Recommended Practices

One of the largest issues with modern technology is the lack of education of information security. Our passion is to help businesses grow aware of major threats to their employees and to present solutions to meet their security needs. Here are 3 basic practices I recommend you start with to begin protecting your business.

  1. Never Directly Click on Email Links or Download Unknown Documents Let’s say your coworker sends you an email with a random invoice for an order you don’t remember. He is requesting you take a look at it to see if all of the details are correct on your order. Naturally curious, you would likely open the document and unknowingly download some type of malware onto your system. This is called a phishing attempt. This happens when a hacker pretends to be someone else in order to get you to give your information or download something so they can take it themselves. The best thing you can do to prevent this is to always be paranoid. If you didn’t directly request the document, contact the sender and confirm they were the one who sent it. If they sent you a link, copy and paste the link location directly into your browser to confirm it is directing you to the right destination. Lastly, if everything else checks out, look at the email address to see if it looks right (eg. TSullivam@(company).com.ru probably isn’t someone you want to get email from).
  2. Get a Password Manager and Use Complex Passwords A little over a month ago, Mark Zuckerberg’s twitter account got hacked. It wasn’t because someone directly hacked into his account, but instead it was because he used the same, easy password (dadada) on a less secure site. But, he is not alone. In a recent survey, LastPass showed that 59% of Americans users re-use the same passwords for multiple sites. This security gap can be easily prevented creating different passwords for each site and using a password manager to store them all. Nowadays, security professionals recommend 10 characters minimum with upper, lower, digits, and special characters. While this may seem daunting, most password managers are designed to not only securely store your passwords but generate them for you. Some also fill in the passwords for you, making the process all the more easy.
  3. Avoid Using Public Wi-Fi Public Wi-Fi is the bane of security. Information sent and relieved over public Wi-Fi is completely unecrypted, readily available for anyone one on the network to see. This means that when you are at that favorite coffee shop of yours, all of the banking , social media, and business information you access while on their public Wi-Fi is readily available to be read and captured. Some websites are beginning to implement HTTPS, thereby countering the attacks hackers are doing on the network, but most are not, leaving you open to attack. One solution is to simply avoid using public Wi-Fi hotspots. Instead, use cellular data and encrpyted Wi-Fi connections (the ones that require a password). If you must use public Wi-Fi, get a VPN, specifically one the uses SSL as its main protocol.