While information security should be an essential concern for every business, it is often overlooked. When I speak on this topic, I can see the eyes of the non-tech person glazing over, before I get to the 3rd syllable of the word “security”. However, it is just too important to ignore. We all need to be vigilant to stay secure and protected. Here are some tips that will help us all stay out of trouble!
Technology Security Tips for Keeping Your Business Secure:
1. Understand the Security Landscape
Information theft is a 1 trillion, yes trillion, dollar business. It is the single largest organized crime in the world. Anyone, anywhere, connected to the web can be involved in this crime network, and it pays well. Symantec reports that a stolen credit card with code goes for somewhere between $.50 and $12 on the black market and are often sold in batches from 10 to 500. It takes more than just anti-virus and firewall’s to keep the bad stuff out. It takes active monitoring and detection, plus a good cleanup crew, because something will get in sooner or later. Spyware and viruses are designed to steal your information. They are more than an annoyance, they are a breach of security as part of this organized crime.
2. Don’t be tempted by SPAM
It has three purposes, one is to sell you stuff, two is to steal your information, and three is to obtain use of your computer to use in attacking others. As a rule of thumb, don’t open it if you didn’t request it, and carry a chip on your shoulder against the SPAMMER, who sent you unsolicited email, so that even if it is interesting you won’t open it and legitimize what they do.
3. Don’t unsubscribe
Unless you specifically know it was an email you signed up for, don’t unsubscribe. A very high percentage of the time, when you unsubscribe, your email address is legitimized and gets sold on a list for others to use to SPAM you. Use your SPAM filter to blacklist or eliminate the message rather than unsubscribing.
4. Be savvy about attachments
Even if it comes from someone you know, don’t open it unless you are expecting it, or have verified that they sent it. Avoid those suspect attachments that are EXE, COM, ZIP, BAT or XML files. Many times SPAMMERs forge headers so that it looks like it came from someone you know when it really did not.
5. Be sure of that link
Phishing is a scam where the link you are about to click on takes you to a site that looks like the real site, but is a fake page that is used to either infect your system, or collect your login and password for later use. This scam has become very common with banking sites as well as LinkedIn, Facebook, and other social sites. To be sure, go to the website the way you normally would get there, rather than clicking on the link.
6. Look for the lock
If you are doing online shopping or anything related to money, look for the lock in your browser. This lets you know that your connection is encrypted and nobody can sniff out your password or other personal information, when it is being transmitted over the web. The lock generally appears next to the URL at the top of Internet Explorer. If you are using another browser it may be elsewhere, but you will still find it easily.
7. Don’t load that update
Microsoft, UPS, Fedex, anti-virus companies and other vendors do not email updates. Never load an update by clicking a link or opening a file from email. Just don’t do it!
8. Don’t store important passwords
Often your Internet browser will ask you if you want to save your credentials. The right answer is “no”. Sure it is pain to type it in each time, but if you do store it, it is relatively easy for a virus or spyware to collect it should you be infected. Use a password program like Keeper or Roboform to track your passwords in an encrypted, secure way.
9. Watch where you are going
When searching the Internet, avoid obscure and strange domains. Sometimes foreign sites are more prone to infections, so if you don’t need to go to a foreign domain, don’t follow that result. Also, avoid music sharing, file sharing, and “free” movie download sites.
10. Don’t answer that pop-up question
If you get a strange pop-up, that you do not recognize, don’t click on it, even to answer the question with a no. Often the message is programmed to infect your computer regardless of where you click. Try using the Alt-F4 key to shut the pop-up down. Or if you are fairly sure it is a virus, hard-power your machine off. It may save you a serious infection.
While it is impossible to avoid every bad thing out there on the Internet, taking some simple precautions is the first step to reducing risk. Securing your business is a three part process involving physical security, monitoring/detection, and remediation.
“Passwords are like underwear; you don’t let people see it, you should change it very often, and you shouldn’t share it with strangers.”