We seem to always hear about yet another data breach on the news. Sometimes the data loss is a result of a sophisticated exploit of a software vulnerability, but more often than not weak passwords are to blame. How can you best protect yourself and your business?
To begin, choose a strong password. Using upper, lowercase, numbers, and symbols is a must; and ensuring a password length of at least 8 characters will make it much harder for hackers to use brute force attempts to crack your password.
Although it is tempting to use the same password across all sites for simplicity, this should be avoided if possible. If a single site suffers a security failure, any site with the same password will now be exploited as well. If remembering too many passwords proves difficult, look at a reputable password manager software application. Avoid storing your passwords in a file on your computer or in your email, since such methods do not encrypt your data – a breach of your email, for instance, would reveal all your passwords!
Have a smartphone? Chances are, you have access to lots of sensitive data through the device – such as banking, email, and other personal information. Not having a passcode for the device is a huge security risk. Over 70 million smartphones are lost or stolen each year. Avoid obvious passcodes, such as 123456, and consider 2 factor authentication to further secure your data.
As a business owner, mobile security is even more important. Before granting access to company email on an employee’s mobile device, ensure they are following the mobile security guidelines above. If possible, use an email service that allows setting policies that require a passcode and allow you to remove access to sensitive data in the event the phone is lost, or the employee is terminated.
Arthur Dogramcian is the Vice President of Information Systems for Energi, Inc.