Thoughts on Personal Cybersecurity
by Scott Jordan, Founder and CTO
August 22, 2024
I was privileged this week to speak to the Yorktown, Indiana Chamber of Commerce about simple things individuals can do to help protect themselves from cyber security threats. I think it is so important that everyone puts some basic practices in place in their personal lives to protect their finances and families.
Here are some thoughts I shared:
1. Cybercrime is a national defense issue.
In 2023 alone, businesses paid out approximately $1.5 Billion in ransoms. This impacts every one of us through leaked personal records and higher costs. The threat is not a 14-year-old in his grandma’s basement, the threat comes from organized crime and to a larger degree, state actors. The most active cyber-warfare nations are you guessed it… China, Russia, Iran, and North Korea.
2. Password hygiene matters.
I know it’s a pain, but do not re-use passwords or have the same password for multiple sites. If a bad guy gets your password from a data leak at one company, he will try it at other sites, such as your bank. Change passwords often. Do not use pet names, birthdates, kids’ names, street addresses, etc. The best choice is to use a password management tool, such as Keeper or LastPass. These applications let you create a randomized password and recall it within the browser when needed. If you must use a password that you will have to type in regularly, I recommend a phrase, with some random punctuation. Think of something you can remember. For example, @I-r3ally-l1ke-ic3cr3am#.
3. Practice situational awareness.
Not only is this a great tool for personal safety, but it is also absolutely necessary for digital safety. 70% of ransomware attacks originate with an email that tricks people into clicking a link, opening a file, or giving up private information. If you do not expect the email, or if something looks funny, DO NOT CLICK ANYTHING. Just delete the email or text message. The bad guys are getting very good at convincing people that their package was not deliverable, their bank account is frozen, or their vacation time was not approved… These tricks always rely on you reacting and clicking. Take a pause – consider the source, sender, and plausibility of the message. If you still have a concern, look up the sending organization’s contact information online call them. Be aware of your situation and do not just react.
4. Say yes to multi-factor authentication.
Most online services like banks, healthcare portals, and social media offer login with multi-factor authentication (MFA). So what is MFA?
We all know a username and password, but often your username is your email, which is easily known, and many, MANY passwords have also been leaked and are available on the dark web for purchase. So, if bad guy already has the username and a password to try, his chances are very good at getting into your account. Multi-factor authentication, in its most common form, is a temporary code that is sent directly to you via a text message or an authentication application on your phone. This code only lasts for a short period of time. But it is something you have that only you have at that time. Your online identity is then protected by three factors; something you are (username), something you know (password), and something you have (temporary code). This has saved my bacon before, and it is well worth the extra hassle.
5. Updates are not optional.
Finally, update ALL your software on your computer regularly. Make sure your operating system, browsers, and all other applications are maintained at their latest versions. The primary reason software publishers update their software is to fix vulnerabilities that are discovered. This is a key component of any security management strategy.
About Deltec Solutions
Deltec Solutions is a Muncie-based business specializing in strategic Information Technology solutions for organizations. As a trusted technology partner for small and mid-size organizations since 1990, Deltec Solutions helps clients with their technology needs in four areas: network infrastructure consulting and planning, cybersecurity hardening and training, business resiliency, and remote desktop support. Call us today and let us help you get the most of your technology investment.
Contacts
Steve Davis, President and CEO | sdavis@deltecsolutions.com | 765-587-5136
Scott Jordan, Founder and CTO | sajordan@deltecsolutions.com | 765-587-5101