The Advantages of Ad Blocking

The Advantages of Ad Blocking

Ad BlockingThe Advantages of Ad Blocking. Unless you’re in the advertising business, you probably try to avoid ads. You pay extra to stream ad-free content online. You leave the room if you are actually watching live TV shows with ads. You filter spam out of your inbox. You immediately click out of ads on the Web pages you visit. But are you actively blocking online ads? You should be. They are more than an annoyance. They could be a security risk.

Cyber-criminals are smart and savvy crooks. They don’t advertise what they are doing, and it’s not that easy to spot, but they do buy legitimate ad space to lure users to malicious sites.

Malvertising uses legitimate online advertising networks to target you with malicious code. Sites you know and trust that use legitimate ad networks can end up serving up the malicious ads. Cyber-criminals have run ads on the New York Times, Spotify, and the London Stock Exchange redirecting to malicious websites.

Adware is another risk. Packaged with legitimate software, adware runs on your computer without your knowledge. It displays unwanted advertising, redirects search requests to ad websites, and mines your data.

The cyber-criminal wants to steal your ID, or your financial and contact data, or to encrypt your information, spy on, or hijack your computer.

They can do this with exciting ads ($9 iPads?!) or alerts (often warning about infections) to get your click. But they can also take a drive-by download approach. In these cases, you don’t even need to click on anything. You load the Web page hosting the ad (or malicious pop-up window). You’re directed to a page that finds browser or software security vulnerabilities to access your machine.

Protecting Against Malvertising

Keep your software up to date, and run antivirus checks to protect against downloads and malicious code. Avoiding Flash and Java helps too, as they are commonly exploited by malvertisers.

Cyber-criminals mostly target Windows users, because the huge user base gives them the best return on investment. But Macs are just as vulnerable to malvertising attacks. – MalwareBytes

Installing an ad blocker plugin prevents the ad loading in the first place. These take away the annoyance of ads and help you avoid falling victim to a malicious attack hidden in an ad.

At the same time, you will enjoy cleaner Web browsing, and you won’t have to worry about distracting ads flashing at you while you read.

Your pages will also load faster. The ads often run a lot of code on top of the website code your computer needs to read and load. The images or video, for instance, can make a difference to data usage. So, the less you have to load, the faster you’ll get to the content you wanted. This can also help to preserve the battery life of your mobile devices!

There are some other considerations, though. For one, not all adblocker plugins can be trusted. Some will mine your data and sell it to advertisers, which is exactly what you don’t want happening.

Also, some websites won’t load correctly without the ad code. You can turn off ads on a site-by-site basis. After all, some free sites that you frequent might rely on ad revenue, so there may be sites you trust that you want to support by turning off your ad blocker just for those sites.

Always think before you click. Updating browsers and plugins and installing ad blockers can also help.

For the peace of mind that comes with ad blocking and keeping your computer security current, give us a call at 319-227-7000. We can help set you up to enjoy a safer online experience.

2020-02-03T14:31:21-06:00February 4th, 2020|Security|0 Comments

What Is a VPN and Why Do I Need One?

What Is a VPN and Why Do I Need One?

What Is a VPN
Ever seen a thriller in which someone asks, “is this a secure line?” The good guys or villains want to be sure their conversations can’t be overhead. When you get a VPN service, you’re signing up for the online equivalent of a secure line.

VPN stands for virtual private network. Put simply, a VPN connects your computer, smartphone, or tablet to a shared or public network as if you’re connecting to a private network. Banks, governments, and companies use VPNs to connect to their networks remotely. Now, it’s becoming more common for the general public to use VPNs. After all, we’re doing online shopping or banking and exchanging sensitive data. We don’t want others to be able to access or track what we do online.

A VPN is an encrypted connection to the internet. It’s your own secure and private internet connection that you can take with you outside of your home.

Benefits of a VPN

There are many advantages to having a VPN. For instance, your VPN also encrypts your online activity. Every internet user has a unique IP address assigned by their internet provider. It’s sort of the technological equivalent of your fingerprint.

When you connect to the internet using a VPN, your IP address is masked. The address used is that of your VPN provider. So, you look like them rather than your home connection. You might think of the VPN as wearing gloves that prevent you from leaving fingerprints when you move around online.

