<!DOCTYPE html> <html lang="en-us" dir="ltr" prefix="content: http://purl.org/rss/1.0/modules/content/ dc: http://purl.org/dc/terms/ foaf: http://xmlns.com/foaf/0.1/ og: http://ogp.me/ns# rdfs: http://www.w3.org/2000/01/rdf-schema# schema: http://schema.org/ sioc: http://rdfs.org/sioc/ns# sioct: http://rdfs.org/sioc/types# skos: http://www.w3.org/2004/02/skos/core# xsd: http://www.w3.org/2001/XMLSchema# " class="page-en"> <head> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-MGR7P8X');</script> <script async src="https://www.googletagmanager.com/gtag/js?id=G-B1V8SZE3GL"></script> <script>window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-B1V8SZE3GL');</script> <script>(function(){var a=window.mutiny=window.mutiny||{};if(!window.mutiny.client){a.client={_queue:{}};var b=["identify","trackConversion"];var c=[].concat(b,["defaultOptOut","optOut","optIn"]);var d=function factory(c){return function(){for(var d=arguments.length,e=new Array(d),f=0;f<d;f++){e[f]=arguments[f]}a.client._queue[c]=a.client._queue[c]||[];if(b.includes(c)){return new Promise(function(b,d){a.client._queue[c].push({args:e,resolve:b,reject:d})})}else{a.client._queue[c].push({args:e})}}};c.forEach(function(b){a.client[b]=d(b)})}})();</script> <script data-cfasync="false" src="https://client-registry.mutinycdn.com/personalize/client/d454424c4514a20a.js"></script> <meta charset="utf-8" /> <meta name="description" content="As 2018 quickly comes to a close, it’s important to be prepared for both existing and emerging cybersecurity threats in 2019. Based on what we know of 2018’s top cyberattacks and insider threat inc..." /> <link rel="shortlink" href="https://www.proofpoint.com/us/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <link rel="canonical" href="https://www.proofpoint.com/us/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <link rel="image_src" href="https://www.proofpoint.com/sites/default/files/styles/metatag/public/blog-banners/pfpt-itm-blog-banner-3.jpg?itok=rfzCp93F" /> <link rel="icon" href="/themes/custom/proofpoint/apps/drupal/favicon.ico" /> <link rel="mask-icon" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon.svg" /> <link rel="icon" sizes="16x16" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-16x16.png" /> <link rel="icon" sizes="32x32" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-32x32.png" /> <link rel="icon" sizes="96x96" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-96x96.png" /> <link rel="icon" sizes="192x192" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-192x192.png" /> <link rel="apple-touch-icon" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-60x60.png" /> <link rel="apple-touch-icon" sizes="72x72" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-72x72.png" /> <link rel="apple-touch-icon" sizes="76x76" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-76x76.png" /> <link rel="apple-touch-icon" sizes="114x114" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-114x114.png" /> <link rel="apple-touch-icon" sizes="120x120" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-120x120.png" /> <link rel="apple-touch-icon" sizes="144x144" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-144x144.png" /> <link rel="apple-touch-icon" sizes="152x152" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-152x152.png" /> <link rel="apple-touch-icon" sizes="180x180" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-180x180.png" /> <link rel="apple-touch-icon-precomposed" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-57x57.png" /> <link rel="apple-touch-icon-precomposed" sizes="72x72" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-72x72.png" /> <link rel="apple-touch-icon-precomposed" sizes="76x76" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-76x76.png" /> <link rel="apple-touch-icon-precomposed" sizes="114x114" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-114x114.png" /> <link rel="apple-touch-icon-precomposed" sizes="120x120" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-120x120.png" /> <link rel="apple-touch-icon-precomposed" sizes="144x144" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-144x144.png" /> <link rel="apple-touch-icon-precomposed" sizes="152x152" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-152x152.png" /> <link rel="apple-touch-icon-precomposed" sizes="180x180" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-180x180.png" /> <meta property="og:site_name" content="Proofpoint" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://www.proofpoint.com/us/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <meta property="og:title" content="10 Essential Cybersecurity Best Practices | Proofpoint US" /> <meta property="og:description" content="As 2018 quickly comes to a close, it’s important to be prepared for both existing and emerging cybersecurity threats in 2019. Based on what we know of 2018’s top cyberattacks and insider threat inc..." /> <meta property="og:image" content="https://www.proofpoint.com/sites/default/files/styles/metatag/public/blog-banners/pfpt-itm-blog-banner-3.jpg?itok=rfzCp93F" /> <meta property="og:image:url" content="https://www.proofpoint.com/sites/default/files/styles/metatag/public/blog-banners/pfpt-itm-blog-banner-3.jpg?itok=rfzCp93F" /> <meta property="og:image:secure_url" content="https://www.proofpoint.com/sites/default/files/styles/metatag/public/blog-banners/pfpt-itm-blog-banner-3.jpg?itok=rfzCp93F" /> <meta property="article:published_time" content="2020-09-18T12:27:29-07:00" /> <meta property="article:modified_time" content="2023-06-23T03:37:28-07:00" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:description" content="As 2018 quickly comes to a close, it’s important to be prepared for both existing and emerging cybersecurity threats in 2019. Based on what we know of 2018’s top cyberattacks and insider threat inc..." /> <meta name="twitter:title" content="10 Essential Cybersecurity Best Practices | Proofpoint US" /> <meta name="twitter:site" content="@proofpoint" /> <meta name="twitter:url" content="https://www.proofpoint.com/us/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <meta name="twitter:image" content="https://www.proofpoint.com/sites/default/files/styles/metatag/public/blog-banners/pfpt-itm-blog-banner-3.jpg?itok=rfzCp93F" /> <script data-cfasync="false" type="text/javascript" id="vwoCode">window._vwo_code=window._vwo_code || (function() { var account_id=767242, version=1.3, settings_tolerance=2000, library_tolerance=2500,z use_existing_jquery=false, is_spa=1, hide_element='body', /* DO NOT EDIT BELOW THIS LINE */ f=false,d=document,code={use_existing_jquery:function(){return use_existing_jquery},library_tolerance:function(){return library_tolerance},finish:function(){if(!f){f=true;var e=d.getElementById('_vis_opt_path_hides');if(e)e.parentNode.removeChild(e)}},finished:function(){return