The concepts around cyber security have always seemed so complex to me and often make me feel like we are in a no win situation. It is usually presented in a way that is unnerving and I walk away not sure where to begin. At a recent CPA convention, there was a cyber security expert who spoke on some ways we can be more secure. I think this was the first time this scary and complex topic was presented to me with some action items that are doable even for the non tech savvy professional. The following steps are my takeaways and are in no particular order:
Step 1: Always have up to date virus and security software running – We all download security software at some point, but whether we keep it up to date is another story. This is your first line of defense for something dangerous getting onto your computer and is not a difficult step. It is a must.
Step 2: Encrypt your hard drive – Your windows password is not enough to keep someone from accessing your data if your laptop were stolen. Encryption software such as Bit Locker, Pretty Good Privacy, Folder Locker, etc. are good options to ensure data stored on your laptop cannot be accessed by others.
Step 3: If you don’t know what it is, don’t click! – Typically, the most damage is done when someone clicks on a link from some crazy, unknown e-mail they receive. By doing so, they have invited a bug or hacker onto their computer and have opened the door for a multitude of issues. Be smart!
Step 4: Use very secure, unique passwords – Everyone is guilty of this to some degree. We are so afraid of losing our passwords that we create a password that is very easy for us to remember and we use it everywhere! There are many password generating tools out there that will create passwords that are very unique. This security expert also recommends using a personal method to create a password that would only be possible for you to recall, like the first letters from the title of your favorite movie (mixed case), some numbers, and some other special characters.
Step 5: Start using a secure password manager – Software like Last Pass enables you to save and easily manage your passwords. With a tool like this, it is much easier to make your passwords complex enough for a higher level of security, without the fear of losing them or keeping track of them in an “unsecure” way (like on a piece of paper in your desk drawer). When you access a website where your log-in information is required, Last Pass will log in for you. Then, you need to have a very secure password for your password manager and keep that in a very save place, like a safety deposit box at your bank.
Step 6: Encrypt your files before putting them in the cloud – The presenter actually likes the cloud and likes file sharing services like Dropbox. Although Dropbox does have a layer of encryption, once a hacker is inside Dropbox, they can turn off the encryption and access files. In order to keep using these services securely, you should encrypt the files before saving them to Dropbox. There are complex ways to do this with zip files and folders or you can simply encrypt an individual file.
These steps are by no means all inclusive, nor are they guaranteed. But, they will get us a step or two closer to feeling more secure out there and moving in the right direction to keep our data safe.