TWINN #105 SME New Year’s Resolutions
Happy New Year 2023! I am doing something a little different today from most Monday mornings. Instead of sharing doom and gloom cyber security stories, of which there are plenty, mind you, I thought to share some potential New Year’s Resolutions for small to medium enterprises, and if you can checkmark all 5 of these, then you’re well on your way from a cyber security point of view!
Let’s jump right in.
Table of Contents
New Years Resolutions for Small & Medium Enterprises
- Use a Password manager. Password management isn’t going away despite the bad year at LastPass. 1password, for example, has stood the test of time; it’s made in Canada and has proven resilience beyond any other tool we’ve seen. It handles passwords and has a built-in token feature for services that support one-time tokens. To make it reasonably affordable, there are Teams and Family plans available.
- MFA everything. If an online or internal service supports multi-factor authentication, use it. With proper password management, it does make it extremely elegant. 1password, for example, can auto-complete your MFA tokens for you, and you don’t need to open up your authenticator app.
- Disable unnecessary accounts and access. Disable old email accounts, any rarely-used services, computer accounts, and server accounts for people no longer at the company, and then follow it up with an official offboarding process that is as detail-oriented as the onboarding process. If you offer any API keys to integration points, those need to be reviewed.
- 3-2-1 Rule for Data Backups. Three copies of your data are on two different media, and one is off-site. It is simple to understand, and its value will be clear in your future incident response project.
- Zero Trust connectivity. When your thermostat is hijacked, make sure it cannot do any damage. Even advanced persistent threats cannot reach their Command and Control infrastructure when a network is properly segmented and egress controlled using automated, AI-driven Zero Trust connectivity. Furthermore, it is the only way to kill all phishing links from ever working.
Suppose you can put a checkmark across these five New Year’s resolutions. In that case, you’re well on your way to focusing on building the more exciting aspects of your business: growing your topline, growing your bottom line, maintaining a leading-edge status, and helping your family!
Did you know?
I didn’t mention endpoint security in the above list because you already have that, right? Right?