Kevin Mitnick was a hacker that was eventually charged and prosecuted for wire fraud crimes. However, he left that life behind and began a career as a cybersecurity consultant for clients as prestigious as the US government and as well-known as Microsoft. He used those years of experience as a criminal to show others how to defend themselves against digital intrusions. According to CNBC, he has three important strategies for anyone interested in better cybersecurity.
Disciplined Password Management For CyberSecurity
For anyone that is still relying on passwords, while it may be inconvenient, the best way to increase security while still using these systems is to use “strong passwords.” Strong passwords are random strings of alphanumeric characters, making them impossible to guess.
The best way to handle multiple strong passwords is to use a password management system. Relying on an easy-to-remember or guess password or using the same strong password repeatedly leaves the user vulnerable to password theft.
Upgrade To NextLevel Multi-Factor Authentication
For those who want to take things a step further, switching to multi-factor authentication systems adds extra security layers. Traditional passwords have only one point of access. Producing the correct password grants total access. Multi-factor, as the name implies, adds additional layers of verification.
Multi-factor authentication can use additional variables, such as requiring an extra code inputted that is sent via text over a phone. Or it can eliminate passwords and codes, relying on biometrics such as voice, face, or fingerprint recognition and encrypted passkeys tied to a specific device such as a phone or laptop.
For the ultimate in security, a final tip, specifically relating to financial or other confidential data, is investing in specific devices used only for that purpose. This means buying a phone, tablet, laptop, or desktop computer and using only that device to access financial data, store confidential data, or even exclusively log into financial or confidential accounts on these devices.
While this is a more drastic method, having dedicated devices for protected data increases security by 98%. If these devices are never used for everyday computing activity and only ever activated and utilized for important data-related interactions, the odds of theft are dramatically lower. However, this does require more time and investment.
For most people, the more practical system is upgrading cybersecurity to a multi-factor authentication system, such as the standardized protocols used and offered by the FIDO alliance. If you’re interested in using the FIDO protocol and moving to a passwordless authentication system, read here to learn more.