Today, a leading news story is a ransomware attack on the HSE that has impacted all their IT systems. The truth however is that anyone can fall victim to an IT security Breach. The good news is that you can dramatically improve your security profile, by following these 5 pointers.
Security is a multi-layered approach - you need several layers to get the highest odds of ensuring your data (or that of your customers) is safe from a costly and avoidable data breach.
1. Complex Passwords
Firstly, a quiz. Which of these do you think is a better password:
If you answered B, congratulations - your IT security knowledge is better than at least 26 million people! Of course, it needn't be this complex, but it should be at least 8 characters with at least 1 number, 1 capital letter, and 1 special character, like !. It shouldn't be easy to guess, even to someone who knows you very well. Think of a particular word, swap out some of the characters around as described previously and don't re-use the same password for several accounts. Save your various passwords somewhere safe also. There are several free apps you can use to make password management easier, like Dashlane, FastPass, or from the built in password management tools available in browsers.
2. Anti Virus
This is an absolute minimum for your IT security. Our recommended software is ESET (For a home/office setup) but you can even use the inbuilt security software in Windows 10 called MIcrosoft Defender which is free, however, we would always recommend the paid ESET product over this for the extra protections it provides. Not having antivirus on your PC is like removing the front and back doors to your house - highly inadvisable from a security perspective! As soon as you connect to the internet, your computer is exposed to a vairety of threats like phishing, ransomware, and other risks, so fix this today if you don't have it.
3. Multi Factor Authentication
While a strong password is important, a dedicated hacker can crack it if he wants to by using password cracking software available on the deep web. This is where Multi factor authentication comes into play. You set this up on our account, by adding another "factor" like a mobile phone number, or an authenticator app, like Google Authenticator (free on the Google Play store). When you login with your password, you are prompted to enter the code sent to your phone or authenticator to continue, so even if someone has your password, they can't access your data. All good software apps have this capability and is very easy to set up. Do this for all your accounts to avoid a potentially embarassing or costly data breach in the future.
Picture this scenario: You're in a coffee house working on a project. You go to the till to get a second coffee but by the time you head back to your table, your laptop has been stolen. The thief bring it home, opens the hard drive and connects to a docking station which bypasses the Windows password and opens the entire data on your laptop. A very bad place to be.
However, if you had encryption setup on your laptop, that data is inaccessible if the thief does not have the password. Still bad, but the loss is limited to the price of a laptop, instead of a data breach which could cost you clients and money. Windows 10 offers such a tool for free, called BitLocker.
5. Backup and Disaster Recovery
If your hard drive fails (which happens more than you may expect), recovering data from it can be very expensive. If you backup your data to the cloud (using Google Drive, OneDrive, or similar free offerings), all you need to do in such a situation is to login to another computer to your cloud account, and retrieve your data from there.
These are all steps which anyone can setup without needing a high level of IT expertise. However, if you have any additional questions, we are always happy to help. Drop us a line anytime!