f},load:function(e){var t=d.createElement('script');t.fetchPriority='high';t.src=e;t.type='text/javascript';t.innerText;t.onerror=function(){_vwo_code.finish()};d.getElementsByTagName('head')[0].appendChild(t)},init:function(){window.settings_timer=setTimeout(function(){_vwo_code.finish()},settings_tolerance);var e=d.createElement('style'),t=hide_element?hide_element+'{opacity:0 !important;filter:alpha(opacity=0) !important;background:none !important;}':'',i=d.getElementsByTagName('head')[0];e.setAttribute('id','_vis_opt_path_hides');e.setAttribute('nonce',document.querySelector('#vwoCode').nonce);e.setAttribute('type','text/css');if(e.styleSheet)e.styleSheet.cssText=t;else e.appendChild(d.createTextNode(t));i.appendChild(e);this.load('https://dev.visualwebsiteoptimizer.com/j.php?a='+account_id+'&u='+encodeURIComponent(d.URL)+'&f='+ +is_spa+'&vn='+version);return settings_timer}};window._vwo_settings_timer = code.init();return code;}());</script> <meta name="facebook-domain-verification" content="l349mr2tyecyl7w3a1146378lqxru1" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/proofpoint.woff2" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/RobotoCondensed-Regular-webfont.woff" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/fjalla-one-v7-latin-regular.woff" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/fjalla-one-v7-latin-regular.woff2" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/RobotoCondensed-Bold-webfont.woff" as="font" crossorigin="anonymous" /> <link rel="alternate" hreflang="en-us" href="https://www.proofpoint.com/us/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <link rel="alternate" hreflang="en-gb" href="https://www.proofpoint.com/uk/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <link rel="alternate" hreflang="en-au" href="https://www.proofpoint.com/au/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" /> <title>10 Essential Cybersecurity Best Practices | Proofpoint US</title> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_SzsfcKm17EaxTSftk5pG4vhuvmtTMk2JTGHvDvyHSOU.css?delta=0&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg" /> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_xtwkx-3ds_kVQrgpKPSIYtIc4jyjQ39tqgK3sbUuO7I.css?delta=1&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg" /> <script src="/sites/default/files/js/js_Wi8RdyzDF-uwGcwq9eMv1Giiu7RfMo7nYneG5kg6rd4.js?scope=header&amp;delta=0&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg"></script> <script src="https://platform-api.sharethis.com/js/sharethis.js#property=6543fd1a2398960013d900a7&amp;product=inline-share-buttons&amp;source=platform"></script> </head> <body class="path-node"> <a href="#main-content" class="visually-hidden focusable"> Skip to main content </a> <div class="limit-width-wrapper"> <div class="dialog-off-canvas-main-canvas" data-off-canvas-main-canvas> <div class="header-nav__spacer"></div> <div class="header-nav js-is-top"> <div class="header-nav__extra"> <div class="header-nav__extra-wrap"> <div class="header-nav__top-language" data-open="content:x_lng"> <span>English (Americas)</span> </div> <div class="header-nav__actions"> <div class="header-nav__top-search" data-open="content:x_sch"> <span>Search</span> </div> <div class="header-nav__top-login" data-open="content:x_lgn"> <span>Login</span> </div> </div> </div> </div> <div class="header-nav__main"> <div class="header-nav__main-wrap"> <div class="header-nav__expand" data-open="home"></div> <ul class="header-nav__top-links"> <li class="header-nav__top-link"> <div data-open="content:platform_panel" class="header-nav__top-link-text"> Platform </div> </li> <li class="header-nav__top-link"> <div data-open="content:products_panel" class="header-nav__top-link-text"> Products </div> </li> <li class="header-nav__top-link"> <div data-open="content:solutions_panel" class="header-nav__top-link-text"> Solutions </div> </li> </ul> <a href="/us" class="header-nav__logo">Proofpoint</a> <div class="header-nav__buttons"> <a href=/us/contact class="global-elements__cta-button--outline header-nav__button" > <span>Contact</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> <div class="header-nav__mobile-actions"> <div class="header-nav__mobile-search" data-open="content:x_sch">Search</div> <div class="header-nav__mobile-menu" data-open="home"></div> </div> </div> </div> </div> <div class="header-nav__menu"> <div class="header-nav__menu-wrapper"> <div class="header-nav__menu-close"></div> <div class="header-nav__menu-pane" data-home={true}> <ul class="header-nav__home-links"> <li class="header-nav__home-link" data-open="content:platform_panel" ><span>Platform</span></li> <li class="header-nav__home-link" data-open="content:products_panel" ><span>Products</span></li> <li class="header-nav__home-link" data-open="content:solutions_panel" ><span>Solutions</span></li> <li class="header-nav__home-link" data-open="content:partners_panel" ><span>Partners</span></li> <li class="header-nav__home-link" data-open="content:resources_panel" ><span>Resources</span></li> <li class="header-nav__home-link" data-open="content:company_panel" ><span>Company</span></li> </ul> <div class="header-nav__menu-extras"> <div class="header-nav__menu-search" data-open="content:x_sch">Search</div> <div class="header-nav__menu-login" data-open="content:x_lgn">Login</div> <div class="header-nav__menu-language" data-open="content:x_lng">English (Americas)</div> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Platform"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Platform</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Products"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Products</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Solutions"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Solutions</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Partners"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Partners</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Resources"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Resources</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Company"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Company</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-content="products_panel"> <div class="header-nav__content"> <a href="/us/products/protect-people" class="header-nav__content-link-group-anchor"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Protect People</div> <div class="header-nav__content-group-desc">Multi-layered, adaptive defenses for threat detection, impersonation, and supplier risk.