It seems that every week there’s a new worm, data breach or piece of malware infecting computers and compromising both personal accounts and business data records. While these attacks are coming from the outside, often they happen because of someone on the inside. There is no greater cyber risk than people, and a relaxed or ambivalent attitude towards cybersecurity can leave you and your organization open and exposed to data breaches.
With a few simple steps, you can help mitigate that risk easily and painlessly. Below are some of our top tips to improve your cybersecurity.
Create Unique Passwords – and Change Them Often
By now you should know that using “password123” is dangerous (and yet, over 1,464 Western Australian government officials were caught doing just that). What you may not realize is that using easily identifiable markers is just as dangerous. These include your maiden name, street address, pet’s name or anything else that can be easily found with a quick Google search or visit to your social media pages.
What you can do: Thankfully, there’s an easier way to create passwords than remembering a string of random characters – it’s called a “passphrase.” As suggested in the webcomic XKCD, a great passphrase is something that’s impossible to guess – like four random words that don’t belong together. It’s important that the words are truly random – “the big house on the hill” or “fox in socks” won’t work because they make logical sense.
Looking to add an extra layer of protection? Add symbols or numbers between the words. For instance, you could add an exclamation point between each word in the above example to make “Correct!Horse!Battery!Staple!” Add in a few numbers at the end and you’ll have a password that’s very hard to guess. Another option is to use a password manager like LastPass to automatically generate and remember your unique passwords.
In today’s busy world, the last thing anyone wants to do is to stop working, install an update and watch the progress bar slowly climb to 100%. Ironically, the less often you update, the more time your computer will need when you finally do take the plunge. In other words, you’re saving time by installing updates as soon as they’re available.
What you can do: Every morning, set aside a fifteen-minute block of time to check for updates. By keeping this schedule, you’ll find that updating your computer’s security is quick and painless. Did you get a notice through email or push notification that an update is available? These are usually important patches to security flaws that should be installed immediately.
Be Wary of Public Wi-Fi
It’s more common to find public wireless internet access at your favorite café, coffee shop, library, business or even fast-food restaurant. The public Wi-Fi is easy, free and anyone can access it – which is precisely the problem when connecting a device with valuable information. On these Wi-Fi access points data is not encrypted and there is a lot of traffic, making it easy for hackers to sneak in and get valuable information before creeping back into the shadows.
What you can do: Is the solution to never connect to these accounts? Not necessarily. Try these tips:
- Look for networks that require security codes (an employee should be able to provide this), which makes it harder for someone to lurk outside of the building and connect.
- Change your phone and device settings so they don’t automatically connect to any new Wi-Fi network without your permission.
- Use a VPN to mask your IP address and make it harder for information to be traced back to you.
- Create a Wi-Fi hub on your phone and connect your computer to it, giving you a connection that no one else can access.
- Don’t access public Wi-Fi when using a device with valuable information stored on it, and don’t access important accounts, such as banking or financial institutions, when connected.
Use Two-Factor Authentication
Two-factor authentication’s popularity has exploded in recent years. Two-factor authentication makes it harder for hackers to access your account by sending you an email, text or phone call with a special code whenever you log in. Since you’re the only one with your phone or email account, you’ll be the only one with the special code to validate your identity. Even better, two-factor authentication alerts can let you know if someone has your email and password and is trying to enter your account – preventing them from getting in easily and alerting you that you need to change your password immediately. Think of it as the ultimate last line of defense for your account.
What you can do: Go into important accounts and look for two-factor authentication in the settings. Don’t just focus on banks – think of anything that has your credit card or banking account attached (iTunes store, Google Play, Amazon.com, etc.). Note that not every service offers two-factor authentication yet, but this tool can show you which ones do. Text messages, phone calls or a token system are the most secure methods of two-form authentication since someone that is accessing your account might already have access to your email as well.
Kill the Zombie Accounts
Have you checked in on your MySpace page lately? Are your Words With Friends account lying dormant? Forgotten social media and platform accounts are known as “zombie accounts,” and like the undead ghouls they’re named after, they have the potential to cause catastrophe. Since you forgot about these accounts, you might not notice when they’re hacked. Further, since you might use the same password for other accounts, they could be quickly compromised as well. Like the undead, the problems will keep multiplying and spreading quickly. Better end them now. What you can do: Make a list of dormant accounts or services that you don’t use anymore, then go back and delete them.
What you can do: Make a list of all the services you have accounts with, then go through and delete any that you haven’t used in over a year. If you’re having a hard time remembering which services you signed up for, search for “login” or “welcome” in your email’s inbox to find welcome emails from these organizations.
As you can see, there are no shortage of cyber risks to you and your organization. Staying vigilant, being aware of current threats and protecting yourself with the latest defense tactics are important. At A-LIGN, we take cybersecurity seriously, which is why we offer a comprehensive suite of services for protecting your business.
Are you ready to strengthen your organization’s defenses? Contact A-LIGN at 1-888-702-5446 to speak with one of our cybersecurity professionals.