We were treated to a really thought provoking talk about Cyber Security from CBC member Simon Brereton of OWL Tech. Simon runs an IT business that provides prompt, friendly and efficient IT services to businesses in and around the Buckinghamshire area.
Did you know that over 70% of data/security breaches are caused by human error? To be fair most of us did then recognise some of the danger points Simon proceeded to outline.
As he said, there are only two real causes of security breaches:
- Someone in a company is doing something they should not be doing, or
- Someone in a company is NOT doing something they should be doing.
Sounds simple, doesn’t it? However, it’s a fair bet that we’re all guilty of doing or not doing at least one of the things which were highlighted in Simon’s Talk. The five key steps to remember are:
Secure your internet connection
Secure your devices and software
Control access to your data and services
Protect from viruses and other malware
Keep your devices and software up to date
Pick a Proper Password
A really important element in protecting your data is to pick proper passwords that are hard to guess. Don’t forget that cybercriminals are very techno-savvy; they have access to your Facebook, Twitter, Instagram and LinkedIn accounts, so can glean a lot of personal information about you. Don’t forget they also have access to dictionaries, books, scripts and lyrics as well. So, for instance, using your favourite song lyric as a password isn’t that secure, especially if you’ve plastered that information all over your social media!
To be secure, Simon recommends that you avoid passwords based on:
Nicknames, such as Jimbo, JimmyCool
Birthdays, such as July 14, 30-IV-1984
Quotations like, 2Bornto2B, keepitreal, and
Pet names whose exploits you’ve shared online, i.e. Mutt, Flopsy having fun.
The best advice is to go for passwords that are as long and complex as you can; 12 to 14 characters are recommended, preferably more, and use of the whole range of uppercase, lowercase, numbers and symbols. Of course, that can make remembering it yourself tricky too.
If you are having trouble remembering your password then try to make it into a saying that only you would know. Or you use 3 or 4 completed unrelated words which, again, only you would know.
Definitely avoid familiar or popular word combinations, because crooks have access to so much of your personal data and it just makes it far too easy for them to figure out your password.
You could consider using a password manager, which provides an encrypted service to generates complex, random nonsense passwords. These will also remember which password is linked to which website, which also helps prevent Phishing attacks. Good password managers are:
And final word on passwords, use one password per account and not the same one for several accounts.
Have you had an email telling you that you’ve been caught doing something naughty on line? Or even that you’ve got a big juicy order waiting for you to confirm your bank details so that they can raise the purchase requisition?
Before you reply to any suspicious email, hover your mouse over the email sender details and you will often discover it’s coming not from DHL or Amazon or some on line snooper patrol, but rather a hacker’s site. Check the email address really carefully because if you click any documents or links you’ll definitely need the services of someone like Simon to clear down your computer.
Simon recommended a service called: www.haveibeenpwned.com. This is a service that checks your e-mail address against all known hacked and stolen data sets so you can see where your passwords may have been obtained from – of course, this wouldn’t happen if you had one account, one password !
Two Factor Authentication
2 Factor Authorisation is becoming more and more prevalent. It is a service that either sends you a text message or an app that gives you a second method of showing who you are – as it is a real-time, randomly generated 6 digit number going directly to your phone/app it makes it really difficult for crooks to break into your online services.
In summary, there was something for most of us to consider and hopefully take action on so that everyone is safer and more secure on line. Don’t forget that frightening static, 70% of security breaches are caused by humans, that’s us doing something or not taking some of the basic precautions mentioned above.
If you do need any assistance for IT security, or IT in general then do get in touch with Simon Brereton at OwlTech or come along to a CBC meeting to see what else we’re talking about. It’s always interesting, always fun and always beneficial.