Safe Computing in the 21 century

It seems that we are constantly hearing about companies being hacked and personal information stolen. Everyday there are new viruses, new malware, and new breaches of security, so what is all the hype and what can you do to reduce your risk of being hacked? While there is no magic bullet and nothing on the web is totally 100% safe, there are steps you can take to increase your odds of not being a victim to cyber-crime.

The first and foremost thing a business can do is to educate their employees on what hackers are looking for and how to make hacking a little more difficult. Here are a few tips to help you protect your data.

Passwords:

Make sure you have a policy in place that requires your employees change their passwords on a regular basis. Make sure that they have to use a strong password i.e. “Ex@mPle63#” with at least 8 characters an uppercase, lowercase, a symbol and a number.

• Do Not use pet names, family names, birthdates or anything that is somewhat public and relative to you.
• Do Not use the same passwords for other sites. Example if you use the same password for email that you use for banking or a social media site your chances of being compromised are greater because if one site is hacked, then the information gained will be tried on the other sites.
• Do Not put your passwords on a “Sticky note” on your monitor, under your keyboard, etc.
• Do Not put your passwords in an Excel sheet even if it is password protected. These are easy to hack.
• Do Not share your password with anyone.
• Do Not give your password out. Even if you think it someone from IT calls and asks for your information. IT departments rarely need your information. They have administrator rights and can do most things without your logon credentials.
• Do verify that you are truly talking to your IT department and not a person trying to gain information
• Do ask questions as to why this information is needed. Ask for a call back number. If the number given is not your IT department, then stop and contact someone in IT that you are sure is legit.
• Do Not answer emails asking for personal information like social security numbers, bank account numbers, etc.   If it sound too good to be true, it is.
• Do Not send your password, social security number, or any other private information via email.

Malicious websites:

Many websites today have malware and spyware attached to them. A user logs into a website to get a coupon or to download a file. They click a link on the site that looks legitimate and unknowingly are infected with malware. Examples would be webpages and popups showing up on you browser that you never clicked, your home has changed or your search provider has changed on its own.

Malware nested in software:

Another common way to get infected is by downloading and installing software from a seemingly legit company. Many pieces of software have malware attached to them. Pay close attention to the installation options. Many times there are options to change your search engine and home page or install another piece of unwanted software not related to the software you wanted. The problem here is most users never really read what is checked by default, they just keep clicking and install the rogue software. If they had just read and unchecked the check box, they would have saved themselves a lot of trouble.

Larger businesses with IT support generally have policies to block software installation by the end user and robust virus protection but this does not prevent the end user from email scams and all malicious websites. Firewalls can help reduce the threats but again they are not 100%. In the end it is up to the user to make the final decision as to how the deal with these threats. It is possible for the IT staff to lock the system so tight to block the internet but this isn’t always practical. Education on threats can go a long way as to preventing data breeches, malware and viruses.   If you receive an email with and attachment file from some you aren’t expecting to, do not open it. Stay off of sites non-related to work.  If you do see something that doesn’t look right, report it to your IT people. The sooner it is addressed, the less potential it has of spreading and infecting yours and other systems.

One thing for sure is that hackers, thieves and scam artists will always be out there looking for victims. Keep your eyes open and stay up to date with the new techniques used to hack. Learn about the different types of viruses and malware out there. (see http://www.midtron.com/index.php/sample-page/ for more info on viruses ) Do everything you can to protect your data, make backups frequently, and pay attention to what you click.