Bitwardenブログ
Cybersecurity Advice for Small Businesses from the NCSC
The National Cyber Security Centre (NCSC) is currently highlighting cybersecurity advice for small and medium-sized businesses. Recognizing that many SMBs do not have a budget for a dedicated IT security team, the campaign shares practical recommendations for keeping data secure and preventing unauthorized access. On its SMB security web page, the NCSC notes: “there are some simple steps you can take to ensure you have the basics in place.” Indeed! In fact, the first two recommended actions listed for SMBs are appropriately password-centric:
Action 1: Use a strong and different password for your email using 3 random words
Action 2: Turn on 2-Step Verification (2SV) for your email
The web page goes on to offer a number of resources for SMBs to stay ‘cyber aware’. One of them is a PDF, practical tips for protecting your organization online. Overall, the PDF is very good:
Emphasizes the importance of creating different passwords for each account
Encourages the use of strong passwords
Recommends utilizing two-step verification
Recommends keeping all devices up-to-date
Encourages the backing up of data and key contacts
But, there’s one recommendation worth pausing over: that users should save passwords in their browser. Bitwarden advises individuals and organizations to look beyond their browser and instead prioritize stand-alone password managers. While any password manager is better than no password manager, the security built into third-party password managers is unparalleled. In some cases, browser-based password managers don’t use master passwords to encrypt all logins.
Further, the NCSC should consider recommending password managers directly on its web pages - versus requiring readers to download documents and comb through them. Password managers are a security gamechanger.
.avif?eu=d8dc55efb1c1a980096fa88060736938e66c52a2ad5631d23f65b6ad1da09b812dfa1f5022c672b77d3c08dcdae841b863c67a341ab8d88bc3ed1df3ec61f80052d15cea67b12506552dc6afe5a1574c6092485cf2839b0bf06e73d4e7b2b4221f54147dfe7fbe80e8ff3564b8d62a3be9b7a62e6391a270e0470800c14035b824f89ac12c47b39fe74aacf8bded5f9cdfa4784303c5ad6066684b5d06be6be1a4e40c2c7e2e5f5d6c8eec1ec02294f2581c695e3e0651923839a250bf7362c5b1f8a558dc2828e0fb9d32758596a681bf4ca52e24e7cd76acd0692e0c08b377f5e914949635425bee75acfa2ce34046721fc048e647758a7d1dd543cd8e31c67ca92c776a5eb7a35c04aee0963bcadf66f0be46db1dedea4d9c1acb73470aad&a=w%3D850%26h%3D387%26fm%3Davif%26q%3D75&cd=2022-06-22T22%3A39%3A38.166Z)
Overall Bitwarden Assessment: Good
Calls out importance of strong passwords
Cites need for 2FA/MFA to further support password security
Overall security advice is up-to-date
Could improve overall layout so password security advice is clear, digestible, and easy-to-find
Learn what advice other leading cybersecurity agencies offer, and how they compare, in The State of Password Security Report, released earlier this year.
Ready to try Bitwarden? Start a free business trial to help your team stay safe online or sign up for a free individual account.
この記事の内容:
ブログ一覧に戻る