Unauthorized Access

Unauthorized Access is any access that violates the stated security policy. This can be done via an employee accidentally attempting to access a program that only administrators are allowed to access and run, or it can be done maliciously through hacking.

Source: CNSSI 4009

What Does This Mean for my SMB? 

It’s vital to ensure that your organization has policies and processes in place to ensure only authorized personnel are accessing your data and/or systems. Additionally, CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:

• Adopt a password manager for better personal/work password hygiene
• Require two-factor authentication on any SaaS solution or critical accounts
• Require 14+ character Passwords in your Governance Policies
• Train employees to spot and avoid email-based phishing attacks
• Check that employees can spot and avoid phishing emails by testing them
• Backup data using the 3-2-1 method
• Incorporate the Principle of Least Privilege
• Perform a risk assessment every two to three years

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

• Blog
• Cybrary (Cyber Library)
• Infographics
• Newsletters
• Press Releases
• Instructional Videos (HowTo) – very helpful for our SuperUsers!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’. Sign up for the monthly newsletter to help CyberHoot with their mission of making the world ‘More Aware and More Secure!’