I am the leader of two organizations that are dream targets for hackers and others with bad intents. The first is my law firm which has sensitive information on our clients including work histories, medical documents, confidential information and of course the holy grail for identity thieves, information like social security numbers, etc. So we are deadly serious about that in our office.
The other is a board member of the Lucas County Board of Elections. In all of Northwest Ohio, we have been briefed that we are the second most cyber attacked entity in the area. Promedica beats us, but no one else comes close. Now that’s not about voting or counting machines. They are in secure rooms, and can never connect in a two way connection the internet.
But our website has information on elections and campaigns and voters, and we are the subject of routine attacks trying to take down or take control of our website to shake confidence in our elections. And yes, this is sponsored by foreign governments, domestic and international terror groups, etc. So we have extraordinary levels of protections and training on fighting it. So much so I have to handle all emails for the board on a cell phone they provide, set up by our IT team in consultation with Federal and State Agencies, as they correctly believe the board members are the weakest link.
I spend a lot of time getting trained on this. This week includes National Computer Security Day, and I thought what better time to tell you about that day and talk about some common sense things you can do to keep your information and devices safe. Now, I’m not an IT expert. In fact I rely on really good ones at both jobs. But first let me tell you about why this National Day was created and then I’ll share some basic tips.
In November 1988, researchers at Cornell University spotted an unknown virus affecting their computer system. Within four hours of discovery, the virus affected several other university systems and it was known as the 'Morris worm’. Within two weeks, National Computer Infection Action Team (NCAT) was created by the US Defense Advanced Research Projects Agency (DARPA). BTW, DARPA kind of created the internet. The Computer Emergency Response Team (CERT) was also created. And so American cyber security efforts took their first big leaps. In 2002, it was decided that National Computer Security Day would be celebrated at the end of November, as an excuse for people to talk more about computer security.
So, how do the organizations I am a part of protect themselves against cyber threats. Well, first, you want to get a great partner. As a small business we lean on our IT vendor GUT Consulting. They are in Maumee and keep our technology running smooth and our devices and data safe. Their website, www.gutconsulting.com has a blog with great tips, and if you run a business or help at a non-profit, call them and hire them. I sleep much better at night with them providing our security and backups.
Now, what can you do beyond that to keep your information safe, well one of the biggest things is update all of your software. You know those annoying software updates that pop up on your screen? Well, they're actually your knights in shining armor! Keeping your operating system, apps, and antivirus software up to date is crucial. Updates often contain vital security patches that fix vulnerabilities, so don't ignore them. Embrace the updates and let them keep your digital fortress secure.
Next, take a look at your passwords I get it, remembering passwords is a pain. But using simple or common passwords is like leaving your front door wide open. Opt for strong, unique passwords for all your accounts. Mix it up with a combination of uppercase and lowercase letters, numbers, and special characters. And remember, never reuse passwords across different platforms. Use a password manager if you need help keeping track of them all. It’s the only way I can keep up.
Now, I am not a huge fan of this one, but it’s very much going to be a part of our future, two factor authentication. It requires a second confirmation you are you to let you into secure sites and files. It can be having to respond with a number that is sent to you by email or text. It's like having a secret handshake that only you and your trusted devices know. I hate it when even food delivery sites do it
Be Mindful of Public Wi-Fi. Ah, free Wi-Fi! It's tempting to connect to that open network at your favorite coffee shop or airport, but beware. Public Wi-Fi can be a haven for hackers. Avoid accessing sensitive information or making financial transactions while connected to public networks. If you must use them, consider using a VPN (Virtual Private Network) for an added layer of security. I have this on my laptop, my cell phone and my ipad. Now you don’t necessarily have to use it for everything, but consider it if you’re going to be doing anything with information some one would want to have.
And last, but defiantly not least is to learn about and avoid Phishing. No, we’re not talking about being a fan of a band called Phish. Phishing is like a digital fishing expedition, where cyber criminals try to trick you into revealing sensitive information. Be skeptical of suspicious emails, texts, or messages asking for personal details or login credentials. Keep an eye out for misspellings, grammatical errors, or odd requests. Beware of any email that claims that really bad things will happen if you don’t act quickly. E.g. if you don’t click on this link and log in, the bad guys will have a $5,000 purchase go through on your Amazon account. Or you’ll be in trouble with the IRS, you won’t get paid., etc.
When in doubt, don't click that link or download that attachment. Go on your own to the website in question. The cyber criminals will go to amazing extremes. They have set up websites that look and act like the real ones. Except when you try to log in to stop that rip off, what you’ve really done is give them the password and log in info the needed. DO NOT open attachments unless you confirm with the sender, who is someone you deal with, that this is something they sent. Stay smart, not phished!
National Computer Security Day reminds us to take charge of our online safety. By following these easy best practices, you'll be well-equipped to protect your information and devices from cyber threats. So, stay updated, create strong passwords, enable 2FA, watch out for phishing attempts, and be cautious on public Wi-Fi. With these tips in your arsenal, you're ready to surf the web like a pro, confidently and securely. Happy National Computer Security Day!
Areas of Practice
© COPYRIGHT 2024. ALL RIGHTS RESERVED.