Tips and tricks to up your cyber security game
By Dale Dresch, IT Audit Manager, Maloney + Novotny
Security. It’s one of those critical qualities that’s become second nature for just about everything we physically do and everywhere we go. But in our online interactions? Are you doing enough to secure your personal data online? Here’s where its presence may need a little fortification.
As we continue to recognize National Cybersecurity Awareness Month, we’re asked to “Secure IT,” part of the campaign’s overall message to “Own IT. Secure IT. Protect IT.” (For background on the full campaign and details on getting started, check out this post from last week.)
Recommendations on securing your personal data online are in the spotlight this week, and here we’ve shared some tools to use and situations to watch for to build up your cyber security quotient both at home and at work.
It starts with passwords. The character combinations you use to access apps and websites will often be your first line of defense. So, make the effort to create stronger passwords for the sites and applications you use and to store those passwords properly. Some of the advice is second nature: use the longest passwords you can and avoid using personally identifiable words that are easy to guess or that you’ve posted on social media. Your pet’s name or favorite sports team are among the first places hackers start when trying to gain access. So use unique, even unusual passwords, create a different password for each account, and use a password manager to keep those passwords organized and make remembering them easier.
More is better. Another effective tool for securing your personal data online is employing multi-factor authentication (MFA) on apps and websites whenever possible. This security process requires you to use more than one unique identifier when logging into accounts such as credit cards, email servers and bank accounts. And it’s more than just passwords: you may be asked to prove it’s you through an email address, and/or your face or fingerprint. Implementing the process makes it far more difficult for hackers to gain access.
Give at the office. Executing cybersecurity measures at work is just as critical as at home and requires many of these same considerations. With employee information and trade secrets at risk, the stakes can be even higher. The fundamentals include keeping your software and applications updated and not oversharing on your own or the organization’s social media sites.
Phishing expeditions. Both at work and at home, be on the lookout for “phishing” attacks designed to infect devices with malware and viruses that steal your personal information. Telltale signs are emails appearing to come from people or institutions you know but threatening some sort of account compromise or requesting a fast personal response and information from you. Responding with that information directly or clicking through on embedded links is just what the criminals hope you’ll do, so think before you act. Always verify familiar-seeming requests by reaching out to the contact or organization on a separate secure platform, such as through established customer service channels.
Skimming tactics. And, with the rise of online commerce, be aware of the practice of e-skimming, in which hackers embed codes within payment processing forms to steal buyers’ credit card information. Any business accepting online payments is vulnerable but being aware of the possibility can help you keep an eye out and spot fraudulent financial activity sooner.
Next week, we’ll continue looking at ways to #BeCyberSmart, particularly in terms of protecting online profiles and employing physical security measures at home and on the road. In the meantime, if you have a specific cybersecurity question you’d like to discuss, don’t hesitate to contact Maloney + Novotny IT Audit Manager Dale Dresch at (216) 344-5296 or email@example.com, or use this online contact form to get in touch with us.