Cyber Security Awareness

Get Ready: Develop a stacked approach

A tech stack should help you manage and streamline your digital life - personal or professional. But as the cybersecurity landscape rapidly evolves, so should your tech solutions.

Modernizing and auditing your tech stack

It’s easy to press “remind me later” on software updates. But outdated software and technology are the easiest target for bad actors, because a single vulnerability can be a pathway to your most sensitive information.

Regularly audit and modernize your tech stack to ensure all software and devices are updated. It's important that you or your employees know when software updates are readily available. Proactively set up devices and machines to auto-update so you have the latest OS version.

illustration_8col_article-scam-update-software-svg

Get Ready: De-risk your operations

Did you know that 9/10 people know they are engaging in risky behavior online, like reusing weak passwords or sharing sensitive credentials through unencrypted channels, but continue to do so?

When the majority of cyberattacks target human errors and poor password habits, businesses must provide employees with a better, more secure way to do their job. A password manager is the simplest, easiest way to de-risk your operation.

Improve your password habits

A password manager like LastPass makes it easy to create strong, unique passwords with a built-in password generator, plus manage, synchronize and access their passwords across all their devices and all browsers.

Passwords also require regular updates – 87% of services don't even know if they have had a data breach*. LastPass allows businesses to vet and spot reused and leaked employee passwords within a convenient security dashboard and dark web monitoring.

illustration_8col_password-generator-compact-svg

Be careful what and how you share

LastPass is the safest way to share passwords with family, friends, and coworkers, as you’ll be sharing them with trusted users through an encrypted network – instead of sharing through unencrypted channels like text message, email, or Slack.

illustration_8col_password-sharing-dialogue-svg

LastPass Families and Business admins also have greater control over sharing to ensure that only some users can access or have visibility to certain credentials.

For families, that could include sharing entertainment credentials with the whole family while only sharing financial passwords with their spouse. For businesses, admins can restrict user’s access to specific applications, so employees can’t log in to sensitive applications.

Get Ready: Build upon a foundation of multifactor authentication

While a strong password protects an account, a hacker could still gain access through phishing or social engineering. Multifactor authentication (MFA) adds another step to the login process to protect high-risk accounts and non-cloud apps like VPNs, workstations, and more.

Businesses can heighten security further with adaptive MFA, which requires a user to authenticate via contextual factors – location, device type, time of access, IP address – which are designated by IT admins.

illustration_8col_mfa-advanced-faceid-workstation-vault-svg

MFA is just the start, though. Build upon MFA by going passwordless with LastPass.

Passwordless login allows for more secure, friction-free logins to your LastPass vault. Desktop users can log in via the LastPass Authenticator app or FIDO2-certified authenticators, including device biometrics and hardware keys, while mobile users can leverage their mobile device’s integrated face or fingerprint ID tech to access their vault.

Get Ready: Shield against phishy business

How do you know if your old passwords meet modern security requirements? Do you know if your personal or professional credentials/information has been compromised and is being shared and sold on the dark web?

By pairing password management with cybersecurity education, you can keep your employees out of the dark and aware of their password health, behavior, and risks.

Monitor your at-risk passwords

The LastPass security dashboard is your digital security command center. From it you can monitor the strength of your passwords and remain alert of username-password combinations and email addresses which have been found to be compromised on the dark web.

illustration_8col_gray-security-dashboard-resolve-svg

From the dashboard, LastPass Families and Business admins get a holistic, overhead look at their entire account, where they can oversee and address users’ password behaviors. If a risk is identified, they can work to address and remediate as soon as possible.

Recognize and report phishing

Phishing, smishing (text or SMS), and vishing (voice call) attacks are getting increasingly elegant and harder to recognize – until after your data has been stolen.

Educate employees and family on the essentials:

Double-check a sender’s email address.
Look for poorly written or misspelled email copy.
Never accept MFA requests they didn’t initiate.
Report suspicious emails to IT.
Implement passwordless login or passkeys wherever possible

illustration_8col_autofill-against-phishing-mirror-scam-svg

Password managers like LastPass also won’t allow you to autofill credentials on scam or mirror websites, and provide passwordless login, which drastically reduces the threat landscape as you move away from using passwords altogether!

Sources:

IDC Inforbrief commissioned by LastPass: Enabling the Future of Work with EPM, Identity and Access Controls, 2022
LastPass: Psychology of Passwords, 2022