Will you or your company be the subject of hacking this year? The probability is far greater than one might suspect but there are ways to reduce the risk and means to evade incidents. Basically, get help!
Security experts working on antivirus and anti-malware software along with the proper awareness of secure password management and backups is a good starting position.
1) Password hygiene. Simple passwords that are thoroughly reused means hackers gets a good hold of all your data from one starting point or another. This is reality and it is just as bad as it sounds. Once the hackers have gotten hold of login credential from any hacked user database, the login credentials are then evaluated on Microsoft, Google, Apple, PayPal, and it can get really nasty and expensive. Use different passwords everywhere, preferably in levels based on importance. Also do make sure that passwords are filthy (for real) so that you do not easily give them out. Once your down to say 10+ passwords; consider using a secure password manager such as LastPass or 1Password to access passwords securely from your devices.
2) Antivirus & antimalware! Panda Security, Sophos, AVG or Microsoft’s Defender (built into Windows). The important thing is not the brand but that you are using an updated and active antivirus & anti-malware software. Thousands of employees work to keep your computer safe. This does not mean you cannot be the victim but attacking you becomes more difficult and increases the likelihood of hackers and exploiter targeting someone else. Unfortunately, this works in the same manner as having a burglar alarm in your home. If you have an alarm and the neighbours do not; chances increase that the burglars will target someone else.
3) 2FA; two-factor authentication or multifactor authentication. This works using a combination of user/password credentials along with a physical device or software authenticator or SMS verification when logging in to Google, Facebook, Microsoft, or other services. The idea is to combine your login credentials i.e., something you know with something you have or something you are and this dramatically increases security. It is e.g., unlikely that criminals have access to both your computer and your phone at the same time and both are needed to verify your login.
4) Backup. Let’s start by establishing that your computer will sooner or later break down and this might be bad news. Either it breaks down by itself or it has help by you or by Sir, Madam or Other. If you have unknowingly outsourced the process getting this knowledge is expensive and entails funding organized crime if you want your data back. If the computer breaks by itself or if you break it your data is gone. The solution is called backup. Backup on external removable disks, online, or using network-attached storage (NAS) that preferably are only connected to the network when backups run.
5) Update EVERYTHING! Most people update their computer every now and then; but how about the router, the game console, the phones, the pads and just about every other device you use. Hackers privately or governmentally employed has as their line of work the task of locking computers for ransom, stealing funds and exploiting users, politicians, you, and your parents. Criminals are actively on the lookout for suitable victims and ways to gain access to your data. Access can be gained by “zero-day exploits” or old exploits for the simple reason that users do not update their stuff. Antivirus and antimalware can usually detect strange behaviour but are these updated, and BTW when was the last time you updated your firewall.
6) Segment your networks. The connected vacuum cleaner, the online surveillance camera, your new smart fridge… There was some time ago a bank that was hacked using the online thermostat of the lobby aquarium somehow connected to the internal network. The next time you buy a funny and cheap connected surveillance camera and hook it up to your secure network… who is really monitoring who? Segment your networks and hook up unsafe devices to a guest network instead that has no access to your computers and your data.
At Farsight, we work relentlessly on IT security and use Panda Fusion 360 from Panda Security in combination with advanced firewalls from WatchGuard and Ubiquity to monitor, detect, act upon and safeguard data, computers and computer networks belonging to our customers.
Panda Security was 2 years ago bought by a big American IT security company called WatchGuard aiming to further expand its IT security services. Farsight uses advanced Watchguard Firewalls and the associated security software suites in combination with Panda Fusion 360 to automatically monitor, assess, mitigate, and safeguard incoming and outgoing network traffic and to secure computers, devices and data.
Do you require assistance, a security overview or do you want to take you company’s IT security to the next level? Consider us at your disposal!
Also do have a look at the article from Panda Security: https://www.pandasecurity.com/en/mediacenter/security/avoid-getting-hacked-2022/
Farsight is a Swedish IT development partner that makes people and organizations grow! We are your ”go-to-guys” regarding all your IT systems, technology and IT-security subject matters. At the same time, we are local community builders and ensue a sound labour market and good ethics. Our business is all about finding clever solutions for secure access, management and communication of business-critical information.