Last week, news broke that credit bureau Equifax experienced a monumental data breach. The Federal Trade Commission reports that 143 million American consumers had extremely sensitive personal information leaked – the likes of social security numbers, addresses, driver’s license numbers, phone numbers, and even credit card numbers.
For consumers affected, it’s yet another hassle. For Equifax, it’s a nightmare of epic proportions. Not only because they’ve managed to let customers down (and even those who aren’t doing business with the company), but because the legal liability and ramifications as a result of the breach are sure to be damaging.
It’s yet another reminder that businesses must put IT security at the forefront of their minds.
According to Equifax, the leak breach was caused due to “unauthorized access,” and while the company says they worked quickly to stop the intrusion, the damage had been done.
So, if you’re a business that handles the personal information of your customers electronically, it is highly recommended that you act before a catastrophic intrusion affects your operation.
Going back to basics is an effective way of reducing the risk of a data breach:
- Using strong passwords. No single dictionary words, not your child’s birthday, not your social security number. Passwords should mean nothing when you look at them. We generally recommend using strings of random words (with or without spaces) like “bluethirteenunderstandingcombination”. While that might be a simple password to remember, it would take 2.87 thousand trillion-trillion centuries to guess at one hundred trillion guesses per second, according to Gibson Research Corporation. Compare that to the password “business1”, which would take 1.04 seconds under similar circumstances.
- Don’t use the same password across different websites. A unique password should be used for every login. Because if one of the services you use becomes compromised, the attackers will now have your password for other services you might use.
- Use two-factor authentication on services that offer it. This is an effective second layer of security.
- Keeping away from suspicious websites and email. Treat everything as a potential threat. Not everybody is your friends on the internet.
- Use anti-malware with real-time threat scanning. Some of these programs are free, others are not. Do some research to find which works best for your business.
- Back up your files. You wouldn’t want your valuable information to be lost, would you? Meganet offers backup solutions for computers and servers.
- Keep up to date. Update your software and operation system frequently. This keeps you safe from any issues that developers have fixed that attackers could have exploited.
- Password-protect your offices Wi-Fi, so your network can’t be infiltrated by unauthorized users.
- Install a firewall to protect your network from intrusion attempts.
- Lock your computer and phone when away from your desk. This is will prevent an authorized user from accessing your information without your permission.
- Be suspicious and consider yourself a target. Be one step ahead of bad actors on the web. Use common sense.
It’s never too late to get started on not only fortifying your office’s network, but to improve your own personal security practices.
If you feel in over your head, it’s not a bad idea to contact a reputable IT firm in your area for a security consultation.
Stay safe out there.