Cybersecurity is making headlines, but not for the right reasons.
Cybersecurity as a sector continues to heat up alongside consumer’s growing dependence on devices and the growth of the Internet of Things. The latest hacks on Anthem and Target (to name a few) have shown that hacking has evolved from the teenager attempting to modify a high school report card to a highly profitable business run by sophisticated groups. As a result, more and more cybersecurity companies are being founded and funded as investors look for the next big win in this market.
The growth has been astounding. CB Insights’ Cybersecurity Financing data shows that funding of cybersecurity companies growing from $1B in 2010 to $2.5B in 2014, led by many of Top Tier’s managers.
Until these top venture firms can find the technology to end all hacking, there are things that we all can do to better protect yourselves. Top Tier’s in-house IT expert Vince Garcia was interviewed for this piece and offers five actions you should take to protect yourself from cyber-attacks.
Using a Passphrase, Not a Password
Vince: “Use of a password is no longer recommended; the creation of a passphrase is now considered best practice. What is a passphrase? It’s a group of words strung together to make a password harder to crack. For added security, a user can extract some letters from, or add numbers and/or symbols to a passphrase. For example: ‘My current job is dealing with computer problems’ which I would turn into ‘M7 Ct Jb I5 Dg Wh Cr Ps’ or if spaces are not allowed ‘M7CtJbI5DgWhCrPs.’ A good way to remember this password is to commit to a cypher, or standard code for creating passphrases across sites/programs.
In this case, the cypher is defined by a capital letter for each of the first letters and lower case on the last letter, unless a word contains only two letters in which case the second letter is changed to a number. Adding spaces to increase the length and straying from dictionary words will ensure a safe passphrase.”
Utilizing a Password Manager
Vince: “The best way to stay safe is to use a different password for each site. As users transition to passphrases and cyphers, it can become difficult to remember the login details for each specific site – this is where a password manager becomes useful. There are several options but I found LastPass to have a great balance of both security and usability. Personally, I use a different 21 character passphrase for every financial institution that I log into – which becomes a lot to remember, so I manage them all with LastPass. I can always request for a new password from each site so I’m not worried if for some reason my LastPass was inaccessible.”
Multi-factor Authentication (MFA)
Vince: “MFA has been used by finance teams inside of corporations for years, but has more recently made its transition to the consumer side. MFA adds security by leveraging two or more categories of credentials, typically a combination of something the user knows, something the user has, or something the user “is.” Most widely spread by banks to protect users when logging into online banking, MFA has been extended to the masses by many websites that require secure logons using Google Authenticator, or apps like Authy. With the amount of sensitive information stored on social media profiles, email, and internet banking, I recommend users add multi-factor authentication to their accounts whenever it is offered.”
Adding a Firewall
Vince: “Accustomed to constant connection (and battered by data charges) many users will connect to a Wi-Fi hotspot whenever one is available, regardless of our ability to authenticate the network. With a few clicks, a savvy hacker can access your device and its stored data, leaving your sensitive information vulnerable. Additionally, the perpetrator can drop malicious programs onto a user’s device and track his/her keystrokes to secure password information.
When it comes to adding a firewall, a proactive approach is best. I highly recommend users activate their PC’s built-in firewall or install one from a third party. “
Paying for Online Purchases with a Prepaid Credit Card
Vince: “Why use a Prepaid CC? My bank and/or CC Company protect me from fraud. In this age of electronic fraud it’s better to separate your main finances from your day-to-day purchases—especially during the holiday season.”
Vince points out that the recent breaches at retailers across the world have forced users to take security matters into their own hands. If a breach happens, a hacker can gain access to a user’s bank account information to steal funds, or more importantly, a user’s identity. When shopping online, especially during the holiday season, users can protect themselves by using a prepaid credit card, loading funds as needed. In doing so, a user can limit both the amount of money and personal information that can be taken.
So Why Take Top Tier’s IT Expert’s Advice?
The bottom line is that cyber-attacks are a new lucrative business and it is never a bad idea to improve your personal security measures. By using cyphered passphrases instead of passcodes users can create an encrypted system for all your devices and accounts. This best practice is adopted easily when used in companion with a password manager such as LastPass. In addition, a multi-factor authentication for all accounts—from social media to online banking – offers an a further layer of security, as does activating your device’s built in firewall or purchasing a firewall from a third party. When purchasing that third party firewall online, use a pre-paid credit card to ensure that online shopping doesn’t turn into online identity theft. With that being said, Top Tier is confident that cybersecurity of the future will be even more comprehensive as this sector matures. Until then, take Vince’s advice!