In a recent White House memo, the Biden administration urged companies to take “immediate steps” to strengthen their defenses against ransomware attacks. According to the memo, aptly entitled “What we urge you to do to protect against the threat of ransomware,” deputy national security advisor Anne Neuberger outlines impactful steps to help companies focus and mitigate risk.
While these guidelines are directed to companies, when it comes to security, we are in this together. It helps all of us when the administration reinforces the message that cybersecurity is everybody’s responsibility.
As a company committed to improving online security, we would like to outline a three-prong framework Bitwarden calls the Triangle of Security Success, which connects password management, email, and authentication for a framework designed to help companies and employees strengthen their online defenses.
First, if you’re not already using a password manager, get started. Over the last year, we’ve seen our dependence on the internet intensify, for better or worse. The global pandemic abruptly shifted our lives indoors and online; even as we transition back to normalcy, there’s no better time to set safe and healthy online habits -- a password manager gets you started right away. There are valuable free tools available for all, so everyone should be able to add this to their internet security toolkit.
Second, start to think about your email account as more than just a digital mailbox in which you receive messages. Having an email account is the first step in launching a new password manager so just as some of us put locks on the physical mailboxes in front of our homes, it’s critical to protect your email account with two-factor authentication.
This leads to the third point: Implementing two-factor authentication for both your password manager and email. Two-factor authentication
(or two-step login) is an important security measure - it adds another layer of security in the form of an additional login step, in addition to your password.
Incidentally, the White House Executive Order also included multifactor authentication as a best practice because passwords are routinely compromised. If you rely on a single device for your authentication, you are not safe -- it’s important to run an authenticator on a second device. By verifying a second piece of information in addition to your password, two-factor authentication makes it harder for hackers to access your accounts through brute force attacks or cracking weak passwords.
Execution is the secret ingredient in all of this. The good news is that companies can help their employees adopt this three-prong approach, even without a dedicated cybersecurity team. It is one of the most important things security conscious employees can do to improve their online security. From there, incremental improvements become easier:
Continue to become familiar with each aspect of password management, email accounts, and authenticators.
Keep passwords separate from one another.
Make backups of passwords and recovery codes.
Test all backup and recovery approaches.
Bitwarden recommends this three-pronged approach for both security conscious employees and their organizations alike. As the cybersecurity landscape evolves, everyone needs to adjust and improve their approaches to protecting themselves and their organizations.
How to Set up Two-Factor Authentication. Visit our Help Center here.
List of authenticators to try:
Bitwarden Authenticator (included with Premium)
Stay Secure by Avoiding 7 Common Password Sharing Mistakes. Read the blog here.
Understand Why Employees Are at the Front Line of Enterprise Threat Prevention. Read the blog here.
Start a free 7-day trial for business plans at https://bitwarden.com/pricing/business/
Individuals can access a Bitwarden Premium Account for just $10/year or a free account at https://bitwarden.com/pricing/.