We talk a lot about safety on our blog! It’s important for everyone. Most of our EHS management clients think about the physical safety of themselves and their workers.
Online safety is key too, whether you’re in safety management or you’re a DJ or a quilter or office worker trying to make your space ergonomic. January 28 is Data Privacy Day, which means it’s a terrific time to review your online security.
Especially if you have an online or ecommerce store, and even if you operate a non-profit. We have friends whose online charity site was breached. They were inundated with complaints about charges that were made to people’s credit card accounts (none of whom were members of the organization) because the site was not set up correctly. Apparently the bad guys were searching sites that received donations.
Be careful out there!
Basics
- Use encrypted wi-fi connections
When you’re out in public, you may be connecting to an “open” wi-fi. That means there’s no password required. And also means that it’s very easy for someone to hack into the information that you’re sending from your computer.
If there are any financial transactions you want to perform, never use an open wi-fi system. Wait until you get home or to work where the wi-fi is encrypted.
The same goes for personal information. If a site asks for your birthday or Social Security number or other sensitive info, don’t continue if you’re on a public network.
Also make sure the site you’re visiting is secure. If the payment site does not have “https://” then it is NOT safe to use.
2. Don’t click the links!
Your bank, credit card, brokerage, or retirement plan company will never send you an email requesting sensitive information online. They will not call you. Neither will the Social Security Administration or IRS.
If you receive threatening or alarming emails, they are almost always going to be fraudulent. Same with phone calls. If you’re still concerned that you need to talk to someone, you can call the IRS or SSA or bank. But not using the phone number they gave you! Look on the SSA.gov or irs.gov websites, or the phone number on the back of your card to call them.
Many of these bots and phishers are sophisticated enough to use proper English and to include the logo of the company they claim to represent. Don’t be fooled. You can verify the email because it may be similar to the company email, but it won’t be exact. And if there are a lot of numbers in it, it’s been bot-generated.
3. Anti-virus and malware protection on all your Internet-enabled machines
In the early years of the Internet, preventing viruses was all that users had to worry about. Now there are more issues: phishing, worms, and other ways that bad guys use to try to steal your identity and your financial information.
Use malware protection software. You get what you pay for, so the free kind that comes with your computer isn’t going to cut it.
And, most importantly, keep it updated. Hackers are constantly coming up with new ways to infect your computer. If your software is even a few months old, it probably doesn’t have the latest update. When the company tells you there’s an update, you need to do it.
4. Strong passwords
The easiest way to do this is to use a password manager. Then you don’t have to worry about the strength of your password.
If you’re going to use a lazy password (123456789, 987654321, any combo of your name, your birthdate or your kid’s or spouse’s birthdate) you might as well not have one at all. The strongest passwords are at least 12 characters long.
Plus, you need different passwords for different sites. If the one great random password that you memorized is breached somehow, and you use it on all your sites, every single one of them is now vulnerable.
More protection
- Secure your router
Your router came with a name and a password. Change them!
2. Verify privacy and security settings on your social media sites
You may need to spend some time on your social media account websites to find out what exactly is best for you. They’re all different.
For example, if you have young children whose pictures you like to post online, those pictures should not be viewed by just anyone who has access to that site. You can restrict who sees them, and you should.
Check the privacy/security settings on each site you use to take care of it.
3. Go on a cyber diet – wipe out your cookies
Cookies help sites track your usage, and save your passwords. They can help pages load faster, but too many of them slow you down.
They can’t infect your computer like malware can. But they can still be used against you. Yahoo’s data breach came about because hackers stole the cookie code and were then able to create stolen cookies to plant on people’s computers.
Delete them. Cookies can be bad for your cyberhealth.
Business
- Keep up to date on small business protections
Small businesses are vulnerable, let’s face it. Know what the latest hacker fads are and how to avoid them. It’s not just your business that’s at risk, it’s your clients’ too if they provide you with their sensitive information.
Keep you and your clients safe.
2. Use multi-factor authentication
This one simple trick prevents 99.9% of account fraud. Single-factor authentication is just having one method of letting the site know you are who you say you are. Asking for a password only is single-factor.
All you have to do is add another authentication method. Like a text code. Your bank is probably using that already.
What are you using to make yourself more secure? Let us know in the comments!