</div> </div> </a> <div class="header-nav__content-link"> <a href="/us/products/threat-defense" class="header-nav__content-link-text">Email Security</a> </div> <div class="header-nav__content-link"> <a href="/us/products/impersonation-protection" class="header-nav__content-link-text">Impersonation Protection</a> </div> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:products_more_tp_products_panel">More products</a> </div> <a href="/us/products/defend-data" class="header-nav__content-link-group-anchor"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Defend Data</div> <div class="header-nav__content-group-desc">Transform your information protection with a human-centric, omni-channel approach.</div> </div> </a> <div class="header-nav__content-link"> <a href="/us/products/data-loss-prevention" class="header-nav__content-link-text">Enterprise DLP</a> </div> <div class="header-nav__content-link"> <a href="/us/products/adaptive-email-dlp" class="header-nav__content-link-text">Adaptive Email DLP</a> </div> <div class="header-nav__content-link"> <a href="/us/products/insider-threat-management" class="header-nav__content-link-text">Insider Threat Management</a> </div> <div class="header-nav__content-link"> <a href="/us/products/compliance-and-archiving" class="header-nav__content-link-text">Intelligent Compliance</a> </div> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Mitigate Human Risk</div> <div class="header-nav__content-group-desc">Unlock full user risk visibility and drive behavior change.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/mitigate-human-risk" class="header-nav__content-link-text">Security Awareness</a> </div> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Augment Your Capabilities</div> </div> <div class="header-nav__content-link"> <a href="/us/products/premium-services" class="header-nav__content-link-text">Managed Services</a> </div> <div class="header-nav__content-link"> <a href="/us/products/packages" class="header-nav__content-link-text">Product Packages</a> </div> <div class="header-nav__content-link-spacer"></div> </div> </div> <div class="header-nav__menu-pane" data-content="products_more_tp_products_panel"> <div class="header-nav__content"> <div class="header-nav__content-heading">More Protect People Products</div> <div class="header-nav__content-link"> <a href="/us/products/identity-protection" class="header-nav__content-link-text">Account Take-Over and Identity Protection</a> <div class="header-nav__content-link-desc">Secure vulnerable identities, stop lateral movement and privilege escalation.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/adaptive-email-security" class="header-nav__content-link-text">Adaptive Email Security</a> <div class="header-nav__content-link-desc">Stop more threats with a fully integrated layer of behavioral AI.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/email-security-and-protection/secure-email-relay" class="header-nav__content-link-text">Secure Email Relay</a> <div class="header-nav__content-link-desc">Secure your application email and accelerate DMARC implementation</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="solutions_panel"> <div class="header-nav__content"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Solutions by Use Case</div> <div class="header-nav__content-group-desc">How Proofpoint protects your people and data.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/email-authentication-with-dmarc" class="header-nav__content-link-text">Authenticate Your Email</a> <div class="header-nav__content-link-desc">Protect your email deliverability with DMARC.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/combat-email-and-cloud-threats" class="header-nav__content-link-text">Combat Email and Cloud Threats</a> <div class="header-nav__content-link-desc">Protect your people from email and cloud threats with an intelligent and holistic approach.</div> </div> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:solutions_by_use_case_panel">More use cases</a> </div> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Solutions by Industry</div> <div class="header-nav__content-group-desc">People-centric solutions for your organization.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/federal" class="header-nav__content-link-text">Federal Government</a> <div class="header-nav__content-link-desc">Cybersecurity for federal government agencies.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/state-and-local-government" class="header-nav__content-link-text">State and Local Government</a> <div class="header-nav__content-link-desc">Protecting the public sector, and the public from cyber threats.</div> </div> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:solutions_by_industry_panel">More industries</a> </div> <a href="/us/compare" class="header-nav__content-link-group-anchor"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Comparing Proofpoint</div> <div class="header-nav__content-group-desc">Evaluating cybersecurity vendors? Check out our side-by-side comparisons.</div> </div> </a> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:compare_proofpoint_panel">View comparisons</a> </div> </div> </div> <div class="header-nav__menu-pane" data-content="solutions_by_use_case_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Solutions By Use Case</h3> <div class="header-nav__content-heading">How Proofpoint protects your people and data.</div> <div class="header-nav__content-link"> <a href="/us/solutions/change-user-behavior" class="header-nav__content-link-text">Change User Behavior</a> <div class="header-nav__content-link-desc">Help your employees identify, resist and report attacks before the damage is done.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/combat-data-loss-and-insider-risk" class="header-nav__content-link-text">Combat Data Loss and Insider Risk</a> <div class="header-nav__content-link-desc">Prevent data loss via negligent, compromised and malicious insiders.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/enable-intelligent-compliance" class="header-nav__content-link-text">Modernize Compliance and Archiving</a> <div class="header-nav__content-link-desc">Manage risk and data retention needs with a modern compliance and archiving solution.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/protect-cloud-apps" class="header-nav__content-link-text">Protect Cloud Apps</a> <div class="header-nav__content-link-desc">Keep your people and their cloud apps secure by eliminating threats and data loss.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/prevent-loss-from-ransomware" class="header-nav__content-link-text">Prevent Loss from Ransomware</a> <div class="header-nav__content-link-desc">Learn about this growing threat and stop attacks by securing ransomware&#039;s top vector: email.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/secure-microsoft-365" class="header-nav__content-link-text">Secure Microsoft 365</a> <div class="header-nav__content-link-desc">Implement the best security and compliance solution for Microsoft 365.