When it comes to online security it is true that we are often the weakest link in the security chain. Even when we are up to date on security risks you will find that for all sorts of reasons we make mistakes. Last Tuesday an engineer at Amazon’s web servers made a typo and caused world wide outage, it happens.
Crime is with 75%, the largest motivation in today's cyber attacks. 97% of all attacks gained access through links in phishing mails which installed malware to either collect or encrypt your information. #ransomeware
As a small company, or probably you work alone and possibly from home? Then you actually have similar or the same security issues as large companies do. A lot of small companies think that it costs too much to protect themselves against cyber threats and just hope that things go ok.
It is a good idea to take time to discuss cyber security and built user awareness with the people that you work with. Saying that you don’t have the time, money or in-house knowledge is really no excuse. Think again about how successfully those 97% of attacks occurred. #phishing
Do we expect too much from technology or would techniques like stripping out attachments from emails and setting all inboxes to plain text to prevent phishing mails be a good idea. Locking everything down is probably not the best route to take as it’s just defeating the purpose of communications and limiting the powers of the internet. Productivity would slow down, and attackers would just use different techniques. #user-awareness
Using the most advanced tools to protect your company will not protect you if you do not have and use, a security plan.
What can we do to minimize security risks.
1. Stop clicking willy–nilly on links in emails. Nearly 80% of people know not to click on unknown links and out of CURIOSITY over 50% of people still click them.
2. Make backups and set your computers to make automatic backups, it’s also important to keep copies of old backups. Backups are great but if recent backups are also infected you always have older versions to fall back on. #backups
3. Keep computer software including mobiles, modems, and other appliances updated with compatible software.
4. Use a VPN connection to and from the office. A private secure connection does give a good feeling and VPN is getting easier to use.
5. Protect your customer data. If you have customer information on your laptops, server or websites it’s a must to make sure that it’s secure.
6. Where needed make everyone separate logins and never share admin or super admin level passwords.
7. Use a firewall and virus scanner (paid versions)
8. Don’t just give your Wi-Fi passwords to guests, setup a guest Wi-Fi account.
9. Smartphones are a security weak-spot. Apps have access to a lot more information than you think, delete apps that you don’t regularly use.
10. When out of the office never use unprotected WI-Fi spots.
11. You probably use social media, then it’s important to use “Two Step Verification”. It is easy to use and you can export and save a list of backup codes.
12. Don't just use USB sticks without scanning it first, yes they are still around.
13. Encryption is also getting easier to use. Use encryption to protect your data. Tip: You can encrypt a MacBook with 5 clicks of a mouse.
14. Make a “change password day” get into the habit of using longer and strong passwords. Nowadays you don’t need to remember passwords. For security reasons you need longer and different passwords for all accounts, websites and appliances. Your going to need a password manager. #Do-it
If you do get ransomeware in your system and your computers get locked/encrypted remember one thing, “never pay ransom”. Clean the computers or get someone to do it for you and reinstall the operating system. Paying means that your just buying time, they will reactivate the ransomware at a later date, if at all. But you have backups right!
Don't let curiosity kill the cat?
Stephen Cassidy