Internet users have protected their online accounts and identity against hackers through the use of innovative passwords for years. A combination of letters (upper case and lower case), numbers, symbols and punctuation marks reduce the likelihood of passwords getting into the wrong hands. However, there are a range of methods that internet users should consider in order to protect themselves against identity fraud and data theft.
In recognition of World Password Day 2016, here are 5 top tips for micro, small and medium-sized businesses to protect against the online threats that compromise security.
Protect Yourself with Anti-Malware
Malicious software (‘Malware’) is software that uses viruses, spyware, worms and trojan horses etc. in an attempt to infiltrate and damage your computer without consent. Malware can be hidden in photographs or videos that are shared, it can be present on websites and contained within emails.
Even the most conservative web-user is likely to have a device infected at some point and running a good anti-virus protection program on all work devices will give users the baseline protection required to reduce susceptibility to infection. Additionally users are advised not to click on suspicious links and websites.
Install OS and Software Updates
Operating System (“OS”) and software updates are important in terms of functionality and contain essential security updates and vulnerability patches which prevent malware exploiting flaws in web browsers, email programs, instant messaging software/messages etc. which lessen the chances of computer systems being compromised.
Any software used is a potential source of vulnerability and the more commonly used a program is, the larger the target it represents to malware. Security professionals recommend that automatic software updates are enabled to provide regular protection to avoid the user having to remember to run the process.
Secure your Wireless Network at your Home or Business
It is recommended to password protect your wireless network so it is not accessible to unauthorised individuals who are merely attempting to get free Wi-Fi access or, more seriously, aiming to hijack your wireless network.
Even if the individual is simply looking for the former, a business without the budget to install significant security infrastructure will not wish to inadvertently share private information with people using the network without permission.
Ensure your workplace wireless network is secure, hidden and encrypted. Set up the network so that it does not broadcast its name, known as the Service Set Identifier or (“SSID”), and password protect access to the router.
Avoid Sensitive Transactions on Public Wi-Fi
Mobile working may appeal to businesses that do not have plenty of office space, however, placing any reliance on a public Wi-Fi connection can lead to the data being intercepted by others. Public Wi-Fi hotspots are convenient but involve the potential for security to be compromised.
Be careful about what information you send or receive whilst connected to public Wi-Fi networks and avoid banking transactions or activities that require the use of password access as criminals can set up hotspots known as ‘evil twins’ to steal user information.
Always try to use password protected (encrypted) networks to ensure data is not accessed by unauthorised users.
Properly Dispose of Old Electronics
Nothing is ever really permanently deleted from a computing device and technologically sophisticated hackers and criminals are often able to recover information from hard drives if a device has not been properly disposed of.
Even when an electronic device is no longer being used, existing sensitive and/or confidential information can be accessed and used illegally. If a small business has experienced growth and is purchasing new computers it is recommended that documents are shredded and electronic devices are recycled in order to dispose of sensitive records, data and information.
There are a number of steps that are required and they include backing up and deleting personal data, uninstalling and de-registering any programs that keep a count of the PCs on which they are installed, erasing data on the hard-drive by using a USB pen drive, taking the PC back to its factory condition by using the system restore function and using the disk eraser to overwrite all the “empty” drive space, so that deleted files can’t be undeleted.
Small businesses may have in-house expertise for this, however, if in doubt, seek out a recognised and reputable expert in electronics recycling.
If you need any advice in relation to data protection please contact the head of our Corporate and Commercial Team, Ed Barnes, on 01244 354829 or at edward.barnes@dtmlegal.com
