Cyber attacks are increasingly troublesome, both in terms of the number and their sophistication. In fact more than 4,000 ransomware attacks occurred every day in 2016 according to research by Computer Crime and Intellectual Property Section. that's a massive 300% increase on 2015. Add that to the fact that research from Panda Labs indicates that there were 8 million new malware samples captured in Q3 2016 alone; it’s clear to see the problem is growing, and it’s growing fast.
Why then do individuals and small-to-medium businesses (SMBs) continue to neglect the need for greater IT security?
Protecting yourself and your business from security threats should, by now, be as normal as securing your personal belongings. Common sense tells you not to leave your house unlocked for fear of intruders, the same thought process should apply when it comes to using antivirus products, setting passwords, and using free Wi-Fi connections without a VPN (virtual private network).
The good news is that there are plenty of simple measures you can take to safeguard yourself and your SMB from cyberattacks. Hopefully, you’ve already taken some measures to protect your business from cyber security threats, but if not (or if you need to run a sanity check), here’s three tips to help, which I encourage you to share with your colleagues.
People can fall into bad habits with passwords because they worry they won’t be able to remember them, but if you can memorise all your passwords, you can almost guarantee that they aren’t varied enough to be secure. In fact, Preempt, a team of global security and networking experts, announced earlier this year that 35% of users have weak passwords; and the other 65% can be cracked. That’s quite alarming, right?
So, the best way to ‘remember’ all your passwords is to let technology do it for you; use an enterprise password manager. There are plenty of affordable options online, just be sure to choose a reputable one (I like Dashlane). You could then go a step further and use your password manager to generate secure random passwords for you, rather than trying to invent your own. If you do take the route of creating your own, then create strong, unique passwords for all accounts. Good passwords are more than eight characters, and have a combination of letters, numbers, and special characters.
Why do passwords need to be unique? Unfortunately, it’s not uncommon for services and databases to get hacked, leaking a large volume of password data to the public. If this happens, you want to limit the damage, ensuring that only one site you’re connected to is compromised. Remember how last year over 117 million LinkedIn passwords were leaked online? Imagine the damage if your LinkedIn password also happened to be the password that you use for your email or your PayPal account...
So remember, passwords should be treated with the same level of care as your house keys. And if any of your passwords match with those found on this list, I highly recommend you change them… quickly!
The first rule of email security is don’t open suspicious emails. Seriously … DO NOT OPEN SUSPICIOUS EMAILS!
Not sure how to recognise a dangerous email? Here are just a few of the telltale signs:
Be careful when clicking links in emails (or on other webpages), does it look as you expect it to. Is the URL mismatched? Or misspelt? Don’t click! Clicking on unknown links may lead you to a 'phishing' site (used to harvest usernames and passwords) or to download a virus or malicious software that will make your device vulnerable to hacking. If you think the link looks genuine but you’re still not 100% confident, copy the link and open the site using using “https://” at the beginning of the web address (note the s at the end of http). This will encrypt your data. If you see a green padlock next to the address, the website is secure.
The same is true when it comes to downloading files, even if they appear to be from a reputable source. Downloading an attachment could provide an open door for hackers, so you need to carefully consider whether attachments can be trusted. Also, remember that free software can often be a hiding place for malware, so be intelligent about what you choose to download. The software might be free, but the long-term damage to your technology and your business could be very pricey.
Trust me, it’s a worthwhile investment. As thousands of new viruses are detected every year there’s no way you can avoid the ever-increasing risk without protective software in place.
In fact, most antivirus software automatically downloads updates on existing viruses and new threats, and automatically scans your emails, monitors your files, scans your computer, and protects you from dangerous websites and downloads. Consider it a back-up to you failing to heed the advice in tip two.Even the most tech-savvy and aware users among us will download some form of malware at some point, without anti-virus software in place as a back up.
If you’d like more information on the risks individuals and SMEs face online, and what you can do protect yourself and your company, then UK IT Services is here to help.
From general advice and education, through policy creation and software selection, to the provision of a managed service, why not get in touch to see how UK IT Services can help you.