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="solutions_by_industry_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Solutions By Industry</h3> <div class="header-nav__content-heading">People-centric solutions for your organization.</div> <div class="header-nav__content-link"> <a href="/us/solutions/higher-education-security" class="header-nav__content-link-text">Higher Education</a> <div class="header-nav__content-link-desc">A higher level of security for higher education.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/financial-services-and-insurance" class="header-nav__content-link-text">Financial Services</a> <div class="header-nav__content-link-desc">Eliminate threats, build trust and foster growth for your organization.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/healthcare-information-security" class="header-nav__content-link-text">Healthcare</a> <div class="header-nav__content-link-desc">Protect clinicians, patient data, and your intellectual property against advanced threats.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/mobile-message-security-solutions-for-service-providers" class="header-nav__content-link-text">Mobile Operators</a> <div class="header-nav__content-link-desc">Make your messaging environment a secure environment.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/email-security-solutions-for-service-providers" class="header-nav__content-link-text">Internet Service Providers</a> <div class="header-nav__content-link-desc">Cloudmark email protection.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/protection-compliance-small-business" class="header-nav__content-link-text">Small and Medium Businesses</a> <div class="header-nav__content-link-desc">Big-time security for small business.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="compare_proofpoint_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Proofpoint vs. the competition</h3> <div class="header-nav__content-heading">Side-by-side comparisons.</div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-abnormal-security" class="header-nav__content-link-text">Proofpoint vs. Abnormal Security</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-mimecast" class="header-nav__content-link-text">Proofpoint vs. Mimecast</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-cisco" class="header-nav__content-link-text">Proofpoint vs. Cisco</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-microsoft" class="header-nav__content-link-text">Proofpoint vs Microsoft</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-microsoft-purview" class="header-nav__content-link-text">Proofpoint vs. Microsoft Purview</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-legacy-dlp" class="header-nav__content-link-text">Proofpoint vs. Legacy DLP</a> </div> </div> </div> <div class="header-nav__menu-pane" data-content="partners_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Partners</h3> <div class="header-nav__content-heading">Deliver Proofpoint solutions to your customers.</div> <a href=https://partners.proofpoint.com class="global-elements__cta-button header-nav__content-button" > <span>Channel Partners</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/partners/trusted-data-solutions-partnership" class="header-nav__content-link-text">Archive Extraction Partners</a> <div class="header-nav__content-link-desc">Learn about Extraction Partners.</div> </div> <div class="header-nav__content-link"> <a href="/us/global-system-integrator-gsi-and-global-managed-service-provider-msp-partners" class="header-nav__content-link-text">GSI and MSP Partners</a> <div class="header-nav__content-link-desc">Learn about our global consulting.</div> </div> <div class="header-nav__content-link"> <a href="/us/partners/technology-alliance-partners" class="header-nav__content-link-text">Technology and Alliance Partners</a> <div class="header-nav__content-link-desc">Learn about our relationships.</div> </div> <div class="header-nav__content-link"> <a href="/us/partners/digital-risk-and-compliance-partners" class="header-nav__content-link-text">Social Media Protection Partners</a> <div class="header-nav__content-link-desc">Learn about the technology and....</div> </div> <div class="header-nav__content-link"> <a href="/us/channel-partners-small-and-medium-business" class="header-nav__content-link-text">Proofpoint Essentials Partner Programs</a> <div class="header-nav__content-link-desc">Small Business Solutions .</div> </div> <div class="header-nav__content-link"> <a href="https://partners.proofpoint.com/prm/English/s/applicant" class="header-nav__content-link-text">Become a Channel Partner</a> </div> </div> </div> <div class="header-nav__menu-pane" data-content="resources_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Resources</h3> <div class="header-nav__content-heading">Find reports, webinars, blogs, events, podcasts and more.</div> <a href=/us/resources class="global-elements__cta-button header-nav__content-button" > <span>Resource Library</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/blog" class="header-nav__content-link-text">Blog</a> <div class="header-nav__content-link-desc">Keep up with the latest news and happenings.</div> </div> <div class="header-nav__content-link"> <a href="/us/webinars" class="header-nav__content-link-text">Webinars</a> <div class="header-nav__content-link-desc">Browse our webinar library to learn about the latest threats, trends and issues in cybersecurity.</div> </div> <div class="header-nav__content-link"> <a href="/us/cybersecurity-academy" class="header-nav__content-link-text">Cybersecurity Academy</a> <div class="header-nav__content-link-desc">Earn your certification to become a Proofpoint Certified Guardian.</div> </div> <div class="header-nav__content-link"> <a href="/us/podcasts" class="header-nav__content-link-text">Podcasts</a> <div class="header-nav__content-link-desc">Learn about the human side of cybersecurity.</div> </div> <div class="header-nav__content-link"> <a href="/us/new-perimeters" class="header-nav__content-link-text">New Perimeters Magazine</a> <div class="header-nav__content-link-desc">Get the latest cybersecurity insights in your hands.</div> </div> <div class="header-nav__content-link"> <a href="/us/threat-reference" class="header-nav__content-link-text">Threat Glossary</a> <div class="header-nav__content-link-desc">Learn about the latest security threats.</div> </div> <div class="header-nav__content-link"> <a href="/us/events" class="header-nav__content-link-text">Events</a> <div class="header-nav__content-link-desc">Connect with us at events to learn how to protect your people and data from ever-evolving threats.</div> </div> <div class="header-nav__content-link"> <a href="/us/customer-stories" class="header-nav__content-link-text">Customer Stories</a> <div class="header-nav__content-link-desc">Read how our customers solve their most pressing cybersecurity challenges.