In the wake of Facebook’s worldwide privacy scandal, it’s time to revisit some social media best practices. Your personal information is incredibly valuable to online advertisers and malicious hackers, and you can’t rely on social media platforms to keep it safe when they’re primarily concerned with making a profit.
Conventional wisdom presumes that a website is safe to visit if a padlock icon appears next to its URL and it starts with HTTPS (rather than HTTP), meaning that its information is encrypted. However, few people realize that hackers can exploit this protective measure and use it to execute malicious attacks.
The ability to have an internet browser save and autocomplete your passwords can be incredibly convenient—especially when you have a unique, complex password to remember for each of your user accounts—but this convenience comes with a hidden security cost.
In 2003 the National Institute of Standards and Technology (NIST) authored a document on password best practices for businesses, federal agencies, and academic institutions. Recently, however, the institute has reversed its stance on what makes for truly secure password practices.
Have you ever received a Facebook friend request from your mom even though she is already a friend of yours on Facebook? So, you call her up to make sure she didn’t forget her password again and just create a new FB page. Then right after that, “she” sends you a video link saying you’re in a YouTube video.
Not so long ago it would have been ridiculous to ask a new employer to give you free TV, movies, mail, music, and a camera in case you wanted to work from home and conduct a meeting with coworkers. Yet, with the internet, all of these things and more are at the fingertips of most office employees.
Horrible house guests, we’ve all had them. Whether it be that annoying family member that over stays their welcome, or that old college buddy that leaves beer cans and potato chip crumbles all over your couch, we have all experienced those discourteous visits.
Data loss is not a matter of if, it’s a matter of when – and it happens to every company, big or small. More than half of businesses locate their disaster/backup systems in the same physical location as their primary system – red alert! If you only have one copy of your system’s backup at your office, and your hardware fails or a breach occurs and all your data is stolen, then a backup was completely useless to begin with.
Everyone is talking about cloud computing these days and for good reason. The cloud is revolutionizing how computing power is generated and consumed. Cloud refers to software and services that run on the Internet, instead of locally on your computer. When tech companies say your data is backed up “in the cloud,” it has nothing to do with those white fluffy things in the sky.
You can have every piece of security hardware in the books: firewall, backup disaster recovery device, anti-virus; but your employees will still be the biggest vulnerability in your organization when it comes to phishing attacks. How do you mitigate as much risk as possible?
Create and Strictly Enforce a Password Policy: Passwords should be complex, randomly generated, and replaced regularly.