Top 4 for 2024: Cybersecurity Best Practices for the New Year

ExPost_CyberSecurity Best Practices

Make your cybersecurity resolutions for the new year with these best practices!

  1. Choose strong passwords

Associates should avoid the temptation to choose “easy” passwords or passwords with personal meanings, such as birthdays or pet names. Longer passwords with a combination of upper- and lowercase letters and symbols are safer. Associates may want to consider a password manager app that generates strong and unique passwords and safely stores them.

Associates are required to change their Exchange passwords every 90 days. They can do this by visiting passwordreset.aafes.com.

“Visiting passwordreset.aafes.com is the fastest and easiest way to change your password,” Exchange Security Operations Center Manager Marco Lai said. “It’s safe, secure and can be completed in about a minute.”

  1. Don’t go phishing

Associates should stay on the lookout for phishing emails or texts— attempts to access data by tricking people into clicking bad links. Associates should be wary of emails from unknown sources that contain links, especially if they have other suspicious factors, such as misspellings/bad grammar; offers that seem too good to be true; or language that’s urgent, alarming or threatening.

If associates fall prey to a phishing scheme, they should immediately alert IT Help Desk so the Security Team can ensure Exchange systems are safe. Lai also recommends resetting all passwords. “If you suspect that you’ve been compromised, the very first thing you should do is change your password,” he said. “Make it unique and make it hard so that you shut down the access for the bad actor.” 

  1. Multi-factor authentication

Associates can protect themselves with multi-factor authentication (MFA), which sends a push notification requiring verification when logging on to a device or signing into an account.

MFA is “probably the single most effective tool for protecting yourself online,” said Exchange data analyst Conner Vaughan.

  1. Keep software up to date

Software updates often include beefed-up protection over the previous version. Delaying updates can leave associates vulnerable to malware and spyware.

Associates should only download software and updates from verified sources. The device, software, or app developer itself should be sending updates, not anyone else. Beware of suspicious looking pop-ups urging you to download an update.

Leave a Comment





This site uses Akismet to reduce spam. Learn how your comment data is processed.