Corporate online security breaches are sadly becoming a routine event these days.
In one year alone, Target, J.P. Morgan, iCloud, Home Depot and even Healthcare.gov were all hacked, each breach requiring users to change their passwords and, in some cases, to replace their credit cards.
While it’s no fun to change your passwords after a security breach, it is still much better than dealing with the major disruption identity theft can cause you, your business, and even your public image and business branding.
If anything, these big security breaches should be a reminder to us all to routinely assess our overall vulnerability to hackers and make any needed changes. Surprisingly, a few simple steps can go a long way to keeping you safe and secure.
It all starts with the passwords you use. While it would be easy to suggest you use long random string of characters for every password, the reality is that you would never be able to remember them all. So the idea here is to create passwords that are hard for both people and code-cracking programs to figure out, but easy for you to remember. Stringing together several meaningful words and groups of numbers can make for a very secure password. Obviously, don’t use words and numbers that correspond to your identity or any associated account. Google, ConnectSafely.org, and other information security experts offer great information on generating strong passwords. It is also important to use a unique password for each account, especially those associated with email and finances.
So how in the world are you supposed to remember all those passwords? A password manager lets you access them quickly from anywhere, but keeps them safe through the use of encryption. Three notable free examples are the open source KeePass (developed for Windows operating systems, but works across multiple platforms with Mono), Lastpass (available for Windows, Mac and Linux operating systems), and Passpack (a web browser-based password manager). Paid services such as 1Password also exist.
Popular services such as Amazon, Facebook, Gmail, Dropbox, and iCloud offer two-factor authentication (often referred to as TFA) where, once you enter your password, you receive a code via a text message on your phone to continue the login process. Not only would someone need your password to get in, but they would also need to have your phone. TFA is a great added level of security that we highly recommend taking advantage of.
Multiple E-mail Accounts
It’s a very good practice to use different e-mail accounts for different areas of your life. Let’s say someone hacks your Facebook account and gains access to the corresponding e-mail; they won’t have access to your banking information if it is tied to a different e-mail account. You can set up separate e-mail accounts for social media, online shopping, and important financial accounts, giving you solid firewalls in the event you are hacked. It is also good to set up a disposable e-mail account for any situation where you have to provide an e-mail address that you suspect will lead to spam.
These pointers seem basic, but they can go a long way to keep you safe from security attacks, whether directed at you personally or through a larger corporate security breach. On the Internet, an ounce of prevention can be worth a lot more than a pound of cure.