‘Tis the season for all-things online shopping: from personal presents to choosing the perfect gift to impress your best clients, it’s a busy time. You have the opportunity to cash in on online deals, but don’t forget to keep security at the top of your mind, whether it’s your personal account or the company card. Start here: is your password different for every shopping and e-card site that you use? If not, it should be!
Saturday, November 30, is Computer Security Day, so it’s a good time to consider whether your online holiday habits are putting you at risk of a data breach – and a great time to educate everyone in your company about how to prevent one!
Top security tip: use a different password for every website and online account – business or personal. You’ve probably heard this a hundred times already, but it’s the first line of defense that you have against attacks.
Everyone should take computer and internet security seriously. The biggest threat to businesses is password reuse, like having the same (or similar) username and password combination for your computer login, work email, and software platforms. This issue is surprisingly common — the resource Have I Been Pwned has collected more than 8.5 billion username and password pairs since 2013. Recent data breaches included more than 100,000,000 accounts from Evites and over 700,000 from Sephora. Once attackers breach one of your online accounts, they then try the same username and password on sites across the internet, looking for another match. If one password on one website or application is breached, then all your other accounts with the same password are vulnerable.
Do your company a huge favor: don’t use the same password on more than one website, platform, or application. Otherwise, your accounts are an easy target for an attacker to gain valuable data like your credit card number – or ever worse – your company’s card number. If your company’s data is breached due to your activity, you risk facing major consequences.
Combat Online Grinches
Protect your company information from attacks, scams, phishing, and other vile Grinch-like activity with the following tips:
1. Create a strong password for every application and cloud-based account. A password manager like LastPass or 1Password (which are available for business or personal use) can help you create unique passwords for every online account. Be sure to also choose a strong passphrase with 2-factor authentication for your password manager login, and then set it up to automatically generate passwords for you.
2. Choose 2-factor authentication. Many online platforms now offer some means of 2-factor authentication. It takes a few more minutes to set up, but it’s worth it. Do this on as many websites as possible to make your logins more secure.
3. Do not send personal or business-related passwords via email. It may be an easy means of communication, but email is not a secure method of communication. Also: don’t click links in emails from unknown senders, and always double check email addresses to ensure you’re actually familiar with the origin of the email.
Teach to Prevent a Breach
Your online footprint consists of various accounts, email providers, social media, and web browsing history. Essential personal and company info, like financial records are online, too. All of this info is valuable and sellable to someone, and the tools they use to steal your data are cheap. All they need to do is get one credit card or account number and the payoff may be monumental.
Educate employees regularly about data security and online activity in order to keep your company safe all year long. Warn them to be vigilant, especially around the holidays, when there’s an increase in online commerce and communication, and therefore a greater chance that an attacker may succeed in getting the info they want from you or your company.