Your search history isn’t logged. You don’t have to worry about bad actors or advertisers tracking your activity. If you want to check social media at work or on a school campus that blocks certain sites, your VPN lets you do so.

You can use the VPN to access a business network securely, too. So, you can use the technology to be more efficient when working remotely.

A VPN can also help you avoid geo-blocking. What’s geo-blocking? It’s a technology that restricts your access to services based on your location. For example, if you were trying to stream a Netflix show from your home country from overseas, you would be geo-blocked. But if Netflix can’t see you’re out of the country, it will let you in to catch up on your favorites.

You could also save money. When your location isn’t known, you can benefit from price disparities – the cost for the same product varies in different regions. The wealthier areas are charged more because sellers can get away with the price markup.

Who can use a VPN?

Anyone can connect to a VPN. You can connect your computers, phones, or tablets to a VPN. It’s a flexible solution that doesn’t need you to switch internet provider or buy any new equipment.

You can also work with a VPN provider. Some are free, but paid VPN providers tend to offer proven security and greater networking speeds.

Make sure your online traffic is secure. We can set up a safe VPN for you. Give our experts a call at 319-227-7000.

2019-12-01T19:53:44-06:00December 31st, 2019|Cloud Services, Networking, Security|0 Comments

Are You Banking Online Safely?

Are You Banking Online Safely?

Are You Banking Online Safely?
Banks and credit card companies are making it easier for us to get money on the go. We can check account balances, pay bills, and transfer funds online. We no longer even have to go into a bank or visit an ATM to deposit checks. But are you banking online safely?

In the past, all we had to do was protect our PIN number (and remember it). Now, we need a mobile account password, too. The first precaution you can take is to have a strong, unique password. Can you believe that “password,” “123456,” and “letmein” remain common access credentials? Don’t do it! Also, avoid using things that a cyber-criminal might guess or be able to learn from your social media. This eliminates anniversaries and birth dates, pets, and children’s names.

Don’t reuse your banking password anywhere else. Sure, if you duplicate the password, it’s easier for you to remember, but, a bad actor could access your credentials for another site. Then, they have that same email and password combo to use to try on your banking or credit card site, too.

It’s also not a good idea to write down your passwords or keep track of them on a note in your phone. If you’re worried about remembering all your passwords, consider a password manager. A high-quality password manager can be a safe way to keep your passwords secret yet available. Top password managers use secure encryption for your access credentials.

Make sure you’re only banking using your own, secured devices. This means don’t check your balance or whether a payment cleared while in line at the coffee shop or in the airport. Don’t risk banking using a public WiFi network that a hacker could be accessing to steal sensitive data. You also want to avoid using shared computers to login to your financial data. A cybercafe or library computer could have a key-logger that tracks your login details for criminal use.

Watch out for phishing emails that look like they come from your bank, credit card company, or a tax agency. Criminals send urgent emails warning of strange activity or that you’re being audited to get you to react.

Don’t click on any link or download any attachments in an email that appears to be from a financial institution – they don’t send private data directly in emails these days. They will send you to a secure inbox on their site. Always type the institutions’ Web address into the address bar. Otherwise, you might go to a fake, mirrored site that looks legitimate but will rip you off.

Added security for online banking

Two-factor authentication can help protect your financial accounts. Various banks will set it up differently, but you should definitely take the time to set this up. You might have to identify an image you selected besides using your password. Or you might need to enter a code sent to another device (such as a text message to your phone).

The second level of authentication can be an annoyance in our convenience-first society. Still, it keeps your accounts secure, even if cyber-criminals access your password.

You work hard for your money, and you don’t want a cyber-criminal taking control of or emptying out your financial accounts.

Worried about securing your online activity at home or on mobile devices? We can help. Contact us today at 319-227-7000 for expert support securing your financial data.

2019-12-01T19:19:30-06:00December 24th, 2019|Security|0 Comments

7 Things You Need to Know About Ransomware

7 Things You Need to Know About Ransomware7 Things You Need to Know About Ransomware

Ransomware is a well-named type of cyber-attack. Cyber-criminals taking this approach kidnap your data. After accessing your network, they encrypt files and demand payment for the passcode. Here are the top seven things you need to know about this business threat.

