Change passwords every 90 days. If you use the same password for everything (and you’ve been using that password for years), there’s a good chance that passwords and related usernames have been stolen. When you don’t change your password, you put yourself at HUGE risk. Thankfully, password managers like LastPass and 1Password make it easy to keep your passwords updated and secure.
Use two-factor authentication (2FA). Many services offer 2FA as an optional login feature. The problem is, they
can’t work if you don’t use them. There are many types of 2FA, such as SMS text verification, PINs and biometrics such as fingerprint or facial recognition.
Invest in employee education. Your team should always know what’s going on in the world of cyber security. They need to be very aware of phishing e-mails, fraudulent links and the importance of keeping their password updated. Understanding these topics means your team is better equipped to deal with these issues as they arise. Small Business Trends, 9/11/2019.