Every month, we learn of more major security breaches. Most recently, we learned of an attack on JP Morgan Chase and, of course, the already infamous attack on the iCloud accounts of celebrities, followed by widespread distribution of their private, and sometime explicit, personal pictures.
Often, however, we are our own worst enemies when it comes to protecting our online data. We stumbled up on a Mashable article suggesting several simple steps we all can take to make our data more secure. They didn’t provide a whole lot of detail, though, so we took the liberty of providing some more info so you can take these steps yourselves. We also suggest sharing them with your employees—it’ll help them keep their personal lives more secure and will also train them to be more secure when managing company data while they’re at work.
Use Secure, Unique Passwords on Accounts and Devices
We all know the pitfalls of using passwords based on names or birthdates or addresses or social security numbers (or, or, or…) But do you know the best practices? Here are the “dos” and “don’ts” according to Krebs Security:
- Create unique passwords that use combinations of words, numbers, symbols, and both upper- and lower-case letters.
- Rely on 3rd-party software tools to safeguard passwords.
- Use your network username as your password.
- Use easily guessed passwords like “password” or “user.”
- Use words that can be found in the dictionary.
- Use simple/adjacent keyboard combinations (e.g., qwerty, asdzxc, 123456, etc.)
- Use the same password on multiple websites
- Store your passwords on your computer in plain text.
Use Two-Factor Authentication When Available
Not sure what this is? Here’s a pretty good summary from a CNET article:
“Two-factor authentication adds a second level of authentication to an account log-in. When you have to enter only your username and one password, that’s considered a single-factor authentication. 2FA requires the user to have two out of three types of credentials before being able to access an account. The three types are:
- Something you know, such as a Personal Identification Number (PIN), password, or a pattern
- Something you have, such as an ATM card, phone, or fob
- Something you are, such as a biometric like a fingerprint or voice print
Enable Locks and Passwords on Computers and Smart Devices (e.g., phones and tablets)
In other words, enable those password-protected screen savers that pop up when your hardware device reboots or hibernates. (And don’t use the same password for protected apps inside those devices! If an intrude gets into the device, don’t make it easy for him to cause even more trouble.)
Keep Your Operating System Up to Date
Many of those annoying software updates we have to deal with include security patches to fix holes and exploits uncovered by hackers. When you’re prompted to update your software, treat it like you’re changing the locks in your house after you’ve lost your keys. In many cases, this is essentially what you’re doing. This applies to all software, not just your antivirus programs.
This didn’t make the Mashable list, but we suggest that you log out of programs when you’re not using them. If a hacker or intruder gets into one of your devices, you can dramatically limit the damage they can cause by shutting off easy access to your applications.