Data breaches happen often these days, probably more than you think they do because so many go unreported — or even undiscovered. This is why companies must constantly monitor and update their software, looking for bugs, backdoors, and any line of code that can cause vulnerability and compromise the software’s integrity on the whole.
The biggest security breach of 2018 was Marriott International. It involved over 500 million user credentials exploited, going back to 2014. That’s a few years gone by before anyone raised the alarm. Let’s not forget 2017’s Equifax incident, where personal information of around 140 million customers was obtained through an unguarded section on their website. Adding on to the list are automotive manufacturer Toyota and social giant Facebook, both of whom were victims of cyberattacks. They have been the punching bag for hacking organizations in recent times due to their weak data management and storage practices.
Cybersecurity is a vast field, and organizations are spending millions into R&D to rebuild their security infrastructure, as new methods of exploiting data are rising every day. Hackers are getting creative about how they snoop around and pickpocket sensitive information. It’s one of these “on the cusp” sectors compelling companies to bring their A-game at all times. Getting your customer’s data breached isn’t going to look good, but with growing seedy methods on the rise, sometimes bypassing the best security systems can be relatively easy.
Now, there are ways to protect data breaches from happening, but it doesn’t come down to one single rock-solid approach to become unhackable. In fact, many of the steps and methods implemented these days aren’t foolproof. From two-factor authentication to biometrically unlocking data to, backing-up sensitive information stored in the cloud, each method does have its own weak points that hackers can compromise without breaking a sweat.
As a whole, customers are now more wary of how much personal information they share online — although this doesn’t seem to deter hackers from taking what they want. All it takes is a full name, age, and email ID of someone that can result in a pretty penny for the cyberthief who wants to exploit. Sounds simple enough, right?
There are some methods that may seem like a tiny measure but are much more potent than you’d think. These longstanding IT security practices seem simple but may prove powerful in the long run. Let’s go through some of the practices that have stood the test of time.
Always keep your software up to date
Everyone’s heard this before. Companies always informing users to make sure they are running the latest version of the software application. Granted, most users see this as a hassle more than anything else but the truth is it is one of the ways your data stays safe.
Looking at the ransomware attacks that occurred since late 2017, the main target of these malware was systems running older versions of the software. A small factor, but it was overlooked by many corporations that were brought to their knees. The solution — software companies send out security patches to fix bugs and prevent backdoor entries in the form of a software update. And when it comes to best security practices, it’s up to the IT team to make sure these patches and upgrades are installed.
Always back up sensitive data
Information can be in the form of many things — sensitive documents, bank statements, company client profiles, telephone numbers, and other delicate credentials. Physical backing up of data is an old security practice going back way before the days of online storage.
Information copied onto an external storage device, kept out of reach from your PC’s Internet connection, is a sure way of securing oneself from a data breach. For more security, the drive can be encrypted and logs recorded every time the data is accessed.
Or you could even store a backup on cloud platforms in case your PC gets compromised. Cloud platforms come with a higher standard of encryption and can merge two or more security measures together to become more robust such as enabling two-factor authentication along with a fingerprint reader through your cell phone or a code generating USB drive.
Always enable two-factor authentication
2FA is a popular method of securing sensitive information online. It has been making its way into the mainstream since 2016, and is now one of the most important IT security practices you can follow. It’s like a password on top of your password but in the form of a four- to six-digit code, sometimes more depending on which software giant’s services you use. Once the password is entered, a code is sent to your phone that you must verify on screen. You will have to register your number with the website to enable 2FA. It is a widely important security practice that can protect your data from falling into the wrong hands. This will eventually evolve into multifactor authentication, which will combine a code, an iris scan, or fingerprint scan from a mobile/laptop device on top of your existing password.
Always be wary of the 3 Ps
No matter how careful you think you are, there are situations that may arise where a hacker cons you into clicking on what you think is an interesting link or downloading content off shady websites. Phishing is one of those go-to methods for hackers. It’s easy for them because they rely on gullible Internet users who can’t resist clicking on that pretty attachment, which appears to come from friends and family members or is sometimes just a killer discount deals. When clicked, you may be tricked into divulging personal information or find yourself downloading malware that will compromise everything on your network.
Public computers are another aspect to watch out for. Be careful if accessing sensitive information from a public PC as there could be anything from an invisible keylogger installed to dozens of worms and Trojan horses.
Public WiFi and hotspots are another deeply flawed security concern, because you are using a public gateway accessed by hundreds of other people. Sharing sensitive information through public WiFi leaves you vulnerable and makes you an easy target open to attack.
Always enable a firewall
This is the first line of defense that controls the incoming and outgoing flow of Internet traffic. It acts as a barrier between your trusted device and an untrusted Internet network. Along with firewall enabled, running an antivirus should keep you secure enough while using the Internet.
Always use a strong password
This one started it all because passwords are taken for granted today. True, it is flawed but compared to the other methods mentioned, it’s the agnostic big daddy of cybersecurity.
Think of an iris or a face scan as a means of security tool or the fingerprint. Biometrics is the future but it isn’t as good as a password, at least not yet. Our faces picked up by CCTV cameras, the eyes can be obtained from photographs taken over the years, even lifting a fingerprint from a cup of joe or off the handle of a spoon. Seems so easily flawed compared to a secret word that only you know.
These IT security practices might sound trivial as no matter how much you try to keep yourself secure, something might still manage to sneak in and compromise your information. Hackers get better every day at new ways to deceive the best of us but in time so will our methods of fighting back.
There will come a day where a completely new Internet protocol is integrated to replace these old measures with something highly complex and impenetrable. Maybe in another five years’ time, we could have a vast blockchain-integrated security system that might outlive the password itself and make cybersecurity as we know it today obsolete. Until then, make sure to use special characters along with letters and numbers and replace your password once every 90 days. Yes, just because you’ve been hearing about these IT security practices your entire career doesn’t mean they are old or outdated — or that they don’t work.
Featured images: Pixabay