How to Keep your Data and Company Information Safe | CGS

Ibrahima Mbaye is the Chief Information Security Officer at CGS. His experience includes solidifying organizational strength through exceptional Security Governance, Risk Management and Security Program Development. 

Written by

Ibrahima Mbaye

Published

April 10, 2019

How to Keep your Data and Company Information Safe

Want tips on how to keep your data and the company's information safe? Here are some best practices from CGS Chief Information Security Officers (CISO) Ibrahima Mbaye: 

Passwords Security

Recently it has been announced that hundreds of millions of Facebook users had their accounts stored in plain text within Facebook’s internal data storage systems. This incident brings an important topic of discussion, password hygiene.

How do I protect myself?

The simplest way to protect yourself from cyber threats is by having a strong password and enabling multi-factor authentication. Doing this will protect you in the event your password is compromised, and the attacker will not be able to sign in to your account.

What should I do immediately?

We recommend changing your passwords to both Facebook, Instagram, and any account that shares the same password.

How do I practice good password hygiene?

1. Pick a strong and complex password for all your accounts. Password managers are highly encouraged (Personal LastPass accounts are free to store your personal data). These password managers allow you to create randomized passwords for each of your accounts.

2. Avoid reusing passwords across different services

3. Avoid the following common words:

Names

Birthdays

Phone numbers

Sports teams

Company information/Name

Obfuscation of a common word (P@$$w0rd)

4. Enable Multi-factor authentication wherever possible, use an authenticator if possible. Google authenticator or Lastpass Authenticator are some of the most secure and easy to use multi-factor authentication tools out there.

It’s very important to remember not to re-use passwords -- regardless of how strong it is – because once compromised attackers will try it on multiple systems to see if they will be able to successfully sign in. To see if any of your accounts have been part of a security breach or compromise you can use the website HaveIBeenPwned.com. We recommend that you change any password affected by a cybersecurity breach.

Additional resources:

 

BPO study reveals biggest challenges for growing tech companies