October marks Cybersecurity Awareness Month, and while every month should focus on cybersecurity (in our humble opinion), there’s no better time to strengthen your business’s defenses. These days, any individual or organization can be a target, which means developing strong cybersecurity habits is crucial for safeguarding your company’s data and operations.
No matter your technical background or level of expertise, implementing these protocols can become second nature with a bit of practice. Whether you’re just getting started or need a refresher, every business owner should adopt these five essential cybersecurity habits to ensure lasting protection.
1. Practice Better Password Hygiene
Consider the following:
- To access their online accounts, the average person uses between 70 and 80 passwords.
- Remembering this many passwords is impossible for just about everyone.
- Reusing the same password across multiple accounts is one of the riskiest behaviors you can engage in when it comes to cybersecurity.
So, how do we reconcile the three? The answer lies, as it so often does, in technology.
Password managers mean that even if you’ve got hundreds of totally unique, fully fortified passwords, you’ll never have to struggle with searching for one again. Some managers are free, and they’re all easy to use. They also make accessing shared company logins much faster and more secure than messaging the credentials over Teams every time they’re needed.
Though password managers can create strong, randomized passwords for you, should you wish to create (or update) your own, there are a few key things to consider.
When you’re setting up a new password, you’ll typically be required to use:
- 8-12 characters minimum (12+ is advisable)
- A mixture of upper and lowercase
- Special characters (!?$%*&, etc.)
It’s also best practice to avoid information that could be found (or guessed easily)—via your social media accounts, some examples being:
- Names – of pets, spouses, children, friends, or your workplace
- Dates – birthdates and wedding anniversaries
- Adding ‘123’ – to default or existing passwords. The same goes for “1234”, “12345”, “123456”, “1234567”, and—well, you get the idea.
You can download our free password policy checklist here. And—we probably don’t have to tell you this—“password” is never a good choice.
2. Explore Encryption Solutions
If you ever imagined encryption as an action-packed scene from a spy thriller, the reality is a little underwhelming. Today’s data encryption doesn’t come with flashy codebreaking or high-stakes drama, but that’s exactly what makes it so powerful for businesses. While it may not satisfy your inner child’s thirst for adventure, this quiet, behind-the-scenes protection is a must for keeping your data safe.
Most email services now automatically encrypt your messages and data, making it difficult for hackers to access them whether they’re in transit or stored. And the best part? You won’t even notice it’s happening. Modern encryption is designed to work in the background, undetected, much like a skilled undercover agent who operates in silence but keeps your most valuable assets secure.
It’s not flashy, but reliable data encryption is one of the most reliable defensive tools a business can have in its arsenal.
3. Remember to Report Suspicious Messages
When it comes to cybersecurity, silent resignation gets your data stolen. When you think you’ve spotted the signs of a potential phishing attempt, don’t take it upon yourself to investigate. Leave those suspicious-seeming links alone and report the email or message as spam (there’s usually an option for this near the sender’s email address or username). Then, delete it.
Depending on your business’s established phishing procedures, it might also be worth letting your IT provider or security analysts know about the message, especially if it’s particularly convincing (i.e., it appears to be impersonating someone else at your company, a vendor, or a client), so they can warn your wider organization to be extra vigilant.
Here’s what to look out for:
- An unusual sender domain.
- Generic greetings – “Hello [recipient]”, for example.
- Password resets you haven’t requested.
- Mismatched fonts or characters that don’t match the rest of the text.
- An urgent or unexpected request you’d usually expect to be alerted about.
4. Layer Up Your Defenses
As far as cybersecurity’s concerned, relying on just one line of defense won’t cut it. A multi-layered approach—covering everything we outlined in this checklist—offers a much stronger shield against cyber threats. Think of it like locking both the front door and the windows to your business, ensuring every entry point is protected.
Multifactor Authentication (or MFA), for example, adds an extra verification step when logging in. In addition to entering your password, you’ll occasionally be asked to provide a second form of identification, like a One-Time Passcode sent to your phone. Why? Because your system has no way of knowing if it’s really you, a colleague or a cybercriminal trying to gain access.
By adding that extra layer of protection, even if someone has your password, they won’t get far without the additional verification step. It’s all about making sure your valuable data stays secure, no matter how persistent the threats.
5. Get with the Times
Those “an update is available” notifications never pop up at a convenient time, do they?
When you’re elbow deep in a quarterly report or racing to meet a deadline, it’s easy to click “remind me later” without a second thought. Often, it’s almost automatic. But it’s important not to let software updates fall into the “I’ll get around to it eventually” abyss, because—let’s be honest—you won’t. At least, not until a system shutdown forces you to, and that is most certainly not going to occur at a convenient time.
Make staying on top of updates less of a chore by turning on automatic updates where you can and scheduling them to occur outside of working hours where you can’t. If you’re already using cloud-based platforms, you’ve even less to worry about. These will automatically be updated as soon as new security patches and bug fixes are released—without you having to do a thing.
The secret is to treat updates as a simple, proactive defense measure rather than an annoying interruption, because keeping your systems current is one of the easiest ways to stay ahead of cyber threats.
Make October Your Most Cybersecure Month Yet
Of course, you shouldn’t stop making cybersecurity a focus when November 1 rolls around—but once you implement these steps consistently, carrying them through your business or personal accounts becomes automatic.
Let your efforts this month become your new normal, rather than an annual tradition, and ensure you stay cybersecure year-round. By committing to ongoing vigilance, you can protect your data, your business, and your peace of mind long after Cybersecurity Awareness Month has ended. The best defense is consistency—so keep these habits alive and make cybersecurity a permanent priority.
Anderson Technologies: Real People Creating Business-Changing IT Solutions
For over 25 years, Anderson Technologies has leveraged our expertise for the benefit of our clients, supplying them with suitable, secure IT and strategic guidance for their technological future.
We’re a dynamic team of IT professionals with over 200 years of combined experience and specialist certifications to back up our knowledge. As a trusted advisor, we don’t just focus on today. We strive to take your technology lightyears ahead of your competition and scale with your business’s success.
Ready to secure your business? Contact us today to get started.