AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE…by dStringer

AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE…by dStringer

We are experiencing an epidemic.  "Hacking" or Data Breaches have become commonplace...and that's dangerous.

As the frequency of hackings has increased, so is the likelihood that you will also be involved.  You may feel that you're a sitting duck in this scenario, because, after all, even though you have been most responsible and have put every security measure of which you are aware in place, you still have no control if your data is breached due to cyber criminal activity involving a third party (EX: Target or Blue Cross).

That is not exactly accurate.  As I've mentioned before in previous blogs, while it IS true that, if someone is specifically bound and determined to compromise your security, they will eventually succeed, the chances of this scenario happening are very small.  Odds are MUCH greater that if your information is compromised, it will be the result of a third party hacking.  And in this case, here is what you can do to increase your chances of NOT becoming a victim.

It bears repeating...The more deterrents in place, the less likely you become a cyber criminal victim.

Common sense tells you, if your information is too difficult to "decode", just like a burglar to a house that has too many security features, a cyber criminal will move on to an easier target.

So, here are a few suggestions to try that might insure your personal "technological security"

  1. Use strong, complicated passwords.                                                                         The more complicated they are, with a mixture of letters, caps and symbols, the less likely your passwords can be decoded.                                                                                           
  2. Use a unique password in every new account or service.  DO NOT recycle your passwords.                                                                                                            
  3. Change your passwords often.                                                                                    
  4. Don't use Social Security numbers, phone numbers, addresses, or other personally identifiable information as passwords.                                                   
  5. Decide what you define as Personally Identifiable Information (PII). ComputerWorld asks six privacy experts for their recommendations for protecting data in the modern digital age. "'The traditional definition of personally identifying information (PII) -- health records, credit card numbers, social security number, etc. -- is so 20th century. The big data age of the Internet is upon us, and even data not previously considered to be PII can feel very personal when viewed in a broader context. 'Bits of data, when combined, tell a lot about you,' says Alex Fowler, chief privacy officer at Mozilla. Those aggregated bits, which constitute the new PII, may include such information as your email address, browsing history and search history. 'The definition of PII -- information that a person has a legitimate interest in understanding and protecting -- is going to be broadened as we move further into the information society,' says Fowler. 'It's a different footprint than what your parents ever thought about. Think about what you consider personal information,' Fowler adds. 'You need a working definition."
  6.  Watch out for theft of your government-issued identification numbers.

    Thieves don't always go after credit and debit cards; sometimes, they steal important government-issued identification numbers, such as driver's license numbers or Social Security numbers in attempt to assume another individual's identity. "If you are notified of a breach involving your driver's license or another government document, contact the agency that issued the document and find out what it recommends in such situations. You might be instructed to cancel the document and obtain a replacement. Or the agency might instead 'flag' your file to prevent an imposter from getting a license in your name.

  7. Organize your passwords in logical groupings.

    By using a different system for creating passwords for different types of websites, such as social networking websites, financial institutions, and other membership sites, you ensure that should a hacker crack one of your algorithms, they won't immediately be able to crack all of your accounts' passwords. "First up, group your passwords by function — social media, financial information, work — and use a different approach for creating passwords within each group. That way, if a hacker figures out your Facebook password, he won’t be just clicks away from your bank account.

  8. Use two-factor authentication.

    Two-factor authentication is an additional layer of security that provides protection in the event that a hacker guesses or cracks your password. Two-factor authentication requires a second verification step, such as the answer to a secret question or a personal identification number (PIN). You should opt for two-factor authentication when given an option. "Some websites, such as Google, will text you a code when you login to verify your identity, while others have small devices that you can carry around to generate the code. Authenticator apps are also available on all major smartphone platforms. Other types of two-factor authentication do exist as well, so look in the settings of your banking, shopping, and e-mail hosts for the option.

  9. Use secure websites, especially for sensitive transactions.

    When you're conducting a financial transaction or sharing other sensitive information, always use a secure website to do so. Secure Socket Layers (SSL) is a commonly used website security protocol that provides additional protection for data as it's transmitted through the Internet. You can tell if you're using a secure website by looking at the beginning of the URL. Those beginning with https:// are secure. "Web browsers such as Internet Explorer and Firefox display a padlock icon to indicate that the website is secure, as it also displays https:// in the address bar. When a user connects to a website via HTTPS, the website encrypts the session with a Digital Certificate.

  10. And finally...be diligent.  Do research.  Find out from your various accounts and service providers what their security measure are and what they have in place.  Look into additional security measures you can use for more insurance.                                                                                                                                                      And, of course and as always, if you are a business owner and want to find out more information on how to better secure your website and your client's interests,  contact us here at Alcala Consulting for more information and to schedule a Free Consultation.  626-449-5549