Cybersecurity Awareness Month
As you may have heard, October is Cybersecurity Awareness Month. Knowing this and actually understanding what this might mean to you at work and home could leave you exposed to any number of vulnerabilities or cyber-threats that can cause you many headaches! Here are some ideas (or maybe a better way to look at this, some goals and objectives) you can use to work through this month on figuring out how best to protect yourself against the criminal or unauthorized use of your electronic data.
For the first week, we’ll look at some online safety tip and recommendations.
- Home: Check your online accounts and passwords. Change passwords if they haven’t been changed in over 90 days. Double check expenses showing up on your credit cards and bank statements. Remember, it only takes one scan or swipe for cyber-theft to happen. It could take you weeks or longer to realize it, and weeks to months to track it down and potentially correct it.
For the second week, let’s look to the work place and what you could do to be sure you’re keeping your work product and intellectual property safe.
- Work: Participate in training as much as you possibly can. What you learn at work can many times be applied at home too! Make sure you actually log out of or lock your desktop or workstation when you leave your desk. Be aware of what you open or have access to. Remember, needing elevated access rights to do your job also means you have elevated responsibility to your company and protecting your work products. Alert you Security Team or IT Team immediately when you see or experience anything out of your normal work operations. Always remember, better safe than sorry!
For the third week, we will work on how to protect yourself from cyber-attacks and cybercrime.
- Self: To start, let’s pick an easy item to work on, your computer’s defense system. Keeping your computer’s anti-virus, anti-malware and operating system patches or updates current, simply put is your biggest win! Never let your anti-virus system go longer than a week without initiating a full system scan. Does it take time to do this? Yes, absolutely. Is the return on investment of time and resource worth it? Yes absolutely! Actually, even more so than you may realize.
- Next up; many of you may have heard the phrase “Patch Tuesday” from working with Microsoft systems. Make sure you are allowing your Windows desktops to be updated as the patches become available. Same is true with any other platforms. Apple has updates. Smartphones have updates. Stay vigilant on this! Don’t let yourself fall behind on this process; it could be one of the hardest lessons you’ll ever have to learn to get yourself back to an operational state again!
For the fourth week, our focus will be on your connection to the outside world and what steps you could take to ensure you’re not giving away your house or car keys to anyone.
- Connectivity: Whether you use a wireless or wired connection, you’re always at risk of being hacked or exploited from a number of Internet threats or unauthorized illegal access to your information or device(s). For wireless, be sure you have configured an encryption method. For example, you should be working with a security technique such as Wi-Fi Protected Access (WPA) or Wired Equivalent Privacy (WEP). WPA2 is strongest; and you should use this if you have the choice too. Older routers used WEP. It’s not as strong or useful as WPA, so if you have the means to do so, consider upgrading to a router that can support WPA. You should also consider changing the name of your router. Typically, out of the box the name or SSID (Service Set IDentifier) is configured as a default. And yes, generally, all default settings from the factory come set the same. If you have a Netgear router and your neighbor has a Netgear router, it’s likely you have the same SSID configured from the factory. Take this time on our Cybersecurity Awareness Month plan, to change your SSID. Or, better yet, some routers allow you to hide the SSID from broadcasting as well.
For the fifth and final week, we will turn our focus to that painful discussion, backup and recovery.
- Backup and Recovery: We start with a topic that has generally been left off the discussion list for a plethora of reasons over time. I don’t have time to backup. I’m not worried about my data or information, since I’ve never had a problem before. Why backup, when now I have this thing called a cloud something or other. Reason after reason…it still comes down to, not doing any backup at all is a recipe for major disaster! You accidentally open an email that had a link, which you somehow clicked on and it apparently started running something. This link now runs or puts something you don’t want on your computer. You probably don’t or wouldn’t even know about it initially. Now the issue starts… You try to open something you’ve worked on or have been using successfully just hours ago, maybe a day or week ago. It stops working as you expect it to! Why?? Well, besides potentially not having your protective software updated regularly and your operating system patched regularly, you haven’t backed up data in months. Maybe have never backed up any of your data. So, what now? You want to pay some amount of money to get your data and information back? Maybe get it back, if that even works at all. No, you don’t want to do that. You want to go to your backed up data and restore it back to a working edition. Does this mean you may lose a day or two, maybe even a week of something? Yes, that could happen, but at least you’ll typically have a good base line to start back with. Backing up your data and information is a critical step to providing your defensive position and ability to recover effectively. Last point; Don’t wait until you have to use your backup in an emergency to see if you can restore your data. Run a restore of your backed up data, every couple of weeks or month or so, to ensure your backups are working properly! Run your programs on the restored data to ensure it was processed correctly and accessible!