#1 It Can Happen to You

Cyber-criminals rely on your false confidence. Don’t think “it won’t happen to me.” Attacks on government, education, healthcare, or financial institutions get publicity. Yet organizations of all types and sizes are targeted.

#2 Ransomware Spreads Fast

Ransomware is malware, malicious software that can reach throughout a network. So, if Jane from accounting opens a ransomware file, every single computer on your business network could be infected. The virus can spread between businesses, too. Consider the debilitating WannaCry ransomware attack of 2017. Within four days of its first detection in Europe, the strain had spread to 116 countries.

#3 Ransomware Targets People

A common method is to send out phishing emails in the hope of having people enter their access credentials. Targeted business communication emails work, too. The attacker gets to know your business first. Then they send an email impersonating a colleague, supplier, or customer asking you to take action or update contact details by clicking on the link or downloading a file.

#4 Ransomware is Costly

Once the ransomware is installed on your system, it locks down your files. To regain access to the files, you need the password or decryption key the attacker supplies when you pay up; that’s if they keep their end of the bargain once you pay the ransom. These are crooks you’re dealing with after all!

In Coveware’s analysis of Q3 2019, the average ransom payment increased by 13% to $41,198 as compared to $36,295 in Q2 of 2019. And that’s just the cost of the ransom. Indirect costs include the cost of downtime, lost revenue, and long-term brand damage. There’s also the expense of removing the ransomware, forensic analysis, and rebuilding systems.

The average ransomware attack in Q3 2019 resulted in 12.1 days of downtime. – Coveware

#5 Ransom Requires Cryptocurrency

Ransom payment is usually made by bitcoin or another cryptocurrency. Your business needs to buy cryptocurrency with actual cash, then transmit the ransom. They choose cryptocurrency because it’s very difficult to trace. It doesn’t help you that bitcoin is not something you can charge back like a credit card.

#6 A Recovery Plan Helps

Planning in advance can help you respond more reasonably. Document plans to disconnect infected computers from the network as soon as possible. Also, power down any machines that could be vulnerable to avoid spreading contagion.

You should also discuss in advance whether or not your business will pay a ransom. Weighing the costs and benefits without a deadline on the decision can help you react more strategically.

#7 You Can Take Action

You don’t have to sit around worrying and waiting for a ransomware attack. There are many things you can do to help prevent this type of attack:

  • Filter traffic, preventing it from coming into your network in the first place.
  • Scan inbound emails for known threats, and block certain attachment types.
  • Use antivirus and anti-spam solutions and regularly upgrade and patch vulnerable software.
  • Educate all users about social engineering.
  • Allow remote access to your network only from secure virtual private networks.
  • Back up your data to more than one location so that you can restore any impacted files from a known source.

Ransomware is a lucrative, relatively easy mode of attack for cyber-criminals. Contact us today for help implementing the best protection practices to keep your data safe. Call us at 319-227-7000.

2019-12-01T18:11:37-06:00December 10th, 2019|Ransomware, Security|0 Comments

What Can Go Wrong with BCC

What Can Go Wrong with BCC?

Try to find someone who has not “replied all” when meaning to send to only one individual. It’s embarrassing and can aggravate those people with more emails flooding their inbox. Another common email gaffe is misusing the CC and BCC fields in outgoing messages. This mistake can prove costly for business.

You’ll have noticed those extra fields below the “To” field in your email client. CC stands for carbon copy, and BCC for blind carbon copy.

When you use CC, it’s like you’ve imprinted your message on an old blue sheet of carbon paper. The email copy sends to your To recipients as well as anyone you have CC’d. All recipients can see who else you sent your message to. This is a great way to encourage collaboration and accountability.

When you use BCC, your To recipient and anyone else you BCC’d gets the email, but you’re not showing where you sent the message. This is for when you’re addressing a large group of contacts that may not know each other, or when you are sending a group message but you want to respect the privacy of all your recipients.

The Blind Carbon Copy Nightmare

A big problem is using To or CC when meaning to use BCC. You inadvertently expose all your contacts’ email addresses. Personal contact information needs protection, and people’s privacy demands respect. You don’t want to make this mistake with a single or a few emails, or worse still hundreds or thousands of emails.

