New Industry Standards from Microsoft and NIST: Change Passwords when needed.

We all know it’s bad practice to use the same password for all your accounts. Previously, best practices included changing passwords every 90 days. Now, companies like Microsoft are recommending to only change your password when needed. You should continue to create complex and unique passwords for every account, and use secure password managers like LastPass or PassPortal to keep up with these.

Use two-factor authentication (2FA).

Many services offer 2FA as an optional login feature. The problem is, they can’t work if you don’t use them. There are many types of 2FA, such as SMS text verification, PINs and biometrics such as fingerprint or facial recognition.

Invest in employee education.

Your team should always know what’s going on in the world of cyber security. They need to be very aware of phishing e-mails, fraudulent links and the importance of keeping their password updated.

Understanding these topics means your team is better equipped to deal with these issues as they arise.

Small Business Trends, 9/11/2019.