The IT landscape, along with business, has changed dramatically since PC King launched in 1992.
Technology was expensive and very complicated to use. While prices have dropped, and software has become easier to use, with the growth of the internet, and your daily reliance on it, a whole new threat to IT and business continuity has developed.
Early viruses were transmitted by floppy disk (remember those?) and may put an annoying pop up window on your system, explaining how clever the programmer was.
Then there was the ‘worm’, which replicated itself across networks, and the internet at large, causing massive headaches for businesses, as their technology stopped working.
Now we have ‘ransomware’, which can hide undetected on your computers, often for a few months, until one day it strikes – and all your files are encrypted. If you have a backup, those are also overwritten, and become useless. The only way to continue staying in business is – to pay the ransom.
One of the latest hacking techniques is called social engineering, where a nefarious person will email someone in business, pretending to be a bank, the IRD (or other government department), or perhaps a telecommunication company, asking you to log in to their website to verify information. The person is led to a very convincing, legitimate looking website, by clicking the link. Once they log in, they are doomed. Their credentials are captured.
So now cyber thieves and criminals no longer need to hack into your business, – because they can now trick you and your team to just hand over the keys and alarm code.
Sadly, there is no technical defence against a social engineering attack.
Ultimately, it all comes down to training. Employees and people need to learn that these threats are very real and very prevalent.
Even when a company implements the most state-of-the-art technical and physical security measures, all it takes is a single employee to mistakenly trust an adversary one time and inadvertently provide a way into the system for the attacker.
Human-error accounts for up to 95% of security incidents. Therefore educating employees on security awareness is crucial to organisations.
And what’s more, a whopping 25% of employees are using the same password for all logins. A massive amount of passwords are compromised due to data breaches and used by the bad guys for attacks. Are any hacked passwords in use within your organisation? What if that password is available for sale on the internet’s Dark Web?
Using breached passwords puts your network at risk. Password policies often do not prevent employees from using known bad passwords. Making your users frequently change their passwords isn’t a good solution either. It only takes one compromised password match for the bad guys to gain access.
But its not all doom and gloom.
The internet is here to stay – and we need it more and more now, to use it to stay connected for everyday things.
Here’s seven things you can do to help safeguard and protect yourself, your family, your business, your finances, and your reputation :
- Regularly Back up your Data
Copy your important files to another, separate location, and try and keep more than two copies, with ne copy somewhere else
- Install an Anti-Virus that can fully protect you
Antivirus software can help you detect and remove malware and viruses from your device. And consider investing in the best you can get (this is the one thing you must not compromise on)
- Keep your Devices up-to-date
When you’re alerted to an update, don’t ignore it – install it as soon as possible.
- Choose unique passwords
Aim for passwords of 8 characters or more. Use numbers, letters and symbols in them (and don’t use ‘password’ as your password!). Think about using a short phrase rather than a password, for example ‘Winter here is warmer than summer’, and use a mix of letters, numbers and symbols to make it more complex — ‘Wint3r here 1s warmer th@n Summ3r’.
- Don’t trust free WiFi
If you’re logging on at a café or hotspot, for example. These networks are generally untrusted, meaning that it’s possible that others could see what you’re doing when you use them.
- Be smart about social media
Did you know that the information you post to your Facebook profile, your Twitter feed or your Instagram account could be used to steal your identity or hack into your online accounts? Don’t give out personal information online unless you know who’s asking for it and why. Scams, fraud and phishing emails all attempt to trick you into giving away your personal information or your financial details – often by pretending to be a legitimate business
- Invest in a Security Training Programme
Human-error accounts for up to 95% of security incidents. Therefore educating employees on security awareness is crucial to organisations
Brendan Richardson is a Security Specialist and Director of PC KING, one New Zealand’s oldest IT companies. PC KING has been assisting businesses with their IT needs since 1992.
You can contact Brendan (brendan@pcking.co.nz) for more information on how to get more value and better protect your computer systems, or call 0800 1234 PC now and ask about their special offerings.