There are many examples of BCC blunders. West Ham United Football Club faces the UK’s Information Commissioner’s Office fines for confirming all season ticket holders with email addresses in the CC field. In another example, the Independent Inquiry into Child Sexual Abuse was fined US$260,000 for exposing possible victims of child abuse in the same way.

Scotland’s National Health Service messaged transgender patients with their addresses in the To field. Instead of using BCC, the sender used an open distribution list. This shared 86 Glasgow patient email addresses and, perhaps, patient names and dates of birth when the addresses incorporated those details. You can bet there were some heated replies to that message, although the reports didn’t share whether they were “reply all” or not.

Also, the Sydney Morning Herald reported on a real estate company employee mistakenly CC’ing 300 customer emails. A customer complained. The error resulted in a six-figure aftermath. Lawyers, a consulting firm, and eight full-time employees worked on a data breach response plan for weeks.

What’s Better Than BCC

Any CC or BCC blunder could be a data breach. Take care. Don’t risk the loss of customer trust and possible compliance issues.

When you need to send out an email to a large group of people when you’re not necessarily expecting a response, use mailing software such as Mailchimp. Email marketing platforms send an individual copy of your message to every person on your mailing list, so there’s no risk of your contact list being exposed.

Need help setting up your email client or getting up to speed on an email marketing platform? We can help. Contact us today at 319-227-7000

2019-12-01T17:59:03-06:00December 3rd, 2019|Email, Security|0 Comments

Security or Flexibility: Which Matters More?

Security or Flexibility: Which Matters More?

Security or Flexibility

Business is all about making tough choices. One such choice is whether to value IT security or business flexibility more. Unfortunately, you can’t have the best of both at once.

While having absolute security or flexibility may sound good, neither is actually for the best. An entirely secure environment is tough on users, a fully flexible IT environment is nearly impossible to keep safe.

When weighing security and flexibility, you might think of it on a sliding scale: more of one means sacrificing some of the other. If you amp up your security, you can limit business productivity. Your staff may try to get work done and bump up against security constraints. Or you may decide to give your people full flexibility, but you do so at the risk of leaving your business more vulnerable to attack.

Where you want to land on this sliding scale can depend on your industry. A bank protecting funds or a hospital with private patient data would prioritize security. Alternately, a small widgets business might not worry about data security as much.

Still, it’s a tough choice to make. Security company Balabit asked European IT pros to choose between IT security and business flexibility. In general, 71 percent thought security was equally or more important than flexibility. But when asked whether they’d risk security to clinch a major deal, 69 percent were willing to take their chances.

Finding the Right Balance

Leaders have to find the sweet spot between IT security and business flexibility. Striking the right balance is essential to successful security measures and flexibility aims.

One major consideration is the type of data the IT security is protecting. Credit card or health insurance companies are responsible for securing customer information. A university with many networked computers also needs to think about security; otherwise, criminals might target the school’s processors to power their attacks.

The potential impacts of a security breach are also a factor. Cyber-attacks can mean business disruption, and lost productivity and business revenue, plus damage to brand reputation and loss of customer loyalty. A business in a highly regulated industry could also face massive fines and legal fees.

Assessing the risk of attack also helps. For example, a company with a billion-dollar idea, or a utility, face greater risk than a tuna packet labeler. Another consideration would be history of suspicious activity: if your business has already suffered an attack, security should be a priority. Likewise, if your industry is a common target for cyber-criminals, you can’t take unnecessary chances.

Then, there’s the demand for business flexibility. How much do you need and in what situations? For instance, allowing employees to use their own devices is a convenience for some, but it’s a necessity in other environments.

The ability to control security and flexibility on a situation-by-situation basis can help. In instances where customers’ identifying information is exchanged, security would trump flexibility. But when work teams collaborate globally, business flexibility is the more important aim.

Get MSP Input into This Equation

A managed services provider (MSP) can provide perspective on the best balance. The MSP examines business processes and goals, and determines appetite for risk. Then, it helps set that slider between IT security and business flexibility.

IT experts recognize the need for adaptable security responding to shifting needs. When that big deal comes up, you don’t want to have to deliberately risk security. Ultimately, you’re looking to achieve flexicurity – just the right combination of both. This lets your technology users do their best, while your business remains secure.

Want to balance security and still be business friendly? Contact our experts for a consultation today! Call us 319-227-7000!

