The internet today is forever more complex and vast since it’s conception. From AOL online to hoping your mom doesn’t pickup the phone while your downloading, a lot has changed. One of the biggest problems we face today is cyber security. Many businesses are becoming victims to a slew of hackers. From website defacement to ransomware, don’t get caught with your pants down.Start your new year with a couple of tips to keep you and your business safe in 2020.
Start with a plan. Talk to your team and develop a set of simple rules for everyone to follow. While making a plan, keep in mind that you can have either high security or convenience, not both. The higher the security, the less fun it will be for your day to day activities. The higher the convenience, the less security you will have. The trick to the puzzle is to keep it balanced. Talk to a security professional and have them speak to your team about the do’s and don’t. To save some money search on google and learn what you can. To get you started search “online security tips”. There are many things you can do, perhaps so many things it can be overwhelming. If you are having trouble, start with implementing two factor authentication.
ICND started having to add two factor authentication to our logins for this very reason. Our website were getting so popular, that phishers starting cloning our login screens and trying to “phish” your login information out of our clients! We then implemented two factor email authentication to combat this.
Firewalls & Updates
Always use a firewall! By default your computer should have a firewall activated and updated. There should also be another firewall on your network. For small or home networks your router should have one built in. Not only is keeping your firewall on, but keeping it updated is just as important. Hackers have many attack vectors, so much that it can keep you busy year round exploiting them. Updates plug holes that appear as they are found, so keep them updated! Don’t forget to audit those logs for any suspicious activity. Don’t like windows firewall? Although it gets the job done, there are plenty of options to choose from. Google “top 10 firewalls” and see what you like. Not sure what to go with? You can start with glasswire It gives you more options and has some neat features.
In regards to updates, make sure you are updating all of your devices! It can be a pain, especially when you are using the computer. These updates not only fix bugs, but they also fix security flaws! You can even schedule updates to occur while you are on lunch or leaving the office. Windows 10 allows you to toggle automatic updates. Keep this setting on.
Don’t forget to update all those phone apps of yours as well! Each app should have an option to allow automatic updates. Make sure that is turned on. But sometimes the updates require you to allow extra permissions. Don’t just blindly click “Yes, I accept” check to see what the apps are REQUESTING of you. For example, I downloaded a Bubble Level app to see if something on my wall at home was straight, but it was asking me to allow access to my contacts and browsing history. There is NO reason for that. You have the option to deny that request and you can still use the app.
Alright so you understand updates and firewalls, but what about passwords?
If you are on the internet then you most likely have multiple accounts on multiple websites. It’s a big no-no to use the same password for everything so how can you manage all these complex passwords?
It’s simple, use a password manager. There are many out there, some cost money, while some do not. What one should you use? Well that is up to you. Work on your google fu and search for password managers, you will find a plethora of options available for your needs. Lastpass is a great manager to get started with. If you are not a fan of storing your passwords in the cloud, then check out keepass. Each manager should have plenty of options to tailor the experience so jump in those settings and explore what options you have. If you use Chrome, it can even automatically generate passwords for you and store them (among ALL your devices.) The only downside to this is if you have an iPhone and use Safari. That sync is not there.
The last topic we are going to discuss today is an introduction to email phishing. I know what you are thinking, we are not catching fish here, but rather keeping an eye on what your email contains. If it looks suspicious then chances are it is. Mark it as spam and move on. If you get an email from your bank about an alert, be careful. Never click links in an email from a sender you do not know! If you DO think it is legit, you can actually hover (but do not click) over one of the links. In the bottom left of your screen (on a computer), you will see the URL it is going to take you to. If it doesn’t precisely match the website of the bank or institution then do not click.
If you are concerned about the problem, then call your bank and talk to a representative. As a general rule of thumb, if someone is emailing you to give you free money, then you can be sure it’s an attempt to get your information. There are only so many princes in Nigeria that need bailout money.