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="company_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Company</h3> <div class="header-nav__content-heading">Proofpoint protects organizations' greatest assets and biggest risks: their people.</div> <a href=/us/company/about class="global-elements__cta-button header-nav__content-button" > <span>About Proofpoint</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/why-proofpoint" class="header-nav__content-link-text">Why Proofpoint</a> <div class="header-nav__content-link-desc">Learn about our unique people-centric approach to protection.</div> </div> <div class="header-nav__content-link"> <a href="/us/company/careers" class="header-nav__content-link-text">Careers</a> <div class="header-nav__content-link-desc">Stand out and make a difference at one of the world&#039;s leading cybersecurity companies.</div> </div> <div class="header-nav__content-link"> <a href="/us/newsroom" class="header-nav__content-link-text">News Center</a> <div class="header-nav__content-link-desc">Read the latest press releases, news stories and media highlights about Proofpoint.</div> </div> <div class="header-nav__content-link"> <a href="/us/legal/trust" class="header-nav__content-link-text">Privacy and Trust</a> <div class="header-nav__content-link-desc">Learn about how we handle data and make commitments to privacy and other regulations.</div> </div> <div class="header-nav__content-link"> <a href="/us/legal/esg" class="header-nav__content-link-text">Environmental, Social, and Governance</a> <div class="header-nav__content-link-desc">Learn how we apply our principles to positively impact our community.</div> </div> <div class="header-nav__content-link"> <a href="/us/support-services" class="header-nav__content-link-text">Support</a> <div class="header-nav__content-link-desc">Access the full range of Proofpoint support services.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="platform_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Platform</h3> <div class="header-nav__content-heading">Discover the Proofpoint human-centric platform.</div> <a href=/us/platform class="global-elements__cta-button header-nav__content-button" > <span>Learn More</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/platform/nexus" class="header-nav__content-link-text">Proofpoint Nexus</a> <div class="header-nav__content-link-desc">Detection technologies to protect people and defend data.</div> </div> <div class="header-nav__content-link"> <a href="/us/platform/zen" class="header-nav__content-link-text">Proofpoint Zen</a> <div class="header-nav__content-link-desc">Protect and engage users wherever they work.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="x_sch"> <div class="header-nav__content"> <div class="header-nav__content-title--search"> Search Proofpoint </div> <div class="header-nav__search"> <form class="header-nav__search-form"> <input type="text" class="header-nav__search-input" placeholder=""> <input type="submit" class="header-nav__search-button" val="Search"> </form> <div class="header-nav__search-sugg-title">Try searching for</div> <div class="header-nav__search-suggestions"> <a href="/us/search?content%5Bquery%5D=Email%20Security" class="header-nav__search-suggestion">Email Security</a> <a href="/us/search?content%5Bquery%5D=Phishing" class="header-nav__search-suggestion">Phishing</a> <a href="/us/search?content%5Bquery%5D=DLP" class="header-nav__search-suggestion">DLP</a> <a href="/us/search?content%5Bquery%5D=Email%20Fraud" class="header-nav__search-suggestion">Email Fraud</a> </div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="x_lgn"> <div class="header-nav__content"> <div class="header-nav__content-title"> Select Product Login </div> <ul class="header-nav__logins"> <li class="header-nav__content-login"> <a href="https://proofpoint.my.site.com/community/s/" target="_blank">Support Log-in</a> </li> <li class="header-nav__content-login"> <a href="https://proofpointcybersecurityacademy.adobelearningmanager.com" target="_blank">Proofpoint Cybersecurity Academy</a> </li> <li class="header-nav__content-login"> <a href="https://digitalrisk.proofpoint.com/" target="_blank">Digital Risk Portal</a> </li> <li class="header-nav__content-login"> <a href="https://emaildefense.proofpoint.com/login.php" target="_blank">Email Fraud Defense</a> </li> <li class="header-nav__content-login"> <a href="https://threatintel.proofpoint.com/" target="_blank">ET Intelligence</a> </li> <li class="header-nav__content-login"> <a href="https://us1.proofpointessentials.com/app/login.php" target="_blank">Proofpoint Essentials</a> </li> <li class="header-nav__content-login"> <a href="https://proofpointcommunities.force.com/community" target="_blank">Sendmail Support Log-in</a> </li> </ul> </div> </div> <div class="header-nav__menu-pane" data-content="x_lng"> <div class="header-nav__content"> <div class="header-nav__content-title"> Select Language </div> <ul class="header-nav__language-links"> <li class="header-nav__language-link"> <a href="/us">English (Americas)</a> </li> <li class="header-nav__language-link"> <a href="/uk">English (Europe, Middle East, Africa)</a> </li> <li class="header-nav__language-link"> <a href="/au">English (Asia-Pacific)</a> </li> <li class="header-nav__language-link"> <a href="/es">Español</a> </li> <li class="header-nav__language-link"> <a href="/de">Deutsch</a> </li> <li class="header-nav__language-link"> <a href="/fr">Français</a> </li> <li class="header-nav__language-link"> <a href="/it">Italiano</a> </li> <li class="header-nav__language-link"> <a href="/br">Português</a> </li> <li class="header-nav__language-link"> <a href="/jp">日本語</a> </li> <li class="header-nav__language-link"> <a href="/kr">한국어</a> </li> </ul> </div> </div> </div> </div> <div class="layout-container"> <div> <div data-drupal-messages-fallback class="hidden"></div> </div> <main class="container" role="main"> <a id="main-content" tabindex="-1"></a> <section class="row"> <div class="layout-content"> <div> <div id="block-particle-content"> <article about="/us/blog/insider-threat-management/10-essential-cybersecurity-best-practices-proofpoint" class="node--type--blog-post node--view-mode--full node node-blog-full"> <div class="breadcrumbs"><div class="nav-crumbs"><div class="breadcrumb__item"><a href="/us/blog" class="breadcrum__item-link">Blog</a></div><div class="breadcrumb__item"><a href="/us/blog/insider-threat-management" class="breadcrum__item-link">Insider Threat Management</a></div><div class="breadcrumb__item"> 10 Essential Cybersecurity Best Practices | Proofpoint </div></div></div> <div class="blog-banner"> <div class="blog-banner__image"> <picture> <source srcset="/sites/default/files/styles/image_1920_750/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=HfhYFpdT 