Cybersecurity has become a prominent conversation starter in personal and business life. Many of the threats today have been around for many years and the weakest point being people remains. The reality in 2019 is that the data you think is secret really is not. The bad dudes already have your date of birth, address, phone number and credit card details. This will typically be through no fault of yours, as any data you have shared with a company will in all reality have been leaked, stolen or sold. Never assume that these companies will safeguard your data.
The sooner you accept this reality, the sooner you can focus on doing everything in your power to preventing identity thieves, hackers or charlatans from abusing your data. Here are a few measures you can take in 2019. Some of these may be overkill, but as more and more people start their own businesses, the more they need to ensure they protect more than just their personal data.
- If you must use public and or unsecured WiFi then always use a VPN. If you cannot then don’t do sensitive stuff like banking.
- Claim your identity before someone else does by creating the applicable account with the relevant authorities e.g. SSA, UK government etc. Where possible place a freeze on your country credit bureau e.g. Equifax, Experian etc.
- Add multifactor or 2fa to all of your online accounts, not just the sensitive ones, each and every account. If this is not available reconsider if you want to be using that service. Use an authenticator app rather than email or SMS for 2fa codes. Put a pin or passcode on your SIM card to prevent SIM swap attack.
- Use a strong password generator to create passwords that are impossible to remember and a password manager to store them. Never change the password unless you believe it has been compromised. Never use the same password for different accounts. Never use the default secret questions, create your own nonsense question with a nonsense answer. It’s ok to have your passwords on a piece of paper so long as that piece of paper is secured.
- If you must plug your device into an unknown USB charging point, use a USB condom. These allow only the power pins to connect through to prevent juice jacking. This is a must if someone additionally provides the USB cable, which may have been weaponised using USBNinja or similar.
- Avoid the temptation to share all the details of your life on Facebook, Instagram or other social media venues, especially when traveling. Crooks aren’t just trolling these sites to see if you’re out of town so they can break into your home; they’re also looking for information they can use take over your life.
- It will soon become difficult to buy any home appliance or device that is not connected to the internet. Get into the routine of auditing what devices are connected and ask if it really needs to be. Simply disconnect the device if it no longer requires it. Ensure all the latest security patches are routinely installed to all devices, connected or not.
Finally, for all the safeguards that may be put in place, the most unpredictable entity is human. Social engineering and bad actors are examples of how humans attempt to take advantage of an individual or company to gain unauthorised access to an asset. Be careful who you trust.
At Momentum, we can help you to understand how you can safeguard your business against the ever-increasing breadth of cybersecurity threats. Contact us for a confidential conversation about your situation.