Posts Tagged ‘data protection’
Change Your Passwords Regularly…By regularly changing your login information and passwords, you make it harder for someone to steal information. This is increasingly important for accounts without two-factor authentication. Communication accounts, like email and chatting apps, should also be updated every so often for increased protection.
…But Don’t Change Them Too OftenTraditionally, experts recommended you change passwords every 30 to 60 days–this is no longer the case. Mandatory password updates lead to money loss and lack of productivity with minimal security payoff. Now, changing your password doesn’t hold near the protection it used to. Because cybercriminals continue to learn more advanced hardware and software, they can typically discover your password if they look hard enough.
As humans, we tend to create patterns. This is no different in password creation. Typically, we use similar letters, numbers and themes when updating a password. Updating your password too often leads to confusion with little added benefit.
Keep Your Data SecureAs a rule of thumb, update your passwords when there is proof of some sort of security breach or online attack. This includes unauthorized use of an account or evidence of malware. By doing so, you’re preventing a hacker from gaining access into your personal accounts and obtaining sensitive, private information or data.
There are other ways to protect your data. Contact the experts at WesTec Services for more information about our cybersecurity services.
If you’re not sure how to create a secure password that will outsmart the online hackers, read our recent article for tips.
During a spear-phishing attack, the perpetrator attempts to acquire personal details on the victim’s friends, hometown, employer, hang-outs, and their recent online purchases. This is typically done by disguising themselves as a trustworthy friend or entity through email, social media, phone calls, or text messages.
Because spear-phishing is the most successful form of acquiring confidential information online, it is important to practice how to avoid an attack.
1. Beware what you post: Review your online profiles. How much personal information is available for potential attackers to view? If there is something you do not want the public to see, delete it, or ensure your privacy settings are properly configured.
2. Use smart passwords: It is not wise to use the password for every account you own. In this case, if an attacker has access to one account, they effectively have access to all of your accounts. Passwords with random phrases, letters, and numbers are secure.
3. Use logic with emails: If an organization sends you a link in an email requesting a specific action or sort of personal information, go directly to the organization’s site rather than clicking on the link. Calling the organization can also help clarify the issue. Real businesses will not email you asking for your username and password.
4. Update your software: Software systems include security updates that should help protect you from spear-phishing attacks, as well as others. If you receive notice of a new update, be sure to take advantage, or enable automatic updates.
To learn more about how you can protect your data or sensitive information, contact the experts at WesTec.
How Hackers Get Your PasswordsBefore you can better protect your accounts, you must understand how cybercriminals access steal your information. Typically, a hacker will compromise your account in one of three ways.
- Personal attack: Hackers target your account specifically. They will typically guess your email password and use password recovery options to access other accounts.
- Brute-Force attack: Hackers systematically check all possible passwords until the correct one is found.
- Data Breach: Hackers attack large companies, resulting in millions of compromised accounts.
What Makes a Good Password?Ideally, your password should be at least 16 letters and contain a combination of numbers, symbols, uppercase and lowercase letters. Passwords should not include any repetition, dictionary words, usernames, pronouns or IDs. Make a strong password by thinking of a phrase and then use the initials of each word, as well as the numbers and symbols, to combat potential attacks. For example, if your phrase is “Do you think a hacker will guess my 16 character password for Facebook?!”, your password might be: Dytahwgm16cp4F?!
Enable Two-Step Authentication When PossibleIf any sites or accounts offer two-factor authentication, take advantage of it. This system works to limit hacking attempts by making a user authenticate their identity with a second method of verification. Check out our recent blog post about two-factor authentication for more information.
Use a Password ManagerThe best thing you can do for your accounts is have a different password for each one. However, if you follow this one cardinal rule of password security, keeping up with all passwords can be difficult. Using a password manager allows you to save all of your passwords in a secure spot with a strong master password. WesTec offers consulting for any individuals or businesses wanting more information about password security, network installation, or managed IT services. Contact us for more information.
4 BYOD security risks you should prepare for
Personal computing is with us wherever we go. Thanks to the rise of the mobile industry, smartphones and tablets allow us to take work home with us. And with the bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD can pose a number of security risks if you’re not careful. Here are some BYOD security issues you should know before implementing it.
The biggest reason businesses are wary of implementing a BYOD strategy is because it can leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and security systems.
Employees might also take work with them to places outside of your company premises that don’t have adequate security settings, thus leaving your system vulnerable to inherent security risks.
Another risk your company has to deal with is the possibility that employees will lose their personal devices. If devices with sensitive business information get lost and fall into the wrong hands, anyone can gain unauthorized access to valuable company data stored in that particular device. Therefore, you should consider countermeasures and protocols for lost devices, like remotely wiping a device of information as soon as an employee reports it missing or stolen.
Personal devices tend to lack adequate data encryption to keep other people from snooping on private information. On top of this, your employees might not regularly update their devices’ software, rendering their devices and your IT infrastructure susceptible to infiltration.
Connecting to open WiFi spots in public places also makes your company vulnerable and open to hackers, because hackers may have created those hotspots to trick people into connecting. Once the device owner has connected to a malicious hotspot, attackers can see your web activity, usernames, and passwords in plain text
Vulnerability to malware
Viruses are also a big problem when implementing BYOD strategies. If your employees use their personal devices, they can access sites or download mobile apps that your business would normally restrict to protect your system.
As your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies, make sure your IT department is prepared for an array of potential malware attacks on different devices.
BYOD will help your business grow, but it comes with IT security risks that you should be prepared to handle.
Need help mitigating these BYOD risks? Call us today, and let’s find the best IT security solutions for your company.