1x" media="screen and (min-width: 1440px)" type="image/webp" width="1920" height="750"/> <source srcset="/sites/default/files/styles/image_1024_400/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=7U3_pmLx 1x" media="screen and (min-width: 1024px)" type="image/webp" width="1024" height="400"/> <source srcset="/sites/default/files/styles/image_768_375/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=CPkYyvl0 1x" media="screen and (min-width: 768px)" type="image/webp" width="768" height="375"/> <source srcset="/sites/default/files/styles/image_1920_750/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=HfhYFpdT 1x" media="screen and (min-width: 1440px)" type="image/webp" width="1920" height="750"/> <source srcset="/sites/default/files/styles/image_1024_400/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=7U3_pmLx 1x" media="screen and (min-width: 1024px)" type="image/webp" width="1024" height="400"/> <source srcset="/sites/default/files/styles/image_768_375/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=CPkYyvl0 1x" media="screen and (min-width: 768px)" type="image/webp" width="768" height="375"/> <img loading="lazy" src="/sites/default/files/styles/image_768_300/public/blog-banners/pfpt-itm-blog-banner-3.jpg.webp?itok=SC5191d4" width="768" height="300" alt="Insider Threat Management" typeof="foaf:Image" /> </picture> </div> <div class="blog-banner__gradient-overlay"></div> <div class="blog-banner__heading-wrap"> <h1 class="blog-banner__heading"> <span>10 Essential Cybersecurity Best Practices | Proofpoint</span> </h1> </div> </div> <div class="blog-content"> <div class="blog-content__sharethis sharethis_toolbox sharethis_32x32_style"> <div class="blog-content__sharethis_label sharethis__label">Share with your network!</div> <div class="blog-content__sharethis_buttons sharethis_buttons"> <div class="sharethis-inline-share-buttons"></div> <span class="addthis_button_subscribe at300b UNCONVERTED" title=Subscribe> <span class="at-icon-wrapper block-subscribe-button__trigger block-subscribe-button__addthis"></span> </span> </div> </div> <div class="blog-content__metadata blog-content__metadata-author"> <span class="blog-content__date"> <time datetime="2018-12-10T20:27:29Z">December 10, 2018</time> </span> <span class="blog-content__author"> Proofpoint Staff </span> </div> <div class="node-full__body blog-content__body"> <p>As 2018 quickly comes to a close, it’s important to be prepared for both existing and emerging cybersecurity threats in 2019. Based on what we know of 2018’s top cyberattacks and <a href="https://www.observeit.com/insider-threat/">insider threat</a> incidents, and what <a href="https://www.observeit.com/blog/six-insider-threat-focused-cybersecurity-predictions-for-2019/">we predict is on the horizon for next year,</a> we’ve compiled a list of essential cybersecurity best practices every information security professional should have in their arsenal.</p> <p><strong><em>1. Consider creating a dedicated insider threat role.</em></strong></p> <p>Insider threats are on the rise, across all industries and company sizes (and they can cost organizations on average of<a href="https://www.observeit.com/blog/new-ponemon-institute-study-insider-threats-lead-to-big-losses-and-significant-costs/"> $8.76 million per year</a>). Stopping insider threats, for this reason, should be a team sport. &nbsp;</p> <p>A dedicated insider threat professional can bring together the cross-departmental teams needed to quickly detect, investigate, and respond to insider threat incidents when they do occur. This role can also help your team become more proactive by assembling the right policies and tools to <a href="https://www.observeit.com/product/insider-threat-prevention/">prevent insider threats</a> from happening in the first place.</p> <p><strong><em>2. Conduct phishing simulations.</em></strong></p> <p><img alt="Paper Fish Representing Password Phishing" src="https://www.observeit.com/wp-content/uploads/2018/12/coachable-moments-tips-for-holiday-phishing-season-1024x683.jpg"></p> <p>According to <a href="https://enterprise.verizon.com/resources/reports/dbir/" rel="noopener noreferrer">Verizon’s 2018 Data Breach Investigation Report</a>, phishing attacks are still as prevalent as ever, but in an analysis of phishing simulations, 73% of people did not click on a single malicious email all year (bravo!)</p> <p>An important aspect of cybersecurity awareness training is helping employees understand how <a href="https://www.observeit.com/blog/5-ways-defend-against-phishing/">phishing attacks</a> may manifest themselves in their day-to-day lives. As social engineering attacks and credential theft attempts become more sophisticated, investing in phishing simulations creates a safe space to test employees’ knowledge.</p> <p><strong><em>3. Educate employees on cybersecurity policies for remote work and business travel.</em></strong></p> <p>We <a href="https://in.pcmag.com/news/127273/holiday-travel-often-means-doing-work-on-public-wi-fi-with-n" rel="noopener noreferrer">recently surveyed</a> 1,000 employees about how they access corporate networks during work travel, and 77% admitted to connecting to free public Wi-Fi networks (which are typically unsecured) using corporate computers and phones. Only 17% of respondents said they always use a VPN when they’re away from the office.</p> <p><img alt="Remote Employee Creating a Security Risk" src="https://www.observeit.com/wp-content/uploads/2018/10/embracing-cybersecurity-best-practices_banner-1024x417.jpg"></p> <p>With the remote work trend on the rise, employees need to know that sacrificing security for convenience isn’t an acceptable tradeoff. Nearly half of employees aren’t aware of their travel or remote work cybersecurity policies -- so it may be time to refresh IT best practices for employees (or to establish these guidelines if they aren’t already in place!)</p> <p><strong><em>4. Prioritize employee privacy.</em></strong></p> <p>Even a quick look at the <a href="https://www.nytimes.com/2018/12/05/technology/facebook-emails-privacy-data.html" rel="noopener noreferrer">tech news headlines</a> from 2018 shows that data privacy awareness and sensitivity is at an all-time high. Not to mention, <a href="https://www.observeit.com/gdpr/">GDPR</a> regulations and others coming down the pike (such as <a href="https://hbr.org/2018/07/what-you-need-to-know-about-californias-new-data-privacy-law" rel="noopener noreferrer">California’s Consumer Data Privacy</a> Law) make data privacy a business imperative.</p> <p>Prioritize employee privacy by anonymizing any data you collect from them in an insider threat prevention capacity, and communicating clearly about how cybersecurity policies impact their privacy in any way.</p> <p><strong><em>5. Create a cybersecurity awareness training program.