Last week we discussed the cyber hack on Anthem Health in our Weekly Hoot. The attack is another ‘one of those’ in an ever-elongating list of recent security hacks in the past twelve months. Considering that large companies like Anthem, Sony (SNE), and Michaels (MIK) are susceptible to breaches, no one is safe from outsiders trying to peep at your data. Today at Stanford University nearby, a cyber security summit is looking to encourage safe practices for tech firms. However, at Owler, we believe that cyber security is integral to all companies — not just tech —, not only because your data is important, but also because you owe it to your clients to protect their information. Data ranging from emails to financial sets are at risk without the proper precautions. Here are our tips keep on your competitive edge.
Don’t compromise your passwords.
First and foremost, have more than one password. When possible, have a different password for each of your accounts. We all do it. But it’s like not washing your gym socks after wearing them. Its a sloppy practice to use one password across multiple accounts. Sure, its convenient, and you have a million and one other things to remember, but really its laziness at its worst. Time invested in complex, distinct passwords is time saved later. A complex password is not your name with one letter changed, like “d@vid123” or even “st3vi3_” While a little more creative, these changes are the most common and an obvious next step for hackers to try. These changes are ineffective in the long run. Also, don’t share your passwords. Especially if you have the tendency to have a few passwords you cycle through. Even if sharing your password with your significant other is seen as a sign of commitment, don’t do it.
On that note, use more than a password.
There’s an old saying that a company is only as strong as its weakest password. Instead of passwords, cyber security experts often suggest using what they call passphrases. A passphrase is generally a longer version of a password, composed of a string of words. Passphrases are designed for added security because they take longer to crack. Passphrases appear in one of two forms. The first is a literal string of words tied together like “OrangeOwlsMakeUsGiggle.” The second is a memorable phrase that is reduced to an extended acronym like “0oMuG+bH” from the sentence “orange owls make us giggle and be happy.” Both are more effective than a traditional password, but the key to making a passphrase useful is using something meaningful to you but that cannot be easily guessed. Like a childhood memory about your favorite ice cream flavor, or a saying you and friends share, your passphrase should be something only would be able to remember on command. If you’re still feeling like a passphrase is out of your realm, consider using a password generator and manager instead.
Establish a secure connection when possible.
I’m currently 34000 feet in the air writing this post, emailing colleagues, and preparing for tomorrow’s workday. While my airline’s free in-flight Wi-Fi is pretty sweet, it’s open access puts my information at risk of interception. Similarly, whenever you use an Internet connection or website that is not designed to shield your data transfers from prying eyes, your data is vulnerable. If you don’t see a green lock on your URL bar in your browser, proceed at your own risk. There are ways around living in fear of the internet. You can secure a connection from browser extensions, to adding an “s” after “http” in your URL bar. You can also try using a virtual private network (which is what I am currently using as I fly), this will encrypt your data adding another layer of security to your information. Although VPNs sometimes can cost a company a lot to set up, there are some free solutions for individual use. Try to limit the number of individuals who may interact with your data whenever possible, whether that is through a third-party net access or a wireless hotspot, use caution whenever accessing the web through them.
Periodically change your passwords.
While changing your passwords too often can be unproductive, as a study at Microsoft (MSFT) once suggested, there are certain use cases in which changing your password will ultimately be a good use of time. Change your passwords regularly for sites used for communication such as emails, instant messaging, Skype, etc. These are so important to protect because you share a lot of information through these mediums, from other passwords to personal information. These are goldmines for hackers looking to access other high-interest datasets. If you share a computer with others at work or at home, change that password often too, especially if you use password management applications like Keychain or 1password locally.
Use an antivirus.
This is probably one of the last things I think about as a Mac user. Although Macs are known for having little malware, they are certainly not immune. If you’re in the Microsoft camp, you probably know how important it is to have reliable anti-virus protection. Solutions for malware range in price, but there are certainly free ones for smaller companies or independent workers. Antivirus software is an easy first step for everyone, even if you are the most cautious Internet browser at your company. While common sense is key to reducing your risk of being infected, few people acknowledge that you can still get a computer virus while using a trusted site. This creates a serious compromise to your overall security, making it easier to be targeted by phishing scams or data breaches.
Do not leave your devices unattended.
Seems pretty standard, particularly if you have an expensive smartphone or computer, but we’re not telling you to protect your gadgets from theft. We are more concerned with sophisticated data breaches that involve physical access to your devices. As much as you may want to believe that you don’t need a password for your computer because you reason, “what can hackers get out of my computer?” you are an even more attractive target. Lock up your computer, phone, and device whenever you leave you leave them unattended. We have seen some pretty intricate ways of creating a backdoor entry to computers, and leaving your computer unattended or plugging in foreign devices leaves you at risk of being breached.
Now that you’ve heard what we’ve got to say about worthwhile ways to buff up your cyber security, what is your company doing to protect its data? You may think that you’re not the next target, but you never know. Think about what your competitors may want access to and secure it, don’t let them outsmart you.