Cybersecurity Awareness Month (Cyber Month) is an internationally recognized campaign held each October to help the public learn more about the importance of cybersecurity. The campaign helps Canadians stay secure online by teaching them simple steps to protect themselves and their devices.
Cyber security events continue to grow at a rapid rate. In a time where the internet plays a critical role in the personal and professional life of all Canadians, the need for increased cybersecurity awareness is paramount. It is important to understand that every person in your organization plays an important role in keeping your organization free from potential cyber threats.
We asked our own IT team here at CanadaHelps what some of their easy-to-implement and practical advice for charitable organizations would be to reduce chances of becoming victims of a cyber threat.
1. Use a strong email password.
You would be surprised by how many people use “123456” as their password. Creating strong passwords is an easy way to improve your cyber security. Strong passwords include one uppercase letter, one lowercase letter, at least one number and 11 or more characters. Be sure to use different passwords for different accounts.
2. Use two-factor authentication.
If an attacker manages to gain access to your password, they’d be stopped by your two-factor authentication. Two-factor authentication (2FA) is a method of authentication that requires the user to prove their identity in two ways before they can use any application or organization resources. Two-factor authentication makes it more difficult for the ordinary criminal to steal your information.
With 2FA, the first factor is your strong password and the second is a code that would be sent to you by SMS, email or voice calls.
Setting up 2FA for everything might be time consuming, so why not try starting with your email and moving to other applications from there. For help setting up 2FA on your email, please contact your email provider for assistance or consult their FAQ/tutorial articles.
3. Look out for “Phishing Emails”.
The purpose of a phishing email is to obtain information about you, your organization, or to infect your device with malware. Be wary of all unsolicited emails that request your financial or personal details, lead you to click on links and download software, or those that impersonate a member of your family, a close acquaintance, or a coworker. The most common phishing emails are ones that claim that they’re from the service providers you use—such as your bank, Microsoft or PayPal.
4. Don’t open attachments if you are not expecting them.
This cannot be stressed enough. If you receive an attachment in an email from someone you do not know, be very suspicious. If you receive an email with an attachment from someone you do know and were not expecting it, still be suspicious. You can always contact your friend, co-worker or family member that sent the email and ask them if they sent you the message with an attachment to confirm if it is safe to open. Additionally, you should scan any attachments with an antivirus program if possible.
5. Be careful of public WiFi.
Try to avoid using public WiFi networks. These are rarely safe and attackers can often pose as free wifi spots and steal your passwords and banking info.
6. Change your passwords often.
One of the simplest email security practices is to change your passwords on a regular basis. If you suspect your password is being used by someone else, change it immediately.
It’s vital that we all stay informed about how to prevent breaches and defend ourselves and our organizations. Staying informed about cyber events and crimes enhances our knowledge of cybersecurity and enables us to protect ourselves and our workplace more effectively.
It can be overwhelming to learn about cybersecurity and incorporate good security practices into your organization. But remember, you can implement proper cyber hygiene from the list above in increments that work best for your staff and organization.