The internet empowers us and transforms our lives to the point where some people never seem to get off it. You can bank online, find a date, have a business meeting with people across the world, and find your favorite insurance agency online, but all of these connections and opportunities bring some risk.
Remember when over 500 million records of Facebook users were exposed, including account names? Symantec's 2019 Internet Security Threat Report, Volume 24 reports that over 4,800 unique websites are compromised per month by criminals loading malicious code onto websites and stealing consumer credit card data. Research from Kaspersky Lab found that one in every five businesses globally suffered an IT security incident due to a ransomware attack in 2016. The point is, the internet is a marvelous place for all of us, and that includes criminals.
October is Cyber Security Awareness Month, and there is a lot to be aware of. We've complied some of the easiest ways you can make yourself, your home, or your business safer online. October and every month of the year, we should all pay a little more attention to how we're staying secure on the web.
1. Update your apps, software, and computer regularly.
Do you just ignore those software update reminders? Or do you have them turned off? New versions are released that are more secure. With each update you skip, you become more and more vulnerable as your device becomes less secure. Turn on automatic updates whenever you can.
2. Use strong passwords.
Don't use a password someone could guess. Your middle name, the street you grew up on, etc. Use something with symbols and numbers or use a phrase rather than a single world. For example, donttrustpinklizards or sundaysleepinsrule. Definitely don't use passwords like abc123 or 123456789 or anything else like this. Make sure you update your password regularly (adding another number to the end doesn't count). Keeping your passwords on a file on your computer or on Dropbox or in your email are all risky behaviors that you can easily avoid. If you have trouble remembering, use a password manager.
3. Be smart about social media.
Revealing your birthdate, phone number, place of birth, and other personal information could put you at risk for identity theft. Think about when you forget your password for a login and you're asked a security question. You're often asked about the town you were born in or your mother's maiden name. Criminals are smart enough to search social media for the answers to these questions, so limit what you share online. Check your privacy settings on these sites too. Do you really want the whole world seeing your photos and your profile with your home address?
4. Be extra cautious using mobile devices.
Your phone and tablet are not the same as your desktop computer. Your cellphone can more easily be hacked than your computer. Don't access company data on your cell phone-this is a great way to expose your company to something terrible. The apps you download can also install malware, so always use official app stores and don't allow third parties to install apps. Make sure you do updates regularly (see point number 1) and check the permissions for each app. Does your messaging app really need to know your location at all times? Probably not. Limit what access you give and if it doesn't make sense, delete the app. Always check the privacy settings when you download a new app. Many are automatically set so you're sharing lots of information. Another thing to be mindful of is all of those suspicious links and ads. It's harder to navigate your small phone using the touch screen than it is the computer, which means it's much easier to accidentally click a bad link. If you're worried about the authenticity of something, maybe wait until you can use a computer and check it out more thoroughly on a larger screen.
5. Choose two-factor authentication.
A username and a password aren't enough anymore. Two-factor authentication or multi-factor authentication gives you another layer of security. With two-factor authentication, you provide something else such as your fingerprint or a code texted to your cell phone. This second factor makes it harder to hack into your devices and accounts. There are even apps that you can use that are more secure than having a text sent to your phone.
6. Train everyone to recognize threats.
Most cyber security issues are caused by humans and not machines. Don't assume everyone in the office knows not to download attachments from unrecognized email addresses or put sensitive client information on Dropbox. Don't assume your teenage daughter knows how to recognize a fraudulent website. Knowledge is power and recognizing the threats will go a long ways in keeping everyone secure online. Start with the basics of recognizing an online threat but don't stop there. There are some clever online scams out there today and criminals are always adapting and becoming more creative. See 11 online scams the average person falls for.
7. Back up your data.
If something does happen, you're really going to regret not backing up your data. Make a habit of making additional copies of important information regularly. Whether it's the photos of your children or your company's tax information, consider everything stored on your device and how much it would hurt to lose it. Depending on what the data is, you should think about if you need to encrypt it. For businesses, you may want to consider having multiple people handle back ups in case of internal threats. However you introduce this redundancy, don't make the mistake of securing all of your data and then relaxing your standards when it comes to your backup data.
It's easy to feel overwhelmed about cyber security, but taking the steps mentioned above means you're heading in the right direction. More good information can be found through the Department of Homeland Security's Stop.Think.Connect. Campaign, and businesses can find resources through CyberSecure My Business™. The Federal Communications Commission also has some tips designed specifically for small businesses here. Businesses should also consider cyber liability insurance. We can start a quote for you online and are more than happy to answer any questions you have about coverage and your particular needs.