Keeping sensitive data in cloud storage is commonplace for companies, but adequate security is a concern. What are the best ways to protect personally identifiable information (PII) from being hacked?
Do you think someone tried to hack your system? Do you suspect you’ve been hacked?
Unlike pop culture would have us believe, cybercriminals – hackers – don’t always sit in dimly-lit rooms looking at a dark computer screen with green cursors, prompting their next action. No, hackers aim to blend in and be invisible, aiming for victims who are more likely to trust their surroundings and leave their guard down.
Hackers and their methods vary in sophistication, but the reality is that simplicity is the most effective approach. Hackers target one thing: weakness. So how can you protect yourself from unintended consequences and prevent granting access to unauthorized users? Fortify your defenses and make sure your data, your email, and your livelihood are safeguarded.
Protecting yourself is surprisingly affordable with just a few simple steps:
#1 – Security updates
Just like when you leave your home or car and lock the doors behind you, it’s equally important to prevent unauthorized users from accessing your system by “locking the doors”. Many technology manufacturers, like Microsoft, release regular security updates to protect users from weaknesses and threats. Your systems will be the most secure if you always check for and install the latest updates. Software developers will encourage users to update through pop-up menus, prompting for installation immediately or giving the option for a more convenient time.
On a PC, you can check for Windows 10 operating system software updates easily:
Click the Windows icon to open the Start menu.
Click to open the Settings menu.
Click “Update & Security”.Click “Windows Update”.
Click “Check for Updates”.
Tip: Don’t postpone updates! Security updates are released in response to detected threats.
#2 – Smart surfing
The sneaky way hackers gain access is by mimicking familiar environments to “trick” users into a click or password reveal. Email phishing, where cybercriminals send emails that look legitimate but include sneaky hyperlinks aimed at getting users to click on them and potentially download a file that contains a virus or malware, or pretends to be from a known source that convinces recipients to enter sensitive information, like passwords.
You’ve also probably been surfing the Internet at some point when you’ve been directed to a website or received a pop-up message that contains “alarmist” messages, alerting you to a critical error in your system that must be remedied – of course, the remedy is to “Click Here”!
Microsoft and other software providers will never contact you this way to alert users to detected or suspected threats, and these are attempts by hackers to gain remote access to your machine or network.
Tip: Content-control software, more commonly known as web filtering software, can be installed at the end-user level – directly on a device – to monitor Internet traffic and protect users from questionable or dangerous material delivered over the web.
#3 – Password protection
Make passwords complex: Set passwords that are at least eight characters, with a combination of uppercase and lowercase letters, plus a mix of letters with numbers and special characters.
Use unique passwords: Don’t use the same passwords for different software or websites, and don’t repeat passwords over and over with only one character changed
Change passwords regularly: The average length of time between when a user changes a password stretched to more than 90 days and prompted major software developers to require users to change passwords at that interval.The longer a password remains the same, the more time a hacker has to try to guess a password – and if a user uses the same password for more than one website, the hacker has just gained entry into each website.
Don’t store passwords in public places: A password offers no level of protection if it’s written down on a sticky note and placed next to the device it’s used to access.
Tip #1: Don’t link accounts, like Facebook. Linked accounts allow a hacker to access any linked accounts from the account they’ve accessed, making passwords irrelevant in each case.
Tip #2: Longer is better: passwords with 20 characters, like a string of words without spaces, are harder to guess than shorter passwords even with special characters because the number of special characters recognized by most authentication protocols is limited, only adding a few attempts to each keystroke within a password that needs to be guessed. Imagine if a password were “teacup” and then add a “1” and a “?” at the end – it wouldn’t be that difficult to figure out!
What can you do if you’ve been hacked?
#1 – Antivirus software
Install and run antivirus software, like Avast, to run a full system scan for viruses, malware, ransomware, and more. Antivirus software providers update programs regularly to keep users protected from the latest threats and keep your devices in tip-top shape.
#2 – Change all passwords
Follow the password recommendations outlined above and change all passwords, especially for web-based programs like email or social media platforms or cloud-based applications you use.
Tip: While you should not write down your passwords anywhere, it’s a good idea to keep a password-protected spreadsheet or document with the names of programs you regularly access so you have a Quick Reference Guide in case you need to change many passwords and fast. It’s amazing how hard it is to remember all the places you need passwords to access when you’re under the pressure of preventing a hacker from using an intercepted password to cause damage!
#3 – Ask for help
You can’t always do it on your own – nor should you have to! Peace of mind is just a click or call away. A managed IT services provider (MSP) is a great resource for protection against these threats and 24/7 remote monitoring for a low monthly fee –probably less than the cost of a hack clean-up and definitely worth the price to prevent a large-scale breach.
The bottom line is that hackers look for weakness in a system to gain access. Doing everything you can to fix weaknesses and fortify a device, system, or network goes a long way in preventing unauthorized users from hacking you!