With almost 4.54 billion people actively using the Internet daily, the line between the real and virtual world has blurred. Technology is advancing, and we have tremendous power in our hands, which is good for progress and increasing productivity, but it also turns us into targets for cybercriminals.
Without undertaking the right measures for protection, we cannot assume that the data stored on our machines is safe from hackers’ malicious intentions. You are the first line of defense when it comes to protecting either your employer’s information or your personal system and keeping private data you store on them out of the wrong hands. You should learn to stay current about new threats like identity theft and computer viruses and take the necessary steps to keep your system and private information safe. The biggest tip we can give you is to consider not using your personal systems for your employer’s work.
Here are several data protection tips that will give you an idea of how to keep your system and information, whether it’s yours or your employers, safe.
Protecting your computer and its systems starts with the physical protection of devices. This may not apply during COVID-19 quarantine because you’re working from home where there probably aren’t any strangers or suspicious characters. However, if you walk away from your device while you’re working remotely at a coffee shop or at the airport, you put the device at risk.
Always lock your device before you walk away from your device, especially if you are logged into company systems or are working on business material. Leaving your computer or other mobile devices unattended and open could result in other people accessing your system and either modifying, deleting, or stealing your work. Leaving a device in the backseat or a trunk of a car, even for a moment, is just as dangerous. If your device is stolen and the drive is unencrypted, a criminal can access all of the stored content. Experienced hackers can do this even if you’re protecting your PC with a secure password.
Watch Out for Scams
Do you know who has access to either your information or your employer’s? Keep your computer secure and confidential data safe by never giving out login credentials over the Internet, through email, or the phone unless you know who you are dealing with or have initiated the contact.
If a person or company claims to have an account with you or your employer sends a message asking for private information, like financial information, never click on links contained in the message or email. Before doing anything, look up the company’s name online, visit their website or LinkedIn page, and reach out to them through customer service (either call the number or send a new email) to ask whether they really sent the request.
Did you know that there’s a specific attack technique used by cybercriminals called “Spear Phishing”? This is when they research the name and role of people in a company looking for people with specific responsibilities that they can exploit. For example, it’s not uncommon for scammers to target people in finance by trying to social engineer someone into sending them a wire transfer of funds.
Be careful and use best practices to protect yourself from scams.
Secure Documents and Information
You should take good care of any sensitive or proprietary documents or information stored on your computer. Personal information could include annual reviews, paystubs, or even your new hire paperwork. Proprietary or confidential documents may include but are not limited to network diagrams, customer lists, strategic partners, business processes, or strategic plans. Information regarding new products, acquisitions, or divestitures is considered “need to know” and not usually shared outside of the company unless specific conditions are met.
If someone requests confidential information from you, be sure to ask lots of questions first. Scammers will look for security holes in your organization, making it vital that everyone follows a protocol when it comes to sharing company information. If a person or company asks you to provide your employer’s information or your Social Security Number, ask them why they need it and how they will be using it. Validate their identity before even considering the idea of completing their request. Ensure that if they have a legitimate need for the documents. Lastly, you might want to see if your employer has a non-disclosure agreement (NDA) in place to protect them from damages in the event that the document is leaked to other parties and causes them harm.
If you need to share either personal or proprietary information using email, use encrypted email like SendSafely.
Don’t Share So Much Information on Social Media
Did you know that cybercriminals might even follow you on social media sites geared for professionals like LinkedIn, Stack Exchange, or in some cases, even Quora? Depending on your roles and responsibilities, they might. You might ask, “why me,” and that’s a valid question. The answer is that every bit of information that they can glean from your posts or profile could give them clues on how to exploit your employer.
Pay close attention to what you share on all your social media profiles, not just Facebook. Don’t post information about prospects, sales data, or technical information about your company’s systems. The less information you share, the better for your employer.
Try to avoid using your personal information or preferences as either your company passwords or answers to security questions on your employer’s systems. Many people may use a variant of “fluffy,” their birthdate, or anniversary as their password, and that’s not good. The answers to your security questions used by some sites to verify your identity could be used by cybercriminals to gain entry into your employer’s systems or applications.
Use a Firewall, Antivirus, and Anti-Spyware Software
A firewall is software designed to stand as a barrier between the outside world and your system. It prevents unauthorized access to your network and alerts you if someone tries to intrude. Windows and Mac come with built-in firewalls. Your employer may feel that a Mac or Windows firewall is not enough and have enterprise software installed on work computers. Whatever your operating system is or firewall, check your security settings and ensure the firewall is enabled before you establish any connection to the Internet and go online.
Antivirus programs and anti-malware software are security essentials that defend your system from Trojans, keyloggers, and viruses by immunizing it against unauthorized software and codes that threaten your OS. Installing antivirus software and anti-malware are crucial in data security, protecting computers from virus attacks, guarding data, and detecting real-time threats. This is yet another reason why you should consider using your employer-provided computer to perform your work duties instead of your personal computer. Typically, companies invest in layered security defenses in the event one control fails; there are other compensating controls in place to provide virus protection. They’re also built to automatically update security updates, so you’re never left undefended.
