top of page

3 Easy Cybersecurity Fixes That Can Save Your Bacon

I was sitting on my couch last night, thinking about cybersecurity (as one does...), and my mind began to wander through the archives of every breach I've responded to over the years. Each incident, each panicked call, and each moment of damage control played out in my mind like a movie. Amidst these reflections, a recurring theme began to emerge: a set of simple, often overlooked steps that could have been taken to either slow, stop, or otherwise mitigate the damage caused. It struck me that while a lot of this IT security stuff can often seem overwhelmingly complex, sometimes it's the basic measures that hold the key to robust protection. In this article, we'll delve into three such easy-to-implement steps that can be game-changers for your organization's security. Most importantly, all three can be accomplished in short order and are low cost or free.


1. Reserve Your Global Admin Account for Special Occasions


Most of us have the habit of using our primary email account for everything – from sending casual emails to managing critical business operations. However, this common practice can expose your business to unnecessary risks. Yes, I am talking about the email account you use every day that you also happen to use to manage your small companies cloud email system...


Why You Shouldn't Use Your Main Email for Managing Your Office 365 Tenant:

Increased Exposure: Using your primary email for management means it's frequently active and exposed, making it a prime target for cyberattacks. Simply having your email on your website or LinkedIn WILL make it a target.

Risk of Compromise: If your main email gets compromised, it could potentially grant attackers access to critical administrative functions. Phishing emails are getting more sophisticated daily, and with a matter of clicks your email account can be taken over.


Setting Up a Secondary Account for Office 365 Management:

1. Log into the Office 365 (or Google Workspace) admin center with your global admin account.

2. Navigate to the "Users" section and select “Active Users” or similar.

3. Click on “Add a user” and fill in the required details for your secondary account.

4. Assign the “Global Administrator” role (or similar) to this new account. It does not have an email license; this account will only be used to manage the tenant.

5. Finalize the setup and ensure you use this account exclusively for administrative tasks.

6. Don't forget to use this new account to remove admin permissions for your daily use account!


By separating your everyday email from your administrative tasks, you create an added layer of security, making it harder for potential attackers to gain access to critical functions.



2. Make Universal Multi-Factor Authentication (MFA) the Norm, Not the Exception


MFA is a simple yet powerful tool. By requiring two or more verification methods – something you know (password), something you have (a phone), or something you are (fingerprint) – MFA ensures that even if one method is compromised, attackers can't gain access.


Why MFA is Often Overlooked:

Perceived Complexity: Many assume setting up MFA is a complex task. However, most modern services and applications have made the process straightforward. You can install one authenticator app (such as MS Authenticator or Google Authenticator) and use it for just about every account you have.

Procrastination: The thought of "I'll do it next time" often translates to never getting around to it.


Pro-Tip, Prioritize Shared Accounts:

Shared accounts are frequently the most vulnerable as they're accessible by multiple users. and when something is everyone's responsibility, it's nobodies. Shared accounts are often the last to get MFA, and the first to be compromised. Ensuring these accounts have MFA enabled should be a top priority.


Action Steps:

1. Conduct a Review: List all your business accounts and check which ones have MFA enabled. All of them.

2. Prioritize: Start with shared accounts and those with administrative privileges.

3. Implement: Follow the specific platform's guidelines to set up MFA. As I mentioned, in most cases it is as simple as installing an app from the app store and scanning a QR code (you can do it!).


By making MFA a universal practice, you significantly reduce the chances of unauthorized access.


3. Back It Up: The Simplest Safety Net


Data is the lifeblood of modern businesses. Whether it's financial records, customer information, or critical business documents, losing data can be catastrophic and in some cases can cost a business everything.


The Simplicity of Backups:

Setting up a backup system doesn't have to be complex or expensive. From using a network-attached storage device with a free backup program to manually saving critical files on a hard drive once a week, the options are plenty. Moreover, cloud services like Microsoft OneDrive offer up to 5GB of free storage, making offsite backups even more accessible.


Why Backups Are Often Neglected:

Overconfidence: Many believe that data loss won't happen to them until it does. Remember, an untested backup is not a backup. The same is true for saving two copies of a file on the same system...


Perceived Complexity: Some assume that setting up backups is a technical and complex task, but the reality is that if you can drag and drop a file, you can perform a basic backup.


Action Steps:

1. Identify Critical Data: List down essential files and documents that your business can't operate without. Start with the things you touch every day.

2. Choose a Backup Method: Based on your business size and nature, decide on a backup method – cloud storage, physical devices, or both.

3. Schedule Regular Backups: Whether it's daily, weekly, or monthly, ensure you stick to a routine. Much of this can be automated, but manual backups are perfectly valid as long as they are accomplished on a schedule.


Key Takeaways


While the steps outlined above are relatively easy to implement, it's understandable that not everyone has the time or expertise to tackle them head-on. Moreover, these are just a handful of the myriad of measures that can be taken at little to no cost to strengthen your cybersecurity defenses. At NexTier, we recognize that every organization has unique needs and constraints. I would love the opportunity to discuss with you other budget-friendly solutions that can bolster your defenses. By taking proactive measures, we can work together to protect your organization from potential threats and ensure you're not the next victim. Reach out today!


Keywords: Cybersecurity, Global Admin Account, Office 365 Tenant, Multi-Factor Authentication (MFA), Shared Accounts, Backup System, Network-Attached Storage, Cloud Storage, Microsoft OneDrive, Data Loss, Cyberattack, NexTier, Budget-Friendly Solutions, Digital Landscape, Threat Mitigation.


4 views0 comments

Comments


bottom of page