1. Update your software

It’s easy to press “remind me later” on software updates. But cyber attackers target old application vulnerabilities because a single weak spot is a pathway to your business’ most sensitive information.

Solution

Educate employees on the importance of software updates and notify them when new software updates are released. Proactively, set up their machines to auto-update OS updates.

Passwords also require regular updates – 87% of services don't even know if they have had a data breach*. LastPass allows businesses to vet and spot reused and leaked employee passwords within a convenient security dashboard.

2. Recognize and report phishing attacks

Phishing, smishing (text or SMS), and vishing (voice call) attacks are getting increasingly elegant and harder to recognize – until after your data has been stolen.

Solution

Educate employees on the essentials: double-check a sender’s email address, look for poorly written or misspelled email copy, never accept MFA requests they didn’t initiate, and report suspicious emails to IT. Password managers like LastPass also won’t allow you to autofill credentials on scam or mirror websites.

3. Use a password manager and always create strong passwords

Strong passwords are the first line of defense against cyberattacks. Unfortunately, employees often reuse weak passwords – they need over 100+ accounts to get their work done. But it can be difficult to memorize a secure password: one that is at least 16 characters long, made up of a unique mix of lower and upper case letters, symbols, and numbers.

Solution

A password manager like LastPass makes it easy for employees to create strong, unique passwords with a built-in password generator, plus manage and access their passwords across all their devices and all browsers.

4. Enable Multifactor-Authentication

While a strong password protects an account, there’s still a chance that a hacker could access it by force. Additional layers of authentication provide extra roadblocks to protect your business; without them, your cybersecurity is inadequate.

Solution

Turn on multifactor authentication (MFA) everywhere. MFA is especially essential for high-risk accounts or applications involving financial or legal data and non-cloud apps like VPNs, workstations, and more.

The LastPass Authenticator allows your business to employ MFA while letting employees go passwordless, making your cybersecurity much more robust and increasing employees’ user experience.

*Sources:

IDC Inforbrief commissioned by LastPass: Enabling the Future of Work with EPM, Identity and Access Controls, 2022

LastPass: Psychology of Passwords, 2021