These days, it can be a constant battle trying to keep unwanted intruders out of your network. But it's possible to get so caught up in fighting cybercrime that you become negligent about the consequences of your own online actions.
Here are five risky habits that could be putting your business in danger for a data breach. Are you guilty of any of them?
1. Clicking on random advertisements: Cybercriminals have been using fake advertisements to disguise malicious software for decades. But now, infected advertisements are becoming much more prevalent, and harder to recognize. They’re also becoming more dangerous, too. Many, for instance, are now embedded with ransomware which is a type of malware that can encrypt a machine and holds its assets until a fee is paid. Such advertisements have been found on popular websites like the New York Times, AOL, the BBC and the NFL.
If you enjoy clicking on digital advertisements, and you don’t want to give up the practice, then you should at least be vigilant for fake links. Always hover your mouse over an advertisement before clicking on it, and check to see if you recognize the URL. If the URL looks suspicious, try searching for the promotion in Google instead of clicking on the link. It may take an extra second, but it sure beats accidentally clicking on an infected website.
2. Forgetting to lock your accounts: We’ve all done this at least once: You get up from your desk and walk away, leaving your computer and its files open for anyone to hijack.
What’s wrong with doing this? It only takes a minute for someone to insert a malware-laden USB stick into your computer, or to steal your machine altogether. But it takes no time at all to set up a strong physical lock for a laptop, or a digital lock like a password or biometric security technology such as a fingerprint or voice scanner.
By taking basic security precautions like these, you could wind up sparing yourself from a great deal of pain down the road.
3. Sharing information too freely: Oftentimes, data breaches will occur because random employees have unrestricted access to sensitive data on the network. So think about all of your shared accounts that you use to collaborate with other workers, and make sure that only trusted sources have access to them. Otherwise, you could be at risk for an insider data breach.
You should also consider setting up a Cloud Access Security Broker (CASB), which can send detailed reports when end users try to access shared information on your network. For example, a CASB can be configured to send a notification if someone tries to access shared information after work, or from another country. A business may instruct its CASB to deny access to certain geographical areas.
You can use a CASB to thwart an illegal data dump, or illegal spying. This is very important when working with third party vendors, where you typically have limited visibility into who is accessing your account on a regular basis.
4. Using public WiFi for work: We understand that you like to stay connected when traveling. But it’s important to do so securely over a private Internet connection. When logging onto a public Internet connection, you may as well invite random strangers to view the information you send and receive. A public hotspot is not private, and could leave the door wide open for a malicious intruder to access your information.
Our advice is to invest in a virtual private network (VPN), which is a private Internet connection that can be accessed from any remote location. And if you travel often, you’ll want to monitor your network constantly to detect suspicious activity. The best way to combat cybercrime is to be proactive.
5. Connecting with strangers online: As we discussed in last week’s blog post, social media phishing attacks increased by 500 percent during 4Q16. So if you’re connecting with random people on social networking sites like LinkedIn, be extra vigilant for bots and spammers. If you really want to connect with someone that you have not met, suggest arranging a brief phone call for identity verification and security purposes. It’s a great chance to spark a conversation with a new connection, and to do some investigating to see if they are who they claim to be.
Of course, these are just a few risky behaviors to be aware of. To receive more detailed instructions for staying safe online, consider signing up for Apex’s cybersecurity training course.
To learn more information, click here.
A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.
To ensure your security, consider one of our most popular services — Auditing & Documentation — which pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.