2019-10-25T16:18:17-05:00November 26th, 2019|Security|0 Comments

What is a Firewall, and Why Does It Matter?

What is a Firewall, and Why Does It Matter?Firewall Cedar Rapids, IA

Hearing “firewall” in the context of computing can be confusing. How does a tall, blazing fire separating rescue teams from people trapped apply to computers?

Well, imagine the rescue team using heavy blasts of water to save the day. A hacker is as motivated to get at your data. They will try everything to bypass your security. They want to get inside your network perimeter. In a business office, computers and printers are often networked together. This lets Jane in accounting and Kevin in graphic design access the same business tools.

In computing, a firewall sits between that internal network and the internet outside. It’s kind of like a nightclub bouncer. You definitely want it to be as burly and intimidating as possible to keep the riff-raff out. The firewall helps reduce or prevent unwanted traffic from getting through.

The Packet Filtering Firewall Approach

Your firewall can be hardware, software, or both. A packet-filter firewall monitors and controls network traffic. It filters data entering the network according to predetermined rules. IT experts set up a firewall to examine small amounts of data (called “packets”) to see if they contain threats. It checks packet data against criteria such as allowed IP addresses and packet type. If the data is suspect, the firewall stops those packets. If not, the data will continue on to its destination.

Firewalls stop certain software from sending and receiving data to and from the internet. This reduces the number of entry points for viruses or illegitimate traffic. After all, a club wouldn’t want to hire the bouncers to cover seven different doors.

A firewall also monitors outgoing traffic. Why’s that? Because an infected computer in your network could be sending out malicious information. If your company has fallen victim to a malware attack that turns a computer into a bot, it might be “phoning home.”

Unlike E.T. trying to get back to the safety of his home planet, the malware is checking in with its Zombie master. It’s helping to strengthen the bad guy’s ability to attack victims.

Firewalls can help prevent denial-of-service (DoS) attacks. In a DoS incident, thousands of computers are used to send an overwhelming amount of traffic to a network. It’s like putting 10,000 people in an elevator with an occupancy limit of 20 – expect a crash.

One famous 2016 attack seriously disrupted Amazon, Visa, PayPal, Netflix, AirBnB, and more.

Other Types of Firewalls

Packet-filtering firewalls aren’t your only option. Stateful inspection is helping to make firewalls even smarter. These check where the packet came from, where it is going, and what application requested it. This end-to-end examination is more rigorous. All the parameters must match trusted information for the packet to pass through. This approach offers a smart, fast way to inspect for unauthorized traffic.

When setting up any firewall, it is important to avoid any unintentional openings. A hole in a chain-link fence renders perimeter security useless. A hole in a firewall leaves your network vulnerable.

Need help deciding on the right type of firewall for your business? Want to be sure your firewalls are going to withstand attack?

Our experts can help set up and test your firewalls. Contact us today at 319-227-7000!

2019-10-25T15:19:54-05:00November 19th, 2019|Compliance, Networking, Ransomware, Security|0 Comments

The Trouble with Trusting Your Online Friends

The Trouble with Trusting Your Online Friends

Trusting Your Online Friends

Trust is the foundation of a good relationship – you trust friends to be loyal, sincere, and honest. But when you blindly trust online friends, you could be opening yourself up to cyber-attack.

When you hear about a big data breach on the news, you may think you don’t need to worry. You may think, “I don’t do business with that company, so the crooks can’t steal my identity.” Or “my email address and password weren’t involved, so it’s not my problem.” Yet it could be.

One of your friends or family members’ personally identifying information may be hacked. Then, cyber-criminals could use that as a stepping stone to get to you.

Think you’re safe when you interact with friends and family on Facebook or Instagram? Those aren’t the sites breached! Again, think twice.

Many people reuse their username and password on more than one site. Imagine the bad guys get hold of an individual’s credentials from a malware attack on a major retailer, or they buy that person’s credentials for a banking site on the Dark Web after a breach. The crooks might try the credentials on those sites to see if they can gain access, but they are also likely to try those same credentials on other sites, too.

What to Watch Out for Among Online Friends/Family

Hackers prey on our impulse to trust others. They have greater odds of success impersonating a Facebook friend asking for help. If a Nigerian prince emails out of the blue and asks for money, most of us know by now to delete the message immediately. But if Aunt Peggy does the same thing via Facebook, you’re more likely to fall for it.

