It has become quite common to hear the phrases, “my website has been hacked”, or “I have no idea what that charge is on my credit card!” and this is all a result of the widespread carnage cybercriminals have created, preying on the unsuspecting and the overconfident. This year, the number of data breaches reported is on track to hit new records if the trend remains the same as companies like eBay and Michael’s Stores, who are accountable for millions of their customers’ financial and personal data, were hacked on an epic scale, resulting in the loss of privileged data and potential loss of cash if criminals follow through further.
Whether you’re running a business or trying to lead a safe and loss-free life, the risks at hand are greater than most realize. One careless employee who decides to use weak passwords or unintentionally discloses them could lead to an entire organization scrambling to mitigate losses in the millions, find the loopholes, implement new disaster and recovery plans and places the business in a very precarious position with clients and investors.
As deadly as the threats are, how can we begin to protect ourselves? Here are 3 tips to get the foundations started.
Securing your Website & Other Digital Business Assets
Let’s face it, completely securing your website will never be a one man job or DIY project, regardless of how skillful a developer or security expert you are. It’s not possible for any individual to keep up with every industry change and vulnerability discovered and to act in time to effect upgrades and protection on a constant basis; just not realistic. Doing it yourself is risky, especially in the case of businesses or even personal website owners who have developed popular brands for themselves. The more well-known you are the greater the chances of you being a target.
Cloud mitigation providers are becoming more affordable and hiring the services of a company with a team of dedicated professionals who are constantly monitoring the industry and website are within reach of the everyday users. Notably, although your hosting provider will be able to give you signals for when there are security risks on your website, they won’t catch them all and they’re definitely not equipped to mitigate distributed denial-of-service (DDoS) attacks. A cloud service provider will be your best option here and you’ll essentially be leveraging their investment in infrastructure and networks that have proven success in mitigating the entire gamut of web threats.
Have a Backup Plan for All Your Devices
As we incorporate more aspects of mobiles devices in our daily lives to send email, pay bills, transfer funds and store more private data, the risk of losing all that data or placing it into the hands of criminals is as easy as forgetting your phone at a restaurant after having dinner.
Here are some quick tips to secure your devices:
- Install backup and remote wipe software – For example, Prey can be installed on all mobile devices, including laptops, and allows you to track their locations, remotely lock the device, delete stored passwords and other data and even remotely use your laptop’s webcam to see who stole your stuff.
- Keep your apps updated – App developers are always pushing updates that provide protection for any recently discovered vulnerability; allow them to do their work.
- Don’t install questionable apps or those not found in established marketplaces
Remember, all that a criminal requires is a single entry point and your devices are perfect for gaining access to everything when compromised.
Don’t Click Unfamiliar Links & Open Weird Emails
We get them all the time; from unsuspecting friends whose accounts have been compromised sending fake distress mails requesting money, to those weird emails from your bank with the strange request of asking you to update your personal details online. Many of us know not to click them but criminals are becoming smarter and it’s sometimes very difficult to tell when some are illegitimate. Just look at the phishing example below where the login page on the right of the diagram is a site created by the hackers to capture the users’ private credentials. They both look the same don’t they?
Clicking on strange links in your email can lead to your account becoming a spamming machine by getting into your address book and sending the link to people you know. At their worst, these links can crash and wipe the data from your hard drive. Delete these emails and do not even bother investigating any further. When you do get one, contact the sender, who’ll need to change their account passwords or even take greater measures.