A few weeks ago, a white-hat hacker with an alias Jim Browning helped to shut down a group of cybercriminals in India that charged people hundreds and thousands of dollars to fix fake computer problems.
Jim gained access to the scam center’s computer and the CCTV camera systems. He then compiled the video footage and some of the 70,000 scam call recordings into aseries that was picked by the BBC.
The victims from the US, UK, and Australia, among others, were charged exorbitant amounts of money to “fix” their computers that were previously infected with malware.
Jim’s efforts are a strong reminder that it is important to be vigilant in a cyber world. Our information at home and at work can always fall into the wrong hands and it is up to us to do our best to protect it.
We are all in this together
Cybersecurity is most often compromised from within. It is much easier to find an employee with a poor password than to gain physical access to a secure device. In fact, the most common causes of security breaches are human errors (30%), phishing attacks (28%), and weak passwords (26%).
Cyber hygiene
In today’s ever-changing threat environment, it is more important than ever to use a cyber hygiene routine to maintain the health of your software and improve online security.
Anti-malware
Anti-malware (anti-virus) systems and firewalls are among the cornerstone measures to stop a security breach.
An organization is as strong as the weakest link in it. It could be an employee with no basic cyber protection knowledge who can start a chain of events resulting in a security breach.
How to ensure that your organization is fully protected? The easiest way is to make sure that all computers are in compliance with antimalware and firewall policies.
Passwords
The simple way to improve security is to create a strong password. Changing passwords regularly is no longer needed as we tend to choose simple and easy to remember passwords. But even a strong password, on its own, is still quite a weak method of authentication.
An ultimate answer to this problem is the SSO (single sign-on) system. It uses one set of login credentials to access several services and apps. Examples include Auth0, Okta, and OneLogin.
Our recommendation is to pick an SSO provider that best suits your business, make sure that all employees, as well as subcontractors, are enrolled, and incorporate SSO into every system used by your company.
MFA (multi-factor authorization)
By now, we are probably all familiar with MFA. Banks, social media, and other online services have all adopted MFA tools to securely authenticate users that access their systems.
Adding MFA to workplace computers is a good extra layer of security. While it is still not invincible, it serves the goal of reducing the probability of being breached.
Frequent system updates
Hackers can take advantage of technical vulnerabilities in operating systems and applications if they are not properly patched or updated. This puts all of the data on those systems at risk. As users, we need to make sure our operating systems, browsers, and apps are up to date.
Physical security
It is best not to leave workstations, laptops, and any portable equipment unlocked and unattended. Hackers only need a few seconds to upload malware and gain access to a device that can then be used to compromise whole systems.
Tools built with security in mind
There are still a lot of overlooked areas that can leave our companies vulnerable to cyber-attacks.
Poorly designed processes that are still done manually create an opening for hackers. If the process involves human interactions, there is always room for human error, a risk to be fished out, or a possibility that a set password is too weak.
Fully automating these processes by SSO or system to system authorization helps us eliminate these possibilities and create a safer and more secure environment.
It is worth the time
Protecting your data from a growing number of cyber threats has never been easy, but by following the rules of cyber hygiene, you can drastically decrease the risk of being hacked, save your company money, and protect its reputation.
To find out more about how to improve the safety of your data, contact us today or arrange a meeting with Michael.