What’s Next for Your Online Security?
Last year, online security breaches compromised 6,000,000 Facebook accounts, 250,000 Twitter accounts and 780,000 Medicaid records in 2012, notes Fast Company. During the past two years, attacks have hit companies as big as Apple and Sony. If technologically sophisticated giants such as these are vulnerable, what can entrepreneurs and home workers do to protect their online security? Although there’s no foolproof solution, there are some simple best practices that smaller users can implement to protect themselves.
Computers Aren’t Dangerous, People Are
Computers are ultimately dumb machines that do what they’re programmed to do, and the root risk to online security comes from human beings. Recent research has found that vengeful employees and criminal organizations account for the largest percentage of corporate data breaches, ahead of system glitches and worker negligence. Closer to home, dating partners and spouses can compromise your security by using a shared device or password or sharing sensitive information through email or social media.
Avoid these problems by factoring in the human element. Keep your most sensitive passwords away from your spouse. If you have a shared bank account, agree on who will access it, and from what devices. Don’t share passwords among home and work devices. Don’t use obvious information such as maiden names for security challenge questions. Don’t leave password clues where they can be seen at work or online. Change security information if you break up with your spouse or significant other.
Beware of Botnets
Hacking programs can lower your guard by invading contact lists of your family or friends and using the information to send you phony messages spoofing someone you trust. This illustrates a type of security invasion known as a “botnet” attack, so called because it targets a network of connected users with the aim of turning their computers and accounts into robots that automatically attack others.
To prevent botnet attacks, protect all your devices, including mobile devices, USB sticks and CDs. In an age of smart homes, don’t forget to secure any home automation systems you use by signing up for a tech-savvy home security service from SecurityCompanies.com or a similar service. Keep your software and anti-virus updates current, since outdated programs are more vulnerable. Avoid opening suspicious emails, pop-ups or instant messages, or clicking on links in them. This includes messages warning you about viruses, which are often fake. Don’t supply personal information to unknown sites or apps.
Double Your Protection with Two-Factor Authentication
Unfortunately, hacking programs have grown sophisticated enough that they can crack passwords guarded by traditional methods. To defend against this, service providers such as Google have begun reinforcing passwords with additional security barriers, a practice known as “two-factor” or “multi-factor” authentication borrowed from the financial industry where it has been widely used.
You’ve probably encountered various applications of two-factor authentication already. One common example in banking is when an ATM machine uses a physical card, as well as a PIN.
Protect Your Password
Passwords are one half of two-factor authentication, and it’s important to follow password best practices At one time, security advisers counseled clients to outwit hackers by using word substitutions such as “Pa55w0rd.” Today’s hacking programs can easily crack predictable tricks such as this with short character strings. The more characters in your password, the greater mathematical challenge a hacker faces, so your best protection is to use the greatest number of characters allowed.
Security questions often serve to support passwords, and it’s important to make these hard to crack, as well. A good technique is to use long strings of nonsense answers that don’t have anything to do with the question you were asked. The confusing answer will puzzle human hackers, while the long character string will frustrate bots.
For both passwords and security questions, be careful not to reuse information on different accounts. This prevents a hacker from using one of your accounts to access others.
Identity thieves may also try to get your information by hacking the email account you use for password recovery. You can prevent this by using a secure email for password retrieval. Do your best to keep any email accounts you use for password recovery or other sensitive purposes from displaying online. Cybercriminals may try to harvest your email by searching online, so be careful where you allow your email accounts to be publicly viewed.