October: ‘Tis the season of pumpkin spice lattes, hikes in a colorful forest, and all things cozy. Since 2004, October has also been Cybersecurity Awareness Month to provide much-needed information for individuals and organizations to protect themselves against online threats like phishing or data leaks. While you likely won’t see a horror film featuring a data breach, the risk of your member data being exposed is a terrifying prospect.
Data breaches are highly detrimental to organizations. Not only do you risk the trust of your members with mismanaged data, but you also risk a hefty price tag. IBM reports the average cost of a data breach was $4.35 million, and the average cost of a ransomware attack was $4.54 million.
Protect your association with strong data security and cybersecurity practices. Keep reading for tips on how to train your association staff and ways to celebrate Cybersecurity Awareness Month.
Ways to celebrate Cybersecurity Awareness Month and protect your association
When you make an effort to learn safe data security practices, your association will be less at risk for exposure. Here’s how to get started:
1. Enable a multi-factor authenticator. If your association doesn’t already use a multi-factor authenticator (MFA), now’s the time to adopt one. MFA keeps your association secure by requiring all staff and members to navigate through a two-step process to prove their identity. With the two-step process in MFA, your system security is greatly increased, and cybercriminals must work harder to hack into your records.
During Cybersecurity Awareness Month, ensure all your software systems including your association management software (AMS) utilize an MFA, taking the necessary steps to secure your member data.
2. Improve password practices. Keep your association protected by training your staff and members on the importance of using strong passwords. An example of a strong password includes at least 12 unique characters. It’s also wise not to use the same password for your work device that you use for a personal one.
During Cybersecurity Awareness Month, consider investing in a password manager at your organization. Password managers are tech solutions that help to keep staff accounts safe by generating secure passwords that meet all requirements. When you use a password manager, it stores all passwords and auto-fills all the necessary details when you arrive at a site.
3. Report phishing attempts. Phishing is the criminal practice of sending emails, direct messages, or social media posts with a bad link or an attachment with a virus. If someone at your association clicks on a phishing link, they can leak information to cybercriminals or install malware onto your company’s device.
The best way to combat phishing is to train your staff on how to recognize a phishing attempt. Offer clear examples so employees know the signs of phishing and how to report it when an attempt occurs. Explain to staff that being cautious about cybersecurity is the best practice. When in doubt, immediately report suspicious emails, direct messages, or social media posts to IT.
4. Update all software. The simplest way to secure your association’s data is to keep your system updated. Cybercriminals are always searching for vulnerabilities in a system to take advantage of outdated code and expose your data. To prevent this from happening, always upgrade your software, anytime an update is available.
Additionally, ensure your team schedules a software download directly from the source to prevent unlicensed versions carrying malicious code from taking over your system. Consider making your software updates automatic to protect all staff from cybersecurity threats. Or have IT send mass emails alerting staff about important software updates.
