Are you worried that your confidential information might be hacked? You should be. Government servers and private companies alike face almost constant threat. TalkTalk allowed access to the confidential details of 150,000 customers, the Ashley Madison dating site had many of its client profiles leaked, and Anthem, one on the nation’s largest health insurers, saw as many as 80 million records compromised through a database breach, to name just a few recent high-profile examples.
Despite the numerous conferences on cyber security held each year (such as Black Hat or Def Con), the threats keep getting more sophisticated and innovative. Still, most breaches are preventable. Here are 10 ways to prevent your confidential information from being hacked:
1. Be cautious on public, unsecured networks
Do not send confidential information over the free wi-fi networks at hotels, coffee shops, and similar places, period. These networks make no security promises at all. Spoofed networks are even worse; they look like public networks, but click on one and a criminal can jump right into your computer or smartphone.
2. Use a virus scanner
3. Update your software, especially your operating system, internet browser, and JAVA
Criminals are constantly finding new ways to violate your system, so you need the latest updates and patches to keep them out.
4. Use a strong, unique password for every application
5. Do not trust weird emails
If an email comes from an unknown sender, do not click on any links or open any attachments. The same goes for emails from someone you know if the message is out of character—for example, a declaration of love from your very professional boss or a glowing review of a product that you know the sender does not like. When in doubt, email the sender back or call asking for clarification.
6. Avoid fishing
Beware of emails that request confidential or sensitive information, such as bank account numbers or passwords, especially if the email seems odd. Banks, other businesses (Amazon, eBay, and so on), or the IRS will never send you an email with a request asking you to reset your password or face penalties. Most businesses have a special website where you can forward fraudulent emails for investigation.
7. Practice safe drive sharing
Never insert a USB drive, hard drive, or anything analogous if you don’t know where it’s been or what’s on it.
8. Make sure the websites where you provide information are secure
Before entering personal data (on sites such as banks or places where you are sending money), check the URL. Instead of http://, look for https://. The additional “s” notifies you that the site is secure. Most browsers will display a locked padlock symbol next to a secure web address as well.
And for any website, make sure the URL is correct. Mistyping a website or going to a .com rather than the .org you meant to visit could drop you onto a predatory spoof site.
9. Use additional security layers
Two-step verification means entering both your password and a verification code every time you log into an online server or website from a new device. The option is available on many services including GMail. Simply put, it is harder for a criminal to get both a password and a verification code than to get a password alone.
10. Stay informed
No matter how good your cybersecurity seems, check periodically for breaches. Check your credit reports for suspicious activity, perform internet searches for any copyrighted work of yours that someone may have plagiarized, check your systems and accounts for anomalous log-ins or other activity.
Bringing It All Together
These steps are all standard tips for personal cybersecurity, but many of them can help prevent larger-scale breaches as well. Stuxnet, a now-famous virus used to successfully attack the Iranian nuclear program, was designed to travel by contaminated USB drives. Yes, even something as important as a nuclear centrifuge could be brought down by simple employee’s carelessness.
Whether you are responsible for the confidential information of millions or just your own data, basic cybersecurity practices are the first, simplest, and most important steps to keeping your information safe.