The same thing happens with malicious content. We all know not to click on attachments from people we don’t know and trust. After hacking a social media account, cyber-criminals email all that person’s friends. They might say something appealing such as, “you’ve got to check out this latest hilarious video of my son!” We want to see our friend’s son being funny, so we click, and the trouble starts.

One more note: be wary of whom you accept into your “friends” circle online. Adding your niece’s best friend or your work colleague’s husband may seem like a good idea, but, that’s one more possible vulnerability.

Impersonations of people you trust aren’t only happening on social media. You might get emails that appear to be from companies you trust, vendors you know, or work colleagues. For instance, you might get an invoice from your housekeeping service. It looks like usual, with the same services listed, but the banking details are different. If you don’t catch on, you’ll be paying the crooks instead of your cleaners.

Or you might get an email from a “co-worker” asking you to remind them of a password or account number. It seems like a simple request from someone who can afford to be casual about security with you. But don’t fall for a “hey, what was that password again?” request.

Another area of daily life that cyber-criminals target is online selling sites such as eBay. They might hack an account with solid feedback to post items for sale. They’ll accept your payment but never deliver the goods.

A managed services provider can help you secure online interactions and home computing networks. Want to learn more?

Contact us today at 319-227-7000!

2019-10-25T16:41:23-05:00November 8th, 2019|Security|0 Comments

LetMeIn101: How the Bad Guys Get Your Password

LetMeIn101: How the Bad Guys Get Your PasswordYour Password

Passwords are essential to your cyber-safety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your lax attitude is one way bad guys access your passwords.

Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.

Tip: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.

Cyber-criminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.

Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.

If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.

Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it unique to you.

The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.

Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.

Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.

Tip: Be cautious about your online activity on computers or networks you don’t trust.

Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.

Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.

These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cyber-criminals?

Contact our experts today! Call us at 319-227-7000

2019-10-08T13:13:17-05:00October 22nd, 2019|Security|0 Comments

Strong Security Starts with Strong Passwords

Strong Security Starts with Strong PasswordsStrong Passwords

We have been thinking a lot about client security lately. When we came across this blog series about strong passwords, we knew we had to share it with all of our clients. It’s all too easy to think passwords are a nuisance—when really, they’re essential to keeping your data and your business safe.

If you use the same password for multiple systems—online shopping, email, your company’s cloud bookkeeping solution, etc.—you’re not alone. Even Facebook founder Mark Zuckerburg did that. And in 2016 his LinkedIn credentials were compromised in a major breach. That gave hackers access to his Twitter account, too, because the passwords were the same.

The fact is, with just one user password, hackers can often break into multiple applications and systems. Your whole business can very quickly be put at risk. That’s why a good security practice is to have a different, strong password for every account. A breach will be isolated to that account, and the fallout will be much smaller and easier to manage.

Be extra protective of your sensitive accounts

When it comes to ultra-sensitive accounts like company servers or your banking apps, make extra sure the password you use isn’t one you’ve used anywhere else. Banks usually have strong security measures, but even those won’t protect you if someone tries a password you’ve used somewhere else and it works. The consequences could be disastrous.

Email is another big one to safeguard—work and personal. If someone gets into your email, the potential for damage goes up exponentially. They can send out phishing, ransomware, or other malicious attacks to any or all of your contacts, and they’ll seem legitimate because they’ve come directly from you.

Be unique and use strong passwords 

Of course, in addition to being unique, your passwords have to be strong, too. At a minimum, that means making each one long. Pick one with at least eight characters, but the longer the better. If you can use phrases of multiple words instead of a single word, that’s even better still. (And for goodness’ sake, don’t use “password”.)

So why don’t more people use unique, strong passwords for every account? Usually because they feel like it’s too much work. If you have dozens or hundreds of accounts, having a different password for each one might seem like a royal pain. And long, complex passwords are definitely hard if not impossible to remember. Fortunately, there are solutions to help manage passwords for you so your brain (or an insecure notebook or spreadsheet) doesn’t have to do all the work. Having the right tools is just as important as having the right practices in place.

2019-10-21T09:54:31-05:00October 21st, 2019|Security|0 Comments