</em></strong></p> <p>Consider this: <a href="https://www.observeit.com/cost-of-insider-threat/">two out of three insider threat incidents</a> are caused by employee or contractor mistakes, and mistakes are preventable! Now is the time to invest in cybersecurity awareness training. In fact, <a href="https://www.observeit.com/blog/six-insider-threat-statistics-that-prove-the-need-for-mandatory-insider-threat-training/">according to SANS,</a> 85% of cybersecurity awareness professionals reported that their work had a positive impact on the security of the organization.</p> <p>If you’re wondering where to start, check out our Coachable Moments series, which regularly features <a href="https://www.observeit.com/blog/top-10-coachable-moments-cybersecurity-awareness-tips/">cybersecurity awareness tips</a>. Cliff’s Notes version: find multiple channels to reinforce your cybersecurity policies in employees’ day-to-day work (since no one wants to read a long, boring document).</p> <p><img alt="Awareness Training for Cybersecurity Best Practices" src="https://www.observeit.com/wp-content/uploads/2018/10/top-10-coachable-moments_banner-1024x417.jpg"></p> <p><strong><em>6. Inform third-party contractors of the cybersecurity policy.</em></strong></p> <p>According to <a href="https://www.npr.org/2018/01/22/578825135/rise-of-the-contract-workers-work-is-different-now" rel="noopener noreferrer">a recent NPR/Marist poll</a>, one in five jobs are held by freelance workers, and that trend will only continue to rise. Many organizations reap the benefits of third-party contract work, but few educate these contractors on cybersecurity best practices and policies that may affect their day-to-day workflows. Ensure these workers are <a href="https://www.observeit.com/blog/coachable-moments-strangers-in-your-servers/">aware of your policies</a> and know how to adhere to them.</p> <p><strong><em>7. Monitor both user and file activity. </em></strong></p> <p><a href="https://www.observeit.com/blog/six-insider-threat-focused-cybersecurity-predictions-for-2019/">We predicted</a> that savvy, malicious insider threats will take advantage of multiple channels to <a href="https://www.observeit.com/blog/what-is-data-exfiltration/">exfiltrate data</a> and hide their tracks in 2019, which means that having the right <a href="https://www.observeit.com/product/user-activity-monitoring/">user and file activity monitoring </a>solution in place is one of the best methods of prevention. Solutions like DLP that focus on the data, and not user activity, often fall short of stopping malicious insider threats in their tracks.</p> <p><strong><em>8. Be vigilant of state-sponsored threats.</em></strong></p> <p>We’ve seen a lot of headlines in 2018 about international threats targeting U.S.-based companies, including <a href="https://www.cnbc.com/2018/09/20/amazon-not-only-company-facing-insider-threats-china-russia.html" rel="noopener noreferrer">Amazon’s high-profile</a> insider threats in China. Employees at companies within high-value industries, including banking, technology, healthcare, and more, may face major incentives to exfiltrate and sell data to foreign governments. <a href="https://www.observeit.com/blog/spies-among-us-rise-state-sponsored-insider-threats/">Understanding the motivations</a> of nation-state insider threats is crucial, so you’ll be able to spot patterns of suspicious activity.</p> <p><strong><em>9. Enforce the use of a password manager, SSO &amp; MFA.</em></strong></p> <p><img alt="Creating a Secure Password" src="https://www.observeit.com/wp-content/uploads/2018/12/password-managers-must-have.jpg"></p> <p>It sounds like an obvious faux-pas to the cybersecurity professional, but the use of weak or repeat passwords is still rampant among workers today. If you can’t teach employees how to reliably <a href="https://www.businessinsider.com/good-best-password-2018-5#now-that-you-know-what-to-avoid-here-are-some-ways-to-write-good-hacker-proof-passwords-7" rel="noopener noreferrer">create hack-proof passwords</a><em>, </em>then adopting and enforcing a quality password manager is another great option. If you haven’t already chosen a password management solution, check out this post on the <a href="https://www.observeit.com/blog/coachable-moments-the-benefits-and-risks-of-password-managers/">benefits and risks of password managers</a>.</p> <p>Other IT security best practices for employees include security measures such as single sign-on (<a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="0fa196df-1bc1-49dd-84fe-e3784d43e655" href="/us/threat-reference/single-sign-on-sso" title="Single Sign-On (SSO)">SSO</a>) and multi-factor authentication (MFA) should also be enforced across the board, taking as much margin for user error out of the picture as possible.</p> <p><strong><em>10. Audit privileged access. </em></strong></p> <p>If you haven’t done it in a while, check how many users have <a href="https://www.observeit.com/blog/coachable-moments-privileged-user-best-practices/">privileged access</a> to sensitive areas of your servers, and ask whether each person’s level of access is really necessary. Privileged access tends to creep up on organizations over time, as certain people leave the organization, change roles, or no longer work on tasks related to their admin credentials. If you find this issue is repeatedly happening at your organization, it may be time to adopt a system of temporary or rotating credentials.</p> <p><strong>Final Thoughts</strong></p> <p>We hope that adopting these best practices can help your organization reduce unnecessary risk in 2019.</p> <p><em>What tip have you found most useful in 2018? What new strategies will you adopt next year? Let us know on Twitter </em><a href="http://www.twitter.com/proofpoint"><em>@Proofpoint.