With the arrival of a New Year comes the motivation to focus on new approaches to the workday. For some people, that’s as simple as structuring your day differently — perhaps checking email only at specific times or limiting distractions from social media.
For others, software or hardware upgrades take precedence come January. Still others use the occasion of a New Year to organize their physical and virtual desktops — and hopefully optimize productivity and efficiency.
But if there’s one thing every computer user should focus on in 2019, it’s data privacy. After a long, busy year full of hacks, breaches, and ransomware infections, 2018 ended with an avalanche of fresh cybersecurity news.
First, the Weather Channel was accused of letting its mobile app track user location information for illicit reasons. Data from the app’s 45 million active monthly users was used not just to generate local forecasts — instead, as the city attorney of Los Angeles alleged in a lawsuit, The Weather Channel sold that data for commercial purposes, including targeted marketing and financial analysis.
Days later, Marriott International acknowledged that its monumental 2018 breach, which exposed the reservation records of nearly 400 million users, included the loss of 5 million unencrypted passport numbers. That kind of personal, private information is a gold mine for hackers, and security experts believe the breach (to date the largest in history) could have been caused by Chinese intelligence services.
Other nefarious schemes continue to proliferate. Hackers have recently started targeting Microsoft Office users through a phishing scheme that pretends to be an Office 365 non-delivery message. A prompt appears asking users to click “Send Again” before leading to a website that appears to be a Microsoft login page. That page then asks the user for his or her username and password, which, if entered, are stolen by cybercriminals.
But wait — there’s more. The popular online floral company 1-800-Flowers announced recently that a credit card-stealing strain of malware was active on their website for more than four years. And a new twist on the so-called “sextortion” attack goes deeper than just the allegation that a user’s adult website browsing history has been recorded via webcam. Now, blackmail messages include a link to view the so-called video catching a user in illicit action. But clicking on that link instead installs ransomware that then immediately encrypts all the files on a user’s computer.
Such an endless procession of bad news doesn’t have to be a nightmare, however. All of these incidents remind us that data privacy must become priority number one in the New Year. At CMIT Solutions, we take such a responsibility seriously — the success and safety of our clients depends on it.
Below are six ways to enhance the security of your information:
1. Be careful with emails that contain web links or attachments.
Before you click a link in any email not from a trusted sender, hover over the link with your mouse to display it’s real destination. Beware of easy-to-miss variations — think “yah00.com” instead of “yahoo.com” — or long strings of random characters that could take you to an illicit site. If you really want to exercise caution, manually type in websites you want to visit. And NEVER open unknown attachments, no matter if they’re ZIP files, PDFs, MP3s, Word documents, or Excel spreadsheets. Hackers routinely hide viruses in such attachments knowing that at least one unsuspecting user out of a million will download it.
2. Manage your passwords better.
Security experts now believe that the biggest threat to online data isn’t just strong passwords — it’s the fact that most people use the same passwords for all or most of their accounts. Whether you keep track of your login information with a password management service or the help of an IT provider, the old days of easy-to-guess passwords must come to an end if cybersecurity is really going to improve.
3. Activate two-factor authentication.
The best way to nip the password problem in the bud? Activate this additional security step required to log in to accounts. Defined as authenticating your login through something you have (your password) and something you get (a unique code typically delivered via text message or email), two-factor authentication can render a stolen or hacked password unusable.
4. Delete unused apps — and update the software you do use.
In 2019, there’s no denying the fact that smartphones track our every move — and, as The Weather Channel app example above demonstrated, they often share our location data in ways we never anticipated. The best security measure on this front is to uninstall apps you no longer use from your phone, and to keep frequently used programs up to date with security fixes and software patches. That goes for mobile phones along with desktop and laptop computers.
5. Work with an IT provider who really knows you and your business.
Of course, keeping a computer running smoothly isn’t easy — and it can take up more time than expected. That’s why developing a solid relationship with an IT provider you can trust is so important. At CMIT Solutions, we proactively monitor our clients’ systems 24/7 to protect against unwanted intrusions. Such an approach also allows us to deploy necessary patches and upgrades during non-business hours so that systems are always on when you need them.
6. Back up your data.
The common theme that runs through each of the cybersecurity examples stated above is that, if your data is backed up properly, negative impacts can be mitigated. Remote data backup and storage is the only surefire way to foil a ransomware attack, and the more regularly you back up your information the more easily you can recover from unexpected data loss.
The cybersecurity world is still a scary place — even in this New Year. But with a resolution in place to enhance data privacy, you and your business can survive and thrive. Want to know more about the best approach to information safety and security? Contact CMIT Solutions today.