Don't Get Hacked -- Tools to Fight Cyber Attacks
Here's an unfortunate and immutable fact: You will never be 100 percent immune to hacking.
If someone targets and wants to get something from you, they'll figure out a way in. Even if your small business judiciously focuses on tightening security, you have a countless number of cyber doors to protect, and the bad guys only need to access one. It's a battle of asymmetry.
The world of cybersecurity and online predators may sound scary to you, and you're right to be concerned. But, you should know that a large number of cyber attacks are preventable. According to a 2012 Verizon study, 79 percent of hacking victims were targets of opportunity and 97 percent of these were avoidable using simple tools.
Let's say you live on a cul-de-sac with eight neighbors and there is a known burglar roaming your area. All but one of your neighbors locks their doors at night. The burglar finds his way to your home, checks the doors and finds them all locked. He checks the other houses, until he comes across your neighbor who didn't lock his doors. Your neighbor has just been the victim of opportunity and the burglar makes off with several valuables.
This is a simple analogy, and it's quite apropos for the cybersecurity world. So many attacks are perpetrated against people who didn't lock their cyber doors, or didn't even know they had to lock every one of them. If you fall into one of these groups, you dramatically increase the likelihood that you or your business will suffer the consequences of a cyber attack.
It is your responsibility to protect company data, your colleagues, and most importantly, yourself from cyber threats. If you have an IT team and they're not negligent, they will provide you with the requisite technology. It's incumbent upon you to listen to their recommendations, using the tools they provide. Without a team or individual dedicated to technology, you can still take steps to protect yourself.
The more employees your business has, the more entry points there are into your systems. A hacker could potentially exploit any of them through simple attacks. Not only that, but each employee typically has multiple devices that hold company data, so that multiplies the risk.
Password protect as much as possible.
At Atlantic Media, we have close to 500 employees and every one of them is required to lock down their computers and mobile devices with a password. Without this, they aren't permitted to access company resources.
Even though these are trivial changes, people still complain about the inconvenience placed on them. A similar argument would claim that seat belts are inconvenient. Like a car accident, being hacked is a low-probability, high-cost event. And yet, similar to an accident, much of the damage can be mitigated with very little effort. I would be doing a terrible job if I didn't push these password policies, and frankly, I would rather be accused of inconveniencing people than have to respond to a serious security incident or data breach.
Increasingly, your data is stored online in the cloud and probably spread across multiple vendors, all of which, require you to remember a password. It's impossible to remember all of those passwords, but don't fall into the trap of reusing the same password, or even worse, writing them on a sticky placed under your keyboard.
#insert related here#
Make remembering passwords easy.
Here's a tip for passwords: Instead of using your pet's name, try a catchy song lyric like "Life is a highway. I want to ride it all night long." If the full lyric is too long, you can use the first letter of each word: liahiwtrianl, for example. These are far easier to remember and much more secure.
One tool that I highly recommend is LastPass or 1Password to help manage your passwords. These tools will safely encrypt and store your passwords. Instead of remembering all of your passwords, you only need to remember one really secure password to unlock the tool.
Start using two-step verification.
You and your company likely rely on social networking sites for communication and marketing. These are fertile grounds for scammers and hackers wanting to steal data or identities. If a simple password is the only thing protecting your Facebook account, imagine the damage that can be caused if a hacker broke in. I'm not only talking about the damage to you personally. You are also putting your friends and contacts at risk of identity theft.
If a hacker has access to your account, they can see everything you normally would see, including your friends' user profile information. The real-world analogy here is your neighbor leaving his doors unlocked and you get robbed, despite having locked your doors. How outraged would you be?
Social networking brings us closer together, but with that comes greater responsibility. You are only as safe as the weakest link in your group of digital friends.
You can take responsibility and mitigate this with two-step verification. This means there are two steps required for you to login -- the first being your password and the second being a short code that is sent to you via text message. All the major digital companies now support this including Google, Facebook, Twitter, LinkedIn, Dropbox, Box, Outlook.com, and Mailchimp, often used for sending marketing emails.
This is like adding a heavy-duty deadbolt lock to your door for greater protection. If you aren't using two-step authentication for your professional and personal accounts, you're just asking to be a victim of opportunity.
The connected digital economy is full of scammers and hackers. But, if you are aware of the dangers and take simple steps to mitigate the risks, you significantly decrease the probability of a damaging attack on your data and business. You have all the tools to eliminate the probability of being a victim of opportunity. Use them, so you can get back to focusing on your business.
Tom Cochran is the deputy coordinator for platforms at the U.S. Department of State. In this role, he is responsible for the global infrastructure supporting U.S. embassy web sites and a network of 700 American Spaces for public diplomacy and engaging foreign audiences. His most recent previous positions have included chief technology officer at Atlantic Media and director of new media technologies at the White House.