Are your employees on the naughty cybersecurity list? The holiday season is often described as the “most wonderful time of the year,” especially for businesses as they gear up for a busy shopping period. That said, Christmas is not just a wonderful time for consumers and companies, it’s also an incredibly profitable time for cybercriminals as they conduct cyber-attacks and send out fake emails hoping to catch shoppers not protecting your computer from cyber-attacks.
Indeed-Cyber criminals are increasingly exploiting the holiday period to conduct malicious campaigns designed to perform spear-phishing and deliver malware. According to Carbon Black, there was a 57.5 percent increase in attempted cyber attacks during the 2017 holiday shopping season.
So, what you do to keep your business and employees safe and secure online this Christmas and throughout the new year? Check out our top Christmas how to protect yourself during the most wonderful time of the year.
How to protect yourself against cybercrime?
It is essential for small businesses that they remain vigilant and take additional steps to protect their business against cyber-attacks. Following are some measures that every business organization must take to strengthen its security. Consequently, security policies should be implemented and enforced by your IT department.
1. Keep up with system and software IT security updates.
Make sure you install security updates automatically. You should also enable automatic updates for third-party software wherever you can. These updates provide security patches that keep your software protected from the latest vulnerabilities.
2. Make sure your firewall is enabled.
Windows 7 and later have a built-in firewall that is on automatically. The firewall is there to block external communications. If the firewall is blocking an app, you should allow access for that app only if you trust it. The solution should never be “turn off the firewall.”
3. Install antivirus and antispyware software.
We’ve seen computers that technically have antivirus software. However, the subscription expired some time ago. Out-of-date antivirus software can’t protect you from newer malicious software. IT partners provide a managed antivirus solution. These tech experts take care of installing the software on computers and other devices, and will then take care of the solution. They will also ensure that scanners are up-to-date and scans are scheduled for a convenient time, thus protecting computers.
4. Be careful with links and email attachments.
These emails contain links that take you to carefully-crafted websites. Phishing attacks are emails or malicious sites and social media links that solicit personal information from an individual or company by posing as a trustworthy organization or entity. The goal of phishing cyber-attacks is to trick the recipient into taking the attacker’s desired action, such as providing login credentials or entering identifying information into a fraudulent website. These websites may contain malicious code that executes on the user’s local machine when a link is clicked from a phishing email to open the site.
5. Avoid sites with pirated and illicit content.
Many sites often portray themselves as well being, non-profit “freedom fighters,” when they nothing but cyber-attacks con artist offering the type of content to install malware or offer downloads that contain malware. Modern browsers can help protect you, but you’re better off just staying away from them altogether. Stream movies and music from sources you trust.
6. Use Strong Password to protect your software and lock your device.
Most web-connected software that you install on your system requires login credentials. The most important thing here is not to use the same password across all applications. It is far too easy for someone to hack into all of your accounts and possibly steal your identity. If you’re having trouble remembering a whole bunch of passwords, then you could try a password manager. Password managers will keep all of your passwords safe, and you only have to remember one. A password combined with an email or SMS as part of a two-step verification (2SV) method for extra security. 2SV usually kicks in when you log into a website or app from a new or unrecognized device requiring you to verify your identity with a PIN code.
Most security steps relate to non-visible threats. There is always the possibility that someone could get their hands on your actual computer. The 1st line of defense here is to have a secure computer password to make it more difficult to enter. Other forms of verification include biometric methods like a fingerprint or retina scan. Alternative physical verification methods might involve key cards and fobs. Any of these combined with a password as part of a two-step authentication (2FA) process.
If you’re concerned about someone stealing your computer, another option is physical security. A lock with keys is an ideal solution for laptops but works on a home or work computers. Kensington locks and other similar brands are small locks that insert into a hole in the device. Some require a physical key while others work using a code.
7. Encrypt your data
Whether your computer houses your life’s work or a load of files with sentimental value like photos and videos, it’s likely worth protecting that information. One way to ensure it doesn’t fall into the wrong hands is to encrypt your data. Encrypted data will require resources to decrypt it; this alone might be enough to deter a cyber-attack from pursuing action. There are a plethora of tools out there to help you encrypt things like online traffic and accounts, communication, and files stored on your computer. For full disk encryption, some favorite tools are VeraCrypt and BitLocker. You can find separate tools to help you encrypt your mobile device, with various apps available for both Android and iOS.
8. Use a VPN
A Virtual Private Network (VPN) is an excellent way to step up your security, especially when browsing online. While using a VPN, all of your internet traffic is encrypted and tunneled through an intermediary server in a separate location. The server masks your IP, replacing it with a different one so that your ISP can no longer monitor your activity.
What’s more, you can typically choose the server location based on your needs, such as getting the fastest speeds or unblocking geo-locked content. Additionally, a VPN can help you browse protected while using open wifi networks and access censored material (e.g., Facebook in China).
When it comes to choosing a provider, there are some okay free offerings out there, but monthly rates for paid services can be pretty low, even as little as $3 per month. The free ones are typically limited in features but can be useful for getting a feel for what’s available. Some paid options have free trial periods for the full service, and most offer generous money-back guarantee periods.
No matter what you store on your computer, it’s just prudent to protect its content from cyber-attacks and snoopers. Although nothing is ever completely secure, following the steps above will provide most people with ample protection and safeguard their data.
What About Your Office?
As cyber-attacks continue to evolve, your organization’s IT security strategies must develop into policies that prevent unauthorized access to organizational assets such as computers, networks, and data. AllStar.Guru information security services can help you secure your organization’s assets. Whether you need an IT support or you want to supplement your existing IT department, we offer a range of services to fit any situation. Please call (888) 245-2818 and schedule your IT security services assessment, and we’ll help you develop a plan to defend your technology.