</em></a></p> </div> </div> <div class="blog__content-pager"> <div class="content-pager"> <div class="content-pager__items-wrapper"> <div class="content-pager__items"> <div class="content-pager__item content-pager__item--prev"> <a href="/us/blog/insider-threat-management/coachable-moments-how-help-employees-avoid-phishing-attacks" hreflang="en">Previous Blog Post</a> </div> <div class="content-pager__item content-pager__item--next"> <a href="/us/blog/insider-threat-management/three-reasons-supplement-ueba-insider-threat-management" hreflang="en">Next Blog Post</a> </div> </div> </div> </div> </div> <div class="subscribe-block blog-subscribe" data-animate="true"> <div class="subscribe-block__inner blog-subscribe__inner"> <div class="subscribe-block__copy"> <h3 class="subscribe-block__heading"> Subscribe to the Proofpoint Blog </h3> </div> <div class="subscribe-block__form"> <div class="mk-form"> <div class="mk-form__form-container"> <script type="IN/Form2" data-data-form="mktoForm_19277" data-field-firstname="FirstName" data-field-lastname="LastName" data-field-email="Email" data-field-company="Company" data-field-title="Title" data-field-state="State" data-field-country="Country" ></script> <form id="mktoForm_19277" data-mkto-id="19277" data-mkto-base="//app-abj.marketo.com" data-munchkin-id="309-RHV-619" data-submit-text="" data-redirect-link="" data-prefill="" data-event-label="" data-lang-code="us" data-validate-email="1" class="mk-form__form marketo-form-block__form" ></form> </div> </div> </div> </div> </div> </article> </div> </div> </div> </section> </main> </div> <div class="footer-v3" data-animate="true"> <div class="footer-v3__inner"> <nav class="footer-v3__nav"> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">Products</div> <ul class="footer-v3__nav-collapsible"> <li><a href="/us/products/protect-people">Protect People</a></li> <li><a href="/us/products/defend-data">Defend Data</a></li> <li><a href="/us/products/mitigate-human-risk">Mitigate Human Risk</a></li> <li><a href="/us/products/premium-services">Premium Services</a></li> </ul> </div> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">Get Support</div> <ul class="footer-v3__nav-collapsible"> <li><a href="https://proofpoint.my.site.com/community/s/" target="_blank">Product Support Login</a></li> <li><a href="/us/support-services">Support Services</a></li> <li><a href="https://ipcheck.proofpoint.com" target="_blank">IP Address Blocked?</a></li> </ul> </div> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">Connect with Us</div> <ul class="footer-v3__nav-collapsible"> <li><a href="tel:+1-408-517-4710" class="icon-phone-ppoint">+1-408-517-4710</a></li> <li><a href="/us/events">Attend an Event</a></li> <li><a href="/us/contact">Contact Us</a></li> <li><a href="/us/free-demo-request">Free Demo Request</a></li> </ul> </div> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">More</div> <ul class="footer-v3__nav-collapsible"> <li><a href="/us/company/about">About Proofpoint</a></li> <li><a href="/us/why-proofpoint">Why Proofpoint</a></li> <li><a href="/us/company/careers">Careers</a></li> <li><a href="/us/leadership-team">Leadership Team</a></li> <li><a href="/us/newsroom">News Center</a></li> <li><a href="/us/legal/trust">Privacy and Trust</a></li> </ul> </div> </nav> <div class="footer-v3__bottom-wrap"> <section class="footer-v3__bottom"> <div class="footer-v3__logo"> <a href="/us" class="footer-v3__logo-link"> <div class="footer-v3__logo-image"></div> </a> <div class="footer-v3__bottom-copyright-info">&copy; 2024. All rights reserved. </div> </div> <div class="footer-v3__bottom-copyright"> <a class="footer-v3__bottom-copyright-info" href="/us/legal/license">Terms and conditions</a> <a class="footer-v3__bottom-copyright-info" href="/us/legal/privacy-policy">Privacy Policy</a> <a class="footer-v3__bottom-copyright-info" href="/us/sitemap">Sitemap</a> </div> <ul class="footer-v3__bottom-social-menu"> <li> <a href="http://www.facebook.com/proofpoint" class="icon-facebook" target="_blank"></a> </li> <li> <a href="http://www.twitter.com/proofpoint" class="icon-twitter" target="_blank"></a> </li> <li> <a href="https://www.linkedin.com/company/proofpoint" class="icon-linkedin" target="_blank"></a> </li> <li> <a href="https://www.youtube.com/channel/UCIvtJgsrUzFo90NKeiVozhQ" class="icon-youtube-play" target="_blank"></a> </li> <li> <a href="https://www.instagram.com/proofpoint" class="icon-instagram" target="_blank"></a> </li> </ul> </section> </div> </div> </div> </div> <script type="text/javascript">document.write(unescape("%3Cscript src='//munchkin.marketo.net/munchkin.js' type='text/javascript'%3E%3C/script%3E")); </script> <script>Munchkin.init('309-RHV-619');</script><div class="element-invisible" style="clear:both;"><!-- Google Code for Remarketing Tag --> <!-------------------------------------------------- Remarketing tags may not be associated with personally identifiable information or placed on pages related to sensitive categories. See more information and instructions on how to setup the tag on: http://google.com/ads/remarketingsetup ---------------------------------------------------> <script type="text/javascript"> /* <![CDATA[ */ var google_conversion_id = 950296937; var google_custom_params = window.google_tag_params; var google_remarketing_only = true; /* ]]> */ </script> <script type="text/javascript" src="//www.googleadservices.com/pagead/conversion.js"> </script> <noscript> <div style="display:inline;"> <img height="1" width="1" style="border-style:none;" alt="" src="//googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/?value=0&amp;guid=ON&amp;script=0"/> </div> </noscript></div> </div> <div id="flyout-container"></div> <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"us\/","currentPath":"node\/99381","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"en"},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"ajaxPageState":{"libraries":"eJxVj0GOBCEIRS9Uxkxm07eZgE2rKQWD2EnffqxadFkbEh7w_6eBWg6FPBYJu-sDe9CM5HCYCW9tmcd7dy0vXAmeQUfFfsEgbMTmGkTSFety-RIxUvf-vVAsglAcFarzfBGMIrGQe8mNpmk9FRjed5Z5Cb48eDy8tfaXfx7sC3AcM597klEw0WNSQXcy8XVwSHvmg3UCDckPy6WffQKdske1lE9kaQb2BsiAeLp_mUhB0K1_ulH1CJ3-Ae6OlH4","theme":"particle","theme_token":null},"ajaxTrustedUrl":[],"vwo":{"id":767242,"timeout_library":2500,"timeout_setting":2000,"usejquery":"false","testnull":null},"pp_i18n":{"language":"us"},"instantsearch":{"indexName":"content","path":"us\/search"},"user":{"uid":0,"permissionsHash":"26dd96d39e445e838e5f0382a0a4240ea0629de7ad59c3778594246405e2ccf5"}}</script> <script src="/sites/default/files/js/js_8CW70isSIT32kS0YKfqio8Q45sLJZNysYeCQqB4dtLQ.js?scope=footer&amp;delta=0&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg"></script> <script src="https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js"></script> <script src="/sites/default/files/js/js_DA7GHFg6Iz1O22c58zPl-nNTEwx5y7RuyKjesK1mXJI.js?scope=footer&amp;delta=2&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg"></script> <script src="//munchkin.marketo.net/munchkin.js"></script> <script src="/sites/default/files/js/js_Q_hAq3KoriT4uxdUnA3XDouviRgbwswFyj5MCBnzVHU.js?scope=footer&amp;delta=4&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg"></script> <script src="/themes/custom/proofpoint/apps/drupal/../../dist/app-drupal/assets/js/app.js?q=_dtj1XYObGo&amp;v=1"></script> <script src="/sites/default/files/js/js_2LYNA9Zu5KE51oXU7U2qX9zbS5cCqO7wzxelxAEWhjk.js?scope=footer&amp;delta=6&amp;language=en&amp;theme=particle&amp;include=eJxdkMFuAyEMRH9oEap66d9ENnEALdjImEj9-7K5wPZiycNoxo_WHvnrh30BjgMiuScZBRM9WntU0JNMfB0c0pn50jqBhuSH5dKv3RJV8iZSEPTov92oeoRORwO1HAr5IEqbFZABMXNcjigSC7mXsPWlvkSM1L2_P70JlPxnWsqbC4vEvYuN2FybLHozhdP1gT1oRnI4zITXeyJ43i5CnUrQUfFf1QpZ-pZ79dxjJwHDe2MtglAclfkZE_cP6VGUfg"></script> <script src="//app-abj.marketo.com/js/forms2/js/forms2.min.js"></script> </body> </html>