Just about every day, we read in the news that another company has been hacked. You might have already been directly affected by the password thefts at LinkedIn last year, or Evernote this year. Or you might have had your own social media account, email, website, network, or computer hacked. Worse, many of you have been hacked but don’t even know it. My personal e-mail was hacked recently and it is a very unnerving experience.
So how can you minimize the damage and risk of hackers? Here are several tips, some familiar, some not so familiar. By following these tips, you can reduce your risk, which is critical as we rely more and more on the internet to manage our businesses and personal lives.
Signing Your Life Away
Your signature might look great in a graphic in your email signature line, your website, or your newsletter, but it’s a huge risk. You’re giving away your handwriting, and forgers can easily replicate, master your handwriting, and impersonate you. To reduce identity theft, don’t publish your real signature anywhere.
Take Your Passwords Seriously
Implement strong passwords on all of your financial accounts: banks, credit unions, PayPal, credit cards, and your accounting system. We know it’s painful, but do not use the same password for your financial accounts anywhere else, especially on social media sites like Facebook and Linked In. If possible, use a different password for each account to reduce risk further.
What’s Your Password?
Here are some quick password tips:
- Do not use your name, your pet’s names or your kid’s names in your passwords. There’s just too much information available publicly to do that safely anymore.
- Mix up letters, numbers, capital letters, and special characters, if they are allowed.
- The longer, the more secure; most apps require at least 8 digits.
- Change passwords quarterly to be on the safe side.
Password Storage
Most apps that help you save time with passwords are NOT safe! Here’s what we do and don’t recommend:
DO:
- Password-protect your computer, even though you don’t have to.
- Keep a separate file of your passwords on your computer, but DO password-protect that file and make sure it is not shared with anyone on a network. Also name the file something totally unrelated like bio, letter, or goulash recipe; do not name it “passwords.doc!”
- You can also keep a record of your passwords offline, but be sure to lock it up in a safe.
- When you make file and disk backups, be sure those are locked up and password-protected too. They will no longer have your PC password to protect them.
DON’T
- Don’t give in to your browser or any website when it asks to remember your user ID and password, especially for your financial accounts or client information. All of the major browsers have been hacked – Internet Explorer, Chrome, Firefox, and even Safari.
If you use password management applications, proceed with caution. Be sure you have properly vetted their security claims. Most of these are simply form fillers that are not safe.
Vulnerable Applications
Avoid leaving vulnerable PC ports open and unattended, including chat, messaging, FTP (file transfer protocol), Skype, webinars, Google hangouts, video sharing, and the like. It’s like having all the doors and windows unlocked in your house; an intruder has a lot of choices for easy entry. When you are on these more vulnerable connections, shut the others down, and close the applications you don’t need. Then logoff when you are done.
Always Log Out
Log out of your e-mail and social media accounts when not in use. If your computer is accessed somehow, a hacker’s access to these accounts is wide open. A more secure site, like online banking, will log you out automatically after a specific amount of time.
Software Updates
As soon as a hacker has found a new exploit, the software companies will learn about it and make an update available within days. The hacker community is tight; other hackers will look for software that is not updated and exploit the hack. Avoid the copycat hackers by staying on top of your software updates, not just your anti-virus, but also your Microsoft and other software updates. Doing this will eliminate a great deal of the risk out there.
Sharing Logins
If multiple team members need to access your software, consider setting up additional users rather than having one account. If one person gets hacked, the others will likely still have access and can react quicker to the intrusion.
Stay Safe Out There
How many of these are you already doing? None of the recommendations are difficult, but they can all cut your risk significantly. Taking the time to safeguard yourself will help you avoid possible issues in the future.