How to Go Beyond Basic Cybersecurity
Even as the cyber landscape continues to evolve, many best practices remain the same. “Patch all of your software, use two-factor authentication on every account that accepts it,” Falcone says, “and don’t click links or attachments that you weren’t expecting — all are still standard advice.”
Still, Falcone adds, the standard advice only works to a certain point.
“Learning safer ways to click can help mitigate those risks,” he said. “For example, opening attachments or websites using an iPhone, iPad or Chromebook can help keep exploits from attacking your computer, as there are fewer ways for a website or attachment to take over those specific devices.”
Another solution is to hold security awareness training with faculty and staff. According to Mimecast, employees who haven’t had a recent security awareness training are 5.2 times more likely to click on malicious links.
Get the Tools That Help Prevent Phishing
Multifactor authentication and the use of strong and frequently changed passwords have always been important. But these two routine practices are even more crucial today.
In May, the FBI and the Cybersecurity and Infrastructure Security Agency issued a warning that COVID-19 research organizations — including colleges and universities —are major targets for foreign espionage hackers.
“Using a security key such as a YubiKey as your second factor instead of a texted, one-time password can help a great deal with stopping sophisticated phishing attacks,” Falcone says. “The key verifies that you are talking to the real web page before logging you in.”
Since some phishing emails contain software that record a user’s online activities, increasing VPN capacity is another way to protect remote users from cyberthreats. However, because VPNs are not designed to handle the network connections of large remote workforces, it’s helpful to find a solution that increases VPN bandwidth.
Above all, it’s essential to consistently update all VPN software programs with the most current security patches. While it’s impossible to completely secure a network, taking these cautionary steps can significantly reduce security risks for higher ed institutions.