New Perils in a Connected World – by Stew Nelson
With all the data breaches in the news lately, it is becoming obvious that we are not doing a very good job of securing our data. No doubt there, are some clever hackers out there are smart enough to penetrate even DOD and bank firewalls but there are still many breaches we read about that could easily have been prevented with common sense and a few simple tips. Here are three easily implemented tips for you to consider:
Be Suspicious. The most important tip I can give you is to be on your guard and overly suspicious of every file or link that you receive from outside your business. Not to sound paranoid, but even files received from supposedly trusted sources must be treated as potential threats. In 2009, the Controller of a small metal manufacturing company in SE Michigan received an email purportedly from their bank asking him to “Click on a Link” to a web form to verify all their passwords for their online bank account as part of the banks routine maintenance program. After the controller complied with the “banks” instructions, it took hackers less than 6 hours to empty their bank account of almost $2M. The bank was able to recover all but $560,000 of the company’s money and the company recovered that from the bank in the subsequent lawsuit. For those of you that do not understand what happened, I am only going to say this once! - A bank will never ask you for passwords to your account!
Use Strong Passwords. A strong password consists of at least ten characters including upper and lower case letter, a number or two and special characters. Don’t use dictionary words or the name of your kids as they are too easily hacked. I know you are all getting really tired of making up new passwords to comply with HITECH so if you run out of ideas, take a look at a neat web site I found called HealthyPasswords.com. They make it easy to find clever passwords that are less easy to hack. I also recommend that you use separate passwords for personal and business use. I know this is mentally taxing but habits are hard to break and if a hacker gains access to your personal files why jeopardize your business files also.
Lock Down Your Laptop, Cell Phone and Wi-Fi Networks. More and more we are accessing our business networks with our smart phone and tablets. If your laptop, smart phone or iPad is not currently password protected, take five minutes and install a password program on it right now! If you are like me, your contact list contains any number of passwords and door codes that could compromise your security. While you are at it set a password for your personal WiFi network right now also. Hackers can learn a lot about our business by strolling into our personal lives through an open network portal. You probably don’t leave the front door of your house open when you are not home so why leave the “front door” to your digital profile open.
Every individual in your organization is responsible for network security. Remember, the most vulnerable part of any network is the end user….and that is you. Cyber crime is a real threat and the criminals are getting more sophisticated every day. Don’t make their job any easier by being complacent concerning network security.