Dell shares that a whopping 70% of security breaches are attributed to the human element, via a study completed by Ponemon Institute.
Depending on the study you are reading, these human element breaches could be as high as 90%. There are many layers involved in protecting yourself and your company from viruses, malware, phishing attacks, and ransomware. We usually think of these layers in the form of firewalls and antivirus software.
One of the most effective ways to protect your PC or network is human awareness and making sure that privacy and security settings inherent to different applications are correct. There are so many simple things we can do (with little effort!) to provide these additional layers of protection. Education, testing, and training of end-users can go a long way to protecting your data network.
A point of weakness we tend to have as a human is a curiosity. Ransomware and malware can easily make it to the network via a simple click of the mouse.
When you receive an unexpected email with an attachment or link, a little further investigation doesn’t hurt before clicking on the surprise that awaits.
- If you know the person sending you the email, send them back a quick email by physically typing in their known email address, or make a phone call to ask if they have sent something before proceeding with what could be the click of death for your digital information.
- When receiving emails requesting changes with accounts such as passwords, billing changes, or anything that includes financial information, make a phone call to a known phone number to confirm that the request is not bogus.
- Check the link using the Trend Safety Center. (TIP: useful shortcut to add to your web browser)
- Use your search engine to see if you can find any information on the email address, subject, topic, or the document link name.
- If you are concerned that a link contains malware and it doesn’t look important, just delete the email.
We cannot stress enough the importance of strong passwords. This is the easiest security that you will ever put in place and the most frequently used.
Refrain from making your password something obvious, something personal, or something directly related to anything around you. Here are a few rules to keep in mind when setting them up:
- Combinations of upper, lower caps, letters, and symbols are a must.
- The longer, the better.
- Reset your passwords on a scheduled basis.
- Use different passwords for each account.
- Password protect essential documents.
Make sure password recovery method questions are tricky. For example, your mother’s maiden name is probably pretty easy to find, while the name of your first pet, may not be as readily available. Adding an extra unexpected word to the response is also a simple method to strengthen this process.
To keep track of these passwords using a tool such as Lastpass to not only track passwords but to help in generating them. If you are a Complete IT client with TSAChoice, a password tool is part of your plan.
Don’t Do It! Birthdays, initials, family members, alma mater, cars, your address, your social security number, your pet’s name, your best friend’s name, boyfriend’s name, address, year of birth, your name, your husband’s name. Use nothing related personally to you when choosing a password.
Applications, Websites, and Social Media
We use so many apps today that have additional security settings that allow protection of our information beyond the initial password protection. The secret, they only work if set up in the privacy and security settings of these apps.
Two-step verification is a process by which when logging into your account. A code is generated and, in most cases, sent to your mobile phone or device and requests entry before a successful login. Examples of applications using this process include Google, Facebook, Dropbox, LinkedIn, and others. For a list of other applications using this feature, you can access the Two Factor Authorization website.
Don’t Click Unless You Are Sure
The same rules for email also apply for Social Media and Websites. As tempting as it is, don’t be drawn into clicking and downloading items posted by unknown sources within social media and within websites that you are not familiar with.
Trend released a report, “Dissecting Data Breaches and Debunking the Myths” this report states that 41% of breaches are due to device loss.
Setup encryption on your mobile devices this function turns all of your information into unreadable data unless the correct authorization is used to access the device. Encryption can be set up on both Android and iOS devices. Encryption may alter performance on some devices, read and talk to your provider before setting up encryption.
The Offense is Your Best Defense
We place software and firewalls on our systems to protect ourselves and our companies, sometimes forgetting that without common sense, it is all for naught. Take a few minutes to review and share this information with friends, family, co-workers, and employees to make sure we are all doing our best to protect our data.
Click here to request assistance creating a disaster recovery plan.