Have You Been Hacked?
How to Minimize Your Risk

 

Just about every day, we read in the news that another company has been hacked.  In fact, you might have already been directly affected by the password thefts at LinkedIn last year.  Or you might have had your own social media account, email, or bank account compromised.  Worse, many people get hacked but don’t even know it for some time. 

So how can you minimize the damage and risk of hackers?  Here are several tips, some familiar, some not so familiar.  As you go through the list, check off the ones you’re already doing and make a list of new ideas to implement to protect your business and personal assets.    

Money, Honey

Implement strong passwords on all of your financial accounts:  banks, credit unions, PayPal, credit cards, and your accounting system.  We know it’s painful, but do not use the same password for your financial accounts anywhere else, especially social media!  If possible, use a different password for each account to reduce risk further. 

What’s Your Password?

Here are some quick password tips:

  • Do not use your name, your pet’s names or your kid’s names in your passwords.  There’s just too much information available publicly to do that safely anymore. 
  • Mix up letters, numbers, capital letters, and special characters, if they are allowed.
  • The longer, the more secure; most apps require at least 8 digits.    
  • Change passwords quarterly to be on the safe side. 

Password Storage

Most apps that help you save time with passwords are NOT safe! Often times they are little more than “field fillers”.  Here’s what we do and don’t recommend: 

DO:

  • Password-protect your computer, even though you don’t have to.
  • Consider using some secure password management software. Two popular options are LastPass and 1Password. These apps allow you to securely store, track, generate, and manage all of your passwords, eliminating the need to remember the dozens of unique combinations simple but still secure.
  • You can also keep a record of your passwords offline, but be sure to lock it up in a safe. 
  • When you make file and disk backups, be sure those are locked up and password-protected too.  They will no longer have your PC password to protect them. 

DON’T

  • Don’t give in to your browser or any website when it asks to remember your user ID and password, especially for your financial accounts or client information.  All of the major browsers have been hacked – Internet Explorer, Chrome, Firefox, and even Safari.      

Vulnerable Applications
Avoid leaving vulnerable PC ports open and unattended, including chat, messaging, FTP (file transfer protocol), Skype, webinars, Google hangouts, video sharing, and the like. It’s like having all the doors and windows unlocked in your house; an intruder has a lot of choices for easy entry.  When you are on these more vulnerable connections, shut the others down, and close the applications you don’t need.  Then logoff when you are done. 

A Plug for Software      

As soon as a hacker has found a new exploit, the software companies will learn about it and make an update available within days.  The hacker community is tight; other hackers will look for software that is not updated and exploit the hack.  Avoid the copycat hackers by staying on top of your software updates, not just your anti-virus, but also Microsoft and other software updates.  Doing this will eliminate much of the risk. 

New Users

If multiple team members need to access your software, consider setting up additional users rather than having one account.  If one person gets hacked, the others will likely still have access and can react quicker to the intrusion. 

How many of these are you already doing?  Give yourself a reward, and then get busy implementing the rest so you can stay safe.