff741764.aspx) for great tips on managing passwords in the office.  

Have (and use) a secure backup plan
Ransomware is difficult to resolve, and the best solution is to have backups performed regularly.  When/if a system is attacked, a backup can be restored before the incident.  Two excellent and economical solutions are Backblaze (https://www.backblaze.com/business-backup.html) and Acronis (https://www.acronis.com/en-us/business/backup/).  

Be extremely mindful of internal threats
This is a very sensitive topic for most companies.  Unfortunately, there is no “one size fits all approach.”  It is highly recommended a low-cost and customized solution is developed specifically for your work culture.  Otherwise, employees may feel undue scrutiny and lack of trust is insinuated.  Contact us to learn more.  

Have a 24/7 point person
Whether it’s a rotating schedule or one person, there has to be a “fixer” on speed dial to react if/when an attack is in progress.  Contact us if you wish to learn more how AppliedSense can take this worry away from you and your company.  

Education of employees
Just like internal threats above the education of employees is subjective based on the company culture.  It is highly recommended at least once a year (if not twice a year) to hold a “cybersecurity awareness training” with all staff.  Contact us below if you are interested in AppliedSense hosting a courtesy no-cost 15-minute webinar on this very topic.  Alternatively, have your employees engage in our online Cyber Hygiene Quiz (AppliedSenseOnline.com/quiz) to begin the company focus that cyber hygiene is everyone’s business.  

Protecting YOU:

A new kind of password
Use passphrase instead of single words/letters as passwords.  Alternatively, password utilities such as 1Password (https://1password.com) is a highly rated password keeper and generator and can be installed on all your PC and mobile devices.  

Verify: firewall, anti-malware (no freeware)
Aside from having a firewall and anti-malware solution installed on your PC and mobile devices, it’s considered good form to check regularly they are enabled.  Frequently a virus will attack these security settings first to comprise your data.  

Run your own full security scan
Similar to the above, run a full security scan of your systems regularly (recommended at least once every 90 days).

No personal, unencrypted files in your cloud storage
Cloud-based storage solutions are wonderful but are targets for anyone wanting a “big score.”  Store sensitive information only on physical media (e.g., encrypted flash drive) or use a service such as CertainSafe (https://certainsafe.com) to encrypt first and then upload to your preferred cloud solution.  

Two browser policy
Use one browser for personal and one browser for business and banking.  Recommendations would be Google Chrome (https://www.google.com/chrome/browser/desktop/index.html) and Firefox (https://www.mozilla.org/en-US/firefox/new/).  

Install updates
When Microsoft or Apple prompts you to install a security update proceed to do so as soon as possible.

Encrypt your sensitive files
Store sensitive information only on physical media (e.g., encrypted flash drive) or use a service such as CertainSafe (https://certainsafe.com) to encrypt first and then upload to your preferred cloud solution.  

VPNs
Never use free wifi hotspots.  It’s best to access your mobile phone as a hotspot, instead.  However, if you need to access a free hotspot never do so unless you have a VPN enabled.  Use a VPN service such as VyprVPN (https://www.goldenfrog.com/vyprvpn) on all your mobile and PC devices. 

Look for HTTPS
When entering in any sensitive information always look for the “S” in the website name.  An excellent article on the purpose of HTTPS can be found via the following link (https://www.entrepreneur.com/article/281633)

No credit cards stored in the browser
Most modern browsers will prompt you to save your credit card information in the browser so it will be easier the next time you wish to purchase something.  Always select “no”.  

Have “fixer” on speed dial
Whether it’s a rotating schedule or one person, there has to be a “fixer” on speed dial to react if/when an attack is in progress.  Contact us if you wish to learn more how AppliedSense can take this worry away from you and your company.  

Never trust emails
Whenever an email wants you to click on a link or enter in password/credentials, always be suspicious.  

Ignore pops-ups ALWAYS
When browsing the web never click on a pop up unless you are 100% sure it’s safe.  Instead, close the dialogue box and run a security scan immediately if you see the same pop-up more than once.  

Two-Step Verification
Services such as Gmail and iTunes allow you to receive a text message/one-time use code whenever you access your account.  If offered, enable this feature asap.  

USB ports =/= travel
Never plug your mobile device into a “courtesy” charging USB port when traveling.  This scenario is especially true in hotels and airports.  Instead, purchase a small backup battery and charge your mobile device this way when away from a physical power outlet.  Anker (anker.com) make great quality and well-priced battery packs and can be found on Amazon in various shapes and capacities.