New Years resolutions come, and New Years resolutions go, but one resolution that everyone should make is the promise to be more secure in 2013. This first blog post of 2013 hopes to start off the New Year with a big bang and focus on simple best practices we can use to make our sensitive data and our lives more secure.
Resolution #1: Do you know what’s really in your email? Email is such an ubiquitous part of our culture now, but it is still an avenue of attack from thieves that want to install malicious software on our machines. Never open attachments from anyone you do not personally know. And since it’s easy to make an email appear to come from anyone, when an attachment is received, it’s reasonable to call the person who sent the email and double check that they really did send an attachment. It’s also important to remember that your bank, credit card provider, and other financial institutions will NEVER send an email asking you to give them your username and password.
Resolution #2: Understand the danger of malware Simply browsing the Internet could make anyone the target of malicious software. When browsing on a website that is not a familiar name, be very wary of your browser asking to install a patch or download a piece of software. To stay as secure as possible, stick to familiar websites. The Internet is still the Wild Wild West and not a safe and secure theme park as it may seem.
Resolution #3: Protect your mobile device! Now that almost everyone has a mobile device, securing these devices is a big concern. Always have a security lock on your device so it is difficult for anyone who steals it to break into the device. Be very stingy about storing any sensitive data. Mobile devices are easy to misplace, so all sensitive data should be encrypted. Bluetooth and Wi-Fi connections should be turned off by default, unless you are actively using them.
Resolution #4: How secure are your passwords? Password security is still very important. Passwords should never be created using a word from a dictionary. And they should always include upper and lower case letters, numbers, and special characters. With the speed of today’s password cracking tools increasing, passwords should be at least ten characters long... and even longer is better. It is not a safe practice to reuse passwords between websites, so using an application like a password management tool to store all of your passwords is a security best practice.
Resolution #5: Be aware of physical security Physical security is an aspect of security that is often overlooked. It is common for sensitive data to be left sitting on a desk where anyone can read it or grab it, so cleaning your desk off at the end of day is a great way to secure your data. Be aware of anyone attempting to follow you or your coworkers into a secure area by tailgating. Lastly, it is always a good idea to secure your laptop and mobile devices before leaving them in an empty hotel room.
Resolution #6: Protect yourself against social engineering Social engineers will always be around attempting to separate a fool from his money….or sensitive data! It’s important to be aware that any personal information we put onto the Internet on social websites like Facebook, Instagram, LinkedIn, etc. may be found by people with unscrupulous motives and used against us. Here’s a tip: just wait to post your vacation pictures, dining plans, and details of shopping excursions after you have returned home.
The convenience of our modern devices makes it easy to let our security awareness slip, but by following the above best practices, we can mitigate the risk of any thieves putting a damper on our Happy New Year!!