In the past couple of years, the number of data breaches has increased for companies of all sizes. Some of the more well-known breaches in the last couple of years were of Yahoo, where the account information of more than 500 million users was stolen, and Sony who had to pay out $8 million to their employees due to the breach in their data. Now there isn’t a lot you can do to help protect yourself from these large data breaches, apart from changing your password once they occur, however this may be too late. There are however many ways you can protect yourself from an individual data breach.
Let’s go over what are the biggest threats to your personal security and data are at the moment and going forward into 2017.
- Firstly, we will look at Ransomware – ransomware is a method where attackers break into your system, freeze your data and applications and demand money to release them. This became a well-used method in 2016 and is most likely going to become more complex in the years to come.
- How to protect yourself: Take regular backups of your computer in a separate location (not on the computer itself), this can be on an external hard drive or on your own server or cloud storage.
- Everything is Connected! – Its more and more common nowadays to find that our household products are connected to the internet, from our cars to our toasters. Now I would argue the point of why do you need a toaster or fridge connected to the internet but some people must find it useful. But of course, with these items being connected to the internet there is still a risk of them being hacked, which can be dangerous to your data.
- How to protect yourself: I would make sure that the product you are buying are from a reputable manufacturer and supplier as they are going to be much more secure than that of an unknown brand.
- DDoS – Distributed Denial of Service attacks are going to be more commonly targeted at businesses rather than individual users or systems. These attacks flood systems with data to a point where they take them offline, they can also inject corrupt data into systems amongst the flood of data and infect systems.
- How to protect yourself: As a business, you can invest in DDoS protection which can help protect your systems from going offline as well as protect from any data being injected into the system.
- Remote Working – it is becoming increasingly common to find that people are working outside of the office at home or at cafes, in doing so you could be making your data vulnerable. Employees might leave documentation or flash drives in public places with confidential information, in addition they might be connecting to open Wi-Fi in cafes and restaurants that are easily corrupted by hackers.
- How to protect yourself: First of all, you should set up a Bring Your Own Device plan, outlining the ways in which your employees can use their own devices for work. You should also ensure that all data storage devices are encrypted, in case they are lost people then can’t gain access to the data. Also, outline the dangers of Wi-Fi hotspots, detailing what you should and shouldn’t be accessing whilst connected. You can also set each user up with a VPN enabling them to connect to valuable work documentation without the risk of damaging it. By using a VPN to connect, it also adds a level of encryption making all the data being used unreadable to anyone else. (Find out more here)
- Phishing – lastly we have Phishing, this is a method in which scammers will email you pretending to be from a legitimate source asking in some way for your personal details. These have slowly become more common and more advanced making it harder to tell the difference between the real and the fake.
- How to protect yourself: Check to see where the emails have come from as that can be a big give away, also use a link expander to see where the links are actually sending you before you click them.
Now these are just a few of the more common ways that hackers can get access to your data, with specific ways you can protect yourself. There are though many other ways in which your data can be breached, below is a list of generic methods that can protect your data from any incident.
- Backups – In case something happens to the entire system, taking regular backups can mean you can revert back to an older version of the system which wasn’t effect by a virus or a hack. Its recommended that these are done incrementally, every day out of hours or every week to make sure the back-up is as recent as possible. The backup should also be separate from the system that you are doing the back-up off to make sure that the back-up itself isn’t affected.
- Password – Making sure that all the passwords you use are unique is very important, but when all the passwords are 10 plus characters long with variants of letters, numbers and symbols it can become hard to remember them all. Password managers can be a big help; they can manage all the passwords you use and keep them encrypted so they can only be seen once logged in.
- 2 Passwords? – 2 Factor Authentication is adding another layer to your login process, this could be for example sending a unique code to your phone every time you log in to gain access to valuable files.
- White Hat Testing – This a method by which a white hat hacker is paid to hack into your system look for vulnerabilities and make suggestions on how to improve them. After this is done you can then also set up monitoring to track if there are any minor differences in the system.
- Education – It may seem like a simple thing, but it is becoming increasingly important to make sure that your employees and yourself know what to look out for at a basic level. This can help protect the company and yourself from being vulnerable from the easily avoidable security issues, like phishing or viruses
- Anti-Virus – Finally I would suggest investing money into Anti-Virus software appropriate for the system and its uses, as well as making sure it is being kept up to date.
If you are looking at how to protect your data whilst on the move, you can read our article on the topic here. If you are interested in how VooServers can help you with your security, then call us on 0800 0803 200 or email us at firstname.lastname@example.org
By Sam Tutt on February 3rd, 2017