Since so many of us began working from home in the spring of 2020, we have been hearing how important security is. Information on VPNs, encryption, and other measures to protect data have been rolling out regularly for many months. Filters and firewalls are great, but what can you do to enhance your own personal security? Let’s start the year with some simple measures you can take to keep your information protected.
Avoid unlucky links. How often do we click on a link without a second thought? How many phishing schemes rely on this aspect of our nature? Make it a habit to double-check any link before just blithely clicking on it. You do this by simply hovering your cursor over the link to reveal the address. If on a mobile device, you can touch your finger over the URL for the same result. Take a moment to double-check the domain for suspicious information/wording. This takes just seconds and can save you a lot of time and trouble. If it looks suspicious, do not click the link.
Outsmart phishing emails. I imagine we have all received the email from John Doe stuck in Europe or some place, desperately needing our assistance, i.e., a large sum of money. This is easy to recognize for what it is. But an email that appeals to us or intrigues us may find us more gullible. Keep in mind these phishing emails typically play on our curiosity, fear, or greed. For example, an email promising you could win $5,000 in prizes if you follow this link could make you excited, but it should make you suspicious instead. Likewise, an email threatening the loss of money or access to services should set off alarm bells in your head.
There are basic tip-offs to an email you should delete. Here are four quick questions to ask yourself.
- Do you recognize the name and address of the sender?
- Is the sender sending from a personal email address when it should be a company email?
- Is your email address listed in the to line?
- Does the message appeal to your curiosity, fear, or greed?
If you’re still unsure, you can always verify the legitimacy of any link in the email as mentioned above. You can also navigate to the actual site mentioned in the email by typing the name into your web browser to see if the email truly came from that site. When in doubt, do not click any links.
Bulk up your router. If you’re working from home, make sure to take proper measures to strengthen the security of your home router. Change the default password. Use a strong Wi-Fi password (more on passwords below). Regularly install updates on your router. Enable WPA2 encryption, the strongest encryption for the home.
Beef up your passwords. This should be obvious. I personally dread creating passwords and updating them because I am terrible at remembering them and constantly find myself hunting down my brilliant, impossible-to-crack passwords. But a strong password is essential for good security. Here are some do’s and don’ts for strong password creation.
- Include 12 or more characters in your password
- Follow your organization’s password policies
- Include both upper-case and lower-case letters
- Use a simple single word password
- Use the same password between different systems and sites
- Use keyboard sequences (e.g., “qwerty” or “hjkl;”)
If creating strong passwords is a headache for you, consider one of two methods. The mnemonic phrase password consists of an easy-for-you-to-remember phrase. Say the phrase out loud, while typing the first letter of each word. For example, the previous sentence becomes “stpolwttfloew.” The passphrase method consists of an easy-for-you-to-remember phrase, typed out, for example “I’m a lumberjack and I’m ok” or if you can’t include spaces or punctuation, “ImalumberjackandImok.” Keep in mind with either method, you may need to add numbers or special characters.
You may also consider the use of a password management app. Password managers use a single strong password to store multiple passwords for your various systems and sites. The manager can generate the passwords for you if you like. When you need one of your passwords, you enter your password into the app, which will then enter the applicable password for you, or copy to your clipboard, or display it for you to enter the info into the system.
Protecting systems and sensitive company information is crucial, particularly when highly confidential documents, source code, and protective orders are part of your daily workflow. Planet Depos has been covering such sensitive matters for over a decade, keeping confidential information secure.