February 26, 2020
Whether your internet network serves your home devices, your home office, or a small to medium business, internet data security is always an ongoing concern. The threat of cyber-attacks, hackers, and other malicious actors continues to increase as more and more of our business and personal financial lives are conducted over the internet on connective devices and in the cloud. Here are some basic common sense ways to improve your personal and business data security’s exposure over the internet.
We often focus on perimeter security to the extent that our system’s overall infrastructure security suffers. Many times the vast majority of security budgeting and planning goes into firewall protection. There are multiple ways that a firewall can be penetrated or defeated by persons with access to system information and weaknesses. Firewalls are very important but are just the beginning of comprehensive data security.
Layered security systems are important for defeating hackers and cyber attacks. Every device on your network should be running fully updated operating systems and using applications that are updated with all available security patches. It is essential that you have operating systems, applications, and programs that automatically update or that you manually check for updates regularly. Internal devices should all also have filtering and antivirus software installed and operating properly. Depending on the size and scope of the data that you are protecting, investing in intrusion/attack detection and continuous monitoring software may also be useful for cost-effective and efficient data infrastructure security.
Whether you have local family users on your personal network or have co-workers and employees accessing data and network resources locally or remotely, it is critical that every person on your network understands and uses best security practices.
No one should ever click on links in any form of messaging from unknown and untrusted sources, whether inside emails, texts, or instant messages. All users should log off all applications properly when finished using them, and credentials should not be saved on operating systems or inside programs. Implementing dual authorization of any financial transactions, which requires your additional authorization, also adds an extra layer of protection.
Your social networking applications contain vast amounts of personal information about all aspects of your online activities. If you ignore privacy settings on any of the platforms that you use, the default settings likely provide visibility over the internet that would shock you. For every platform and application that you use you should carefully check the privacy settings. You should understand the settings and select what you want to share with anyone, only with contacts or friends, or with no one at all.
In addition to social networks, you should understand how your private information might be visible on online storage services. Unless you understand the privacy settings on Google Docs, you should not use it to store sensitive personal information. If you are using Dropbox for storing sensitive data you should understand how to use encryption to archive your information.
Your everyday web surfing is also a possible security threat depending on the browser you use and the privacy settings you select. Even incognito mode with common browsers is vulnerable to tracking by marketers and search engines. There are software add-on options available that can assist in avoiding internet tracking.
Weak passwords are much more vulnerable than in previous times, as hacking techniques and methods become more advanced. Use complex and lengthy passwords in every use that requires password security. Go for 12 or more characters and include a mixture of capitals and lowercase letters, numbers, and special symbols. Use a different password for every service or application in the event that a single password is compromised somehow. In order to keep your passwords securely stored and accessible to you only, look for a quality password manager program.
If you share your primary email address or phone number with any online application or website, you are inviting an unlimited number of spam emails, text messages, and telemarketing calls by voluntarily placing your contact information on marketing lists that are sold all around the world. If you need to sign up for an unknown service, use an alternate email address or even an alternate phone number. If you decide later that the resource is trusted and you want to use your primary contact information, you can update as needed.
Bonus Tip: Use Two Factor Authentication (2FA) on Email Accounts
Two factor authentication (2FA) is an extra layer of security beyond a password that makes security breaches of your accounts much more difficult. The two most common ways to implement 2FA is through a physical key that verifies through connecting to your physical devices such as Yubikey or app-based 2FA options like Google Authenticator and Authy. Both systems make access to your accounts nearly impossible without physical access to your access key (Sim swapping attacks being the only exception).
Most people implement 2FA through app-based verification. The 2FA apps are connected to your accounts, using a mathematical algorithm with a numerical code that rotates every minute, specific to your account. After you enter your username and password, there’s a prompt to enter your 2FA code to access the account.
2FA has been available on popular email services such as Gmail for many years. Using 2FA on your email is critical since email provides access to personal information and the ability to reset the passwords of your other accounts. Additionally, there have been many significant data breaches over the past several years were usernames, passwords and emails have been obtained by hackers. In many cases, people use the same passwords at multiple sites, making them easy targets for criminal activity. Learn more about 2FA and implementing it into your account security at Google.
There are many messaging apps in use today, with more being developed all the time. Modern messaging is quickly supplanting email, text messaging, and voice calling as the go-to way to communicate with family, friends, and even for business purposes. Most messaging apps use encryption, although the default method is “in transit” encryption. This encryption is deciphered by the app provider and messages are stored on their servers. If those servers are compromised in any way, your data is exposed. By choosing end-to-end encryption only you and your end-user will be able to see the information you share. Be sure to determine if your messaging app uses end-to-end encryption by default or if it can be selected for specific or all conversations.
Join thousands of Chicago and Milwaukee residents who have discovered the true gigabit speed and concierge-level 24/7/365 personal customer service that SilverIP delivers without contracts, fees, or taxes, starting at $35/month. Click here to get started.