You are driving to a meeting with a new prospective client.  Your boss calls and needs those reports for her meeting that starts in ten minutes.  Whipping into the local coffee shop with Free Wifi you can shoot those reports out, buy a round of lattes for the meeting and still make it to the meeting on time.  Out comes the laptop as you find a small table in the corner and you connect to the CoffeeShoppe_Guest wireless network. The New Email button is clicked, the reports are attached, you add the recipient and click Send.  Whew!  Check that off the list! 

This event is something that we have all gone through or at least could picture ourselves facing, but did you just expose your employer to huge financial risks?  Will you be the newest victim of Cyber Crime?  Only time will tell, but let’s take a look at how you can mitigate these risks with a little education and a few changes in how you use your tools!

First, we need to understand who is watching and what they want.  In general, a ‘hacker’ is someone who uses computers to gain unauthorized access to information that may be used in committing crimes.  While there are endless targets, let’s focus on the top three: your processing power, your personal information, your access to other systems.

Your processing power may be a little confusing at first but could really be the key to unlocking and gathering all of the other information that the hacker is after.  A small, and virtually invisible, application can be installed on your computer to capture every keystroke, track your activity, provide remote control of your computer, and even spy on you using your camera and/or microphone.  All of this information can be gathered and sent to the hacker for them  to use for whatever they want.  In an arguably less invasive manner, these applications could also turn your computer into somewhat of a zombie node that can send SPAM, infect other computers or crunch numbers that could create a revenue stream for the hacker in control and ruin your reputation on the web.

Your personal information is probably the most common target.  The more of this information a hacker can collect about you and your life, the easier it is for them to gain more access, open financial accounts in your name, and even impersonate you with family, friends and business contacts.  Now, more than ever, it is critical to protect this data as much as possible.

Your access to other systems rounds out the top targets of the hackers and can be the most damaging.  If you do not protect yourself and the tools you use, this particular target can lead to exposing a lot of people and companies to the same risk you face personally and the threat can grow exponentially.  There is a good chance that you have access to data that your company maintains about clients, contacts and more.  If the hacker can impersonate you, they now have access to all of that information too!

Risk mitigation is a team effort that starts with your IT provider and requires everyone’s diligence to be successful.  A single solution will not protect you in these days.  A more comprehensive, layered solution must be developed and Connectiv IT is here to help!  We have products and services to address your network security, Anti-Virus protection, Email filtering, update management, mobile device management and data backup.  We cannot control user behavior but have compiled a list of tips below to help protect individuals and companies from becoming the next victim of Cyber Crime!

1. Passwords – While your IT provider can implement password policies on corporate owned equipment, utilizing complex passwords and changing them often is a good practice for anyone to adopt. 
   1. Try to use a combination of lower and upper case letters, numbers and other characters available on the keyboard. 
   2. Try to avoid the use of common nouns including proper nouns. (i.e. Mary, password, secure, Florida, Trump, etc.)
   3. Consider using phrases like “The Constitution of the United States of America” or “There is no place like home”.  These passwords could be “Tc0tUs0A#1789” or “T1npL1Home!” respectively.
   4. Use more than 8 characters.  Each additional character increases the possibilities exponentially and makes it harder for hackers to guess or crack.
   5. Do not use the same password for all accounts and make sure to change your passwords on a regular basis!
2. Public Wifi – These free networks should be avoided in most cases.  If you have no other choice, use a private VPN tunnel.  If a VPN is not available, DO NOT log into any accounts and only use the connection for generic web searches.  This should also be applied to public hard-wired networks like you would find in a hotel.
3. Public Computers – You will find these in hotels, libraries, cruise ships and schools.  Avoid these at all costs.  You do not know who used this before or after you, however if you must, treat it like Public Wifi with no VPN; DO NOT log into any accounts and only use the connection for generic web searches.
4. HTTPS – Even if you are using your own personal computer and have taken all actions to secure your device and use complex passwords, take two seconds to look at your address bar to make sure you are using a Secured website.  You should see a lock that is closed, “https://”, and in most cases the word “Secure”.  Sites without these visual indicators are ok to use and gather information from, but think twice before logging in to a user account!
5. Email – While most of your interaction will be with email services, these same ideas should be applied to services like Facebook Messenger, Text Messages, and other communication channels.
   1. DO NOT CLICK THE LINK! – Unless you are sure about what you are clicking on, do not do it.  It is safer to retype the website address that was sent to you or simply ignore it.
   2. Attachments – Most ransomware has come from users opening attachments so unless you are certain what you are downloading and opening, call the sender, contact your IT provider or simply delete the email.
6. Limit Installed Software – Malware and Viruses can be hidden in downloaded software and can also request to lower your security profile by opening up holes in your firewall, store unsecured data and even link to other accounts where information could be gathered.  If the software or game is free, be weary. 
7. Social Media – Hackers will cyber stalk their victims and gather as much information as possible.  Be cautious of what you post online about your favorite dog, when your anniversary or birthday is or when you may be away from your home or office. 
8. Toll-Free Microsoft Support – If you ever get a pop-up that tells you to call some phone number, take immediate action by rebooting/shutting down computer.  The only call you should make is to your IT provider!