The massive Equifax data breach has put cybersecurity back in the news. Understandably, many individuals and business owners are concerned about how to protect themselves from unauthorized access to sensitive files and records. While comprehensive cybersecurity should be left to professionals, there are also simple and effective measures, such as those listed below, that individuals and small business owners can and should take to protect themselves.
Many people don’t consider file permissions on their computers, allowing full access to all files (often the default setting). If only one person ever uses a computer, that’s not a problem. However, with a shared computer or in networked computer environment, having open access to all files by all users is potentially extremely risky. Although it’s tedious to manage permissions on every single file, doing so minimizes the risk of having sensitive information be accessed by unauthorized individuals – either inadvertently or deliberately.
Establishing strong, unique passwords and changing them often is one of the best safeguards against cyberattacks. Adding two-factor authentication provides an added layer of protection in case of hardware loss or compromised accounts. With two-factor authentication in place, after signing in, users are required to enter a code sent either by text message to a mobile device or by email to another account.
Virtual Private Networks (VPNs)
It’s safer to connect to the Internet by Ethernet cable than by Wi-Fi, and safer to connect through an encrypted Wi-Fi network requiring a password than by public Wi-Fi. However, with so many businesses and entrepreneurs conducting transactions away from their main base of operations, it’s almost inevitable that public Wi-Fi channels will come into play.
However, connecting to the Internet through a public Wi-Fi channel potentially exposes all the files in a computer or mobile device to everyone else using the same network. Establishing a Virtual Private Network (and monitoring it for suspicious access) places a layer of security around transmissions between remote computers and network files and documents, restricting access by unauthorized individuals.
Mobile devices are prime targets for thieves, or frequently being left behind in a cab or hotel room. Employing strong passwords provides some protection against unauthorized access to documents or files. However, with extended access to a stolen computer or mobile device a determined thief can (and frequently will) use sophisticated means to crack even the toughest passwords. One way to prevent this is by enabling remote wiping, which removes all the files from a stolen laptop or mobile device, reformatting it to factory settings.
Anti-Virus, Anti-Malware, Anti-Spyware and Firewall Software
Anti-virus, anti-malware, anti-spyware and firewall software programs perform similar (and often overlapping) functions. However, there are differences between them – and it’s a good idea to employ all four types of software.
- Anti-virus software protects against malicious software designed to replicate itself and infect a compromised machine. Viruses, worms and Trojans are often well established and predictable, but unprotected computers and mobile devices are still vulnerable
- Anti-malware software protects against “newer” threats such as zero-day exploits and rootkits. Anti-malware software often updates itself faster than anti-virus software, making it especially valuable when surfing the web.
- Antispyware software protects against unauthorized access to sensitive documents such as financial records or medical data. On unprotected machines, financial and personal data represent a virtual treasure trove for identity thieves.
- Firewalls are designed to serve as protective measures against unauthorized access. Strong firewalls repel attempts by malicious hackers to install viruses, Trojans or malware onto targeted computers or mobile devices.
Backups (and More Backups)
Ransomware is one of the newer cybersecurity threats. The notorious Wannacry ransomware program represents a recent example. Ransomware locks an infected computer’s files so that the user cannot access them without paying a ransom (cash or Bitcoins) that can run into hundreds or even thousands of dollars. There is also no guarantee that paying the ransom will retrieve the affected documents.
The only surefire protection against ransomware is diligently backing up computers and mobile devices, either cloud-based or on-site (or both). With file-based backups of individual documents and programs and/or mirror-image backups of the entire hard disc in place, there is no need to give in to ransomware demands. Instead, the “cure” is to disconnect the infected machine and perform a low-level reformat of the hard drive.
Software Updates and Security Patches
One of the most basic (but often overlooked) cybersecurity safeguards is maintaining software updates, including security patches. Running unsupported software (Windows XP, anyone?) as a money-saving measure is penny wise and pound foolish. And while Windows software has traditionally been more vulnerable than Mac, Apple or Linux operating systems, the latter are not invulnerable to attack.