Today’s business leaders often don’t realize the biggest threat is the human element. One has to look not much further than the daily news and what is often the top story? A data breach - Someone’s data was stolen. Was it your data? This time you are safe, it wasn’t you. Are you ready for when it is you?
I’ve Been Hacked, Somebody Call 911
With hearing about so many data breaches, you may be worried about your online security; and you should be worried. As we bring more aspects of our lives online, we don’t limit our personal data to just our Linked-In or Facebook page. We provide some or our deepest and darkest secrets in what we purchase, in what we use and in what data we store. As the risks of cyber-crime increase, there are ways in which you may want to look to better protect yourself.
Below is a list of some efforts I use to protect my data and wanted to share so you can safeguard your Web accounts, devices and data as well as some tips on how to detect if you’ve been hacked and what to do about it.
Defending Your Data in the Cloud
There are numerous precautions that you can take in order to protect yourself, your organization and your data from hackers. It doesn’t matter where you store your information, on the Cloud or on a local machine, one of the easiest and simplest ways to protect your data is to create strong, unique passwords of at least 14 characters for every one of your accounts.
Yet Most People Fall for It,… Why?
While it’s tempting to use something like your child’s name and birthday because it’s easier to remember, creating a password with a random mix of uppercase and lowercase letters, numbers and characters will be harder to crack and you should use at least 14 characters, personally, I use 24.
There are password management apps like 1Password, KeyPass, KeePass LastPass or others you can use to generate and store your strong passcodes for every reason you need to log-in to technology. The only thing you have to remember is the one strong password to get into your password manager. When choosing such a program, look for one that uses an industry-accepted standard for encryption like Advanced Encryption Standard (AES) and as well as one that stores your passwords locally or in the cloud as there are reasons for both.
Another safety measure you should take, when available, is to enable two-factor authentication. Two-factor authentication requires and extra form of identification beyond using only your login ID and password. 2-Factor authentication may be PIN you get from your phone, a key-fob or maybe even your fingerprint.
Although two (2) factor authentication isn’t impervious to attacks, it does add an extra layer of protection. Many popular Web services, including Microsoft, Apple, Gmail, Facebook, Twitter, Dropbox and many others offer two-factor authentication. It might take more time, but the extra layer of protection it provides is tremendous, so for your mental safety, take the extra few minutes to turn it on.
Be suspicious of emails asking for personal information. A lot of hackers use a method called “phishing” that aims to gather sensitive data from you by sending an email that looks like it’s from a legitimate entity like your bank or credit card company. Some signs of a scam might be requests for immediate action, spelling and grammar mistakes, and suspicious links. Do not respond to these. Instead, call up the organization which supposedly sent the email and confirm if it’s legit or alert them or someone in your security department/team to the issue.
Also, it should go without saying, but in general, don’t click on suspicious links or browse unsafe websites. Only install applications that come from trusted, well-known sources and be sure the operating system and apps on your computers and mobile devices are updated with the latest versions and patches.
Here are some more specific tips for different Internet activities:
E-mail & Social Media
Think twice about what you post to your social networks and monitor what others post about you. There’s a chance hackers might use your social profile pages to gather personal information about you and try to guess your password or answers to your secret question.
Check your account’s privacy settings and look to limit the information you share with your family, friends and public because once you create it, there will always be a copy of it.
Utilize separate email addresses for your personal communication and one for everything else. Example, you might use a non-personal email address for websites requiring you to register with a user name and password.
The Cloud
If you back up your files to the cloud, remember even though you delete them on your computer or mobile device, they’re still stored in the cloud. To completely delete the file, you’ll also need to remove it from your backups and cloud service.
Surfing the Web
Don’t respond to pop-up windows. EVER!
Secure your home Wi-Fi network using WPA-2 or better yet, AES encryption settings.
Set your Web browser to auto-update to ensure that you’re running the most current version.
Online Transactions
Don’t use public computers or public Wi-Fi networks to make any transactions. The machines might contain malicious software that can collect your credit card information, and criminals could also be monitoring public Wi-Fi networks for similar information.
Know the Signs
http://fieldguide.gizmodo.com/the-quickest-way-to-find-out-if-youve-been-hacked-1786777980
How do you know if you’ve been hacked or indeed been “pwned?” Check the account in question for suspicious activity and change your password at the earliest opportunity. It’s a good idea to turn on two-step verification as well, if you haven’t already done so. Remember hackers might try your email address and password combination on other sites and services too, one of many reasons why you shouldn’t use the same password for everything.
There may be some obvious signs. For example, you may start getting emails from your friends saying they received a strange message from your email address. Or your bank or credit card company might call you about some suspicious activity on your account. If you installed a mobile app with malware on your smartphone, you might find some unauthorized charges on your phone bill.
There are other subtle indicators. You may find new toolbars installed on your Web browser or new software on your computer. Your computer may also start behaving strangely or slow to a crawl.
These are all signs that you might have been hacked.
You’ve Been Hacked. Now What
If you have been hacked, the first thing you should do is reset your passwords using a strong password.
I recommend starting with your email account, followed by your financial and other critical accounts. This is because password resets for all your other accounts are typically sent to your email.
If you’re locked out of your account or blocked from accessing it, many Web services have steps in place so you log in with a new password. For example, Facebook has a system where you can use a trusted source like a friend to take back your account. Search each service’s help section for specific instructions.
Additionally, you should let your friends and contacts know you’ve been hacked and report it to your malware or antivirus provider and if known, you may also want to report it to those who gave it to you. A best practice is to run a scan of your computer or mobile device every night using a trusted and up-to-date antivirus program.
In the case of identity theft, order a copy of your credit reports, and file an initial fraud alert with the three major credit bureaus: Experian, Equifax and TransUnion. You and your insurance company may want to contact your local police and report the identity theft, and request new cards from your bank and credit card companies. You should also continue to monitor your monthly statements for any more unusual activity.
Unfortunately, there’s no way to completely eliminate the risk of hack attacks and other cyber-crimes. But by taking some safeguards and arming yourself with the knowledge of what actions to take in the event of an attack, you can help better protect yourself and minimize damage.
If you’ve been hacked and can’t stop the bleeding, it may be time to give me a call.
Ready to keep your data and people safe
Need to spitball an idea
If so, give me a call because I can help you beat the hackers
Have an awesome day!