Spyware, including keyloggers, is a malicious software program that secretly monitors your system, collecting information like usernames, passwords, and other information like birth dates, credit card information, and so on. Don’t download and run programs from untrustworthy websites. Securing your computer also means using trustworthy web browsers. Beyond a secure Internet connection, install protection software like anti-spyware programs that scan the system regularly and provide spyware removal. Robust anti-spyware programs remove spyware software and also have a virus removal tool that blocks threats in real-time.
Backup Your Hard Drive
Protect your personal information and your employer’s information by backing up the data stored on your system. Data backup is critical in the event of a malicious attack. This is the most effective technique to protect against crimeware such as ransomware when hackers manage to encrypt your data against your will. This is just as bad as if the attacker got inside your system, or your data is lost or stolen.
In the case of smaller companies or those that are self-employed, the only one backing up either personal or your work-related information will be you. So, if you haven’t backed up your system already, it’s time to do it because you need to be able to rebuild your system as quickly as possible if your system is compromised. Otherwise, you’ll be at higher risk of identify theft, data loss, or data breach. The most effective technique is to use backup software and purchase an external hard drive to store your data. Once you complete a backup, disconnect the drive so that if your system gets infected, it won’t also extend to the drive you intend to use for restoration. In the event you get hit with cryptolocker, it can also encrypt your online backups.
Emails or messages from people or enterprises you don’t know may contain open attachments or links. Protect your data by never clicking or downloading these, and beware of messages from unknown parties. Lately, during the pandemic, spammers have refined their game and have escalated the number and variety of techniques that they’re using. They can send phishing emails that mimic trusted contacts, such as businesses (e.g., your bank), associates, or friends. Many of these attempts are not attempting to leverage the social need for information on how to protect one’s self or family from infection. They may appear to provide genuine information, but if an email you got seems suspicious, don’t click on any links in it before you confirm that it’s genuine.
Adjust Your Browser
By adjusting the level of security and privacy in your browser, you can lower the risk of malicious hackers attacking your computing device. Many of these options are disabled by default, but the good news is that it takes only a few minutes to access your browser settings and make the adjustments. The most prominent browsers, like Firefox, Chrome, Internet Explorer, Safari, provide step-by-step instructions on how to enable these settings, while anti-tracking browser add-ons (such as uBlock Origin and Disconnect) can provide an additional layer of protection.
Furthermore, you can install privacy browsers or extensions, such as Tor, DuckDuckGo, or Comodo Dragon. These are privacy-focused solutions that protect you from trackers and don’t record every action you make. As for Google Chrome, it handles more than 60% of web traffic, and Google uses it to monitor your activities and keep your device secure. Unless you either adjust your privacy settings or use Private Browsing, it will continue recording every website you visit to serve your targeted ads.
If you’re using an employer-provided system, you should be aware that installing unauthorized software may go against your employer’s policies. So, make sure that you’re aware of the agreements you’ve made with your employer. Don’t install software on your work computer unless it’s permitted by policy or you obtain a policy waiver. If the software you want to use isn’t authorized, consider working with your IT or information security staff to improve your organization’s security posture. As a former supervisor and Chief Information Security Officer repeatedly told all of our staff and executives, “information security is everyone’s responsibility.”
If you are not required to keep your system up and running at all times, switch off your computer when you’re not using it. Being always online and connected to a network increases the risk of malicious attacks, and shutting your computer down disconnects you from the Internet. If a hacker has established a connection with your network, you may prevent them from completing their mischievous mission of data theft.
Where possible, avoid letting children use computing devices that you’re also using for work. While you have good intentions, children can accidentally browse infected websites or install games or other software that may either contain security vulnerabilities or malware. They could also inadvertently click on phishing emails or download malicious attachments. The best alternative is to have a device dedicated only for children’s use that has no personal or employer information stored on it. You also shouldn’t install your password management software on this device to reduce the risk of it being used to grant access to other sensitive sites, applications, or data.
Whether you’re one of the many Windows users or you prefer Mac, protecting your system begins with you. Complete security starts with keeping your physical devices safe and out of the hands of people with ill-intent. If it falls into the wrong hands, be sure you added an extra layer of protection to prevent unauthorized access into any of your systems and platforms; use two-factor authentication and strong passwords. Using a combination of software and hardware defenses reinforced by unique and complex passwords will create several layers of protection that will keep your system secure from online predators.
Remember that you are the first line of defense against cyber-crime, so be sure to take the necessary steps to protect your system and either your personal or employer’s information.
Keep security software updated and pay attention to emails or information you might get from IT or IT security staff related to current or trending threats. Consider password protecting and locking your device even if that’s not how you received it. Protect yourself by using password managers, internet security applications, and good security and privacy techniques. You want to make sure that you understand basic computer and information security techniques and use tools that enable you to detect and respond to threats quickly. We take consumer information security seriously and have invested a lot of our time and energy in our posts and videos to help educate people. Find us online at either our company website or our social community site Split.