Top 10 Security Hygiene Tips

1. Do not allow browsers to store your password. Someone that gains access to your computer will be able to log in to your systems without knowing your passwords.
2. Enable MFA on EVERYTHING that will MFA. Biometric amazing, Push notification best, code from app next, SMS text message better than nothing. Password only, WORST.
3. Do not store passwords ANYWHERE that isn’t secure (excel spreadsheet, word document, text file) What is secure then? Always store passwords in reputable password manager with complex master password and (ideally 2fa)
4. Never email passwords, credit card numbers, bank accounts, PII, or healthcare information to other users, even in the same company. Always use secure, encrypted email (Bracket, OME, etc.) with expiration,
   passwords, and ideally only for intended user (email address) that has to be validated to get the information
5. Make sure that your computer is patched and the firewall is on. ALWAYS.
6. Don’t connect to a network you don’t know. If you must (doctor’s office, coffee shop), make sure it is legitimately their network and that you have the above (patching, firewall, EDR enabled) at all times.
7. Do NOT reuse passwords, ever. Even if you think it won’t be a problem. It will. Hackers will steal your password from one company and try it every where else that they can.
8. Use biometrics where possible (face, fingerprint)
9. When picking security questions, pick questions that very few people know the answers to, and not questions that can be looked up (your birthday, your kids names, etc.)
10. By default don’t click on ANYTHING in an email. That is the default. Do not trust emails even if it looks like it is from a known contact, especially if the email is out of the blue or not something you are waiting on.