By Karina Fabian
Did you know that ransomware is expected to cause 11.5 billion dollars in damages in 2019? Phishing attacks have gotten more sophisticated, to the point of mimicking trusted friends or supervisors. Supply chain/third-party attacks are on the rise, and as AI/ML continues to grow, those tools are being used in cybercrimes as well.
Here at Naviga, we take steps to protect not only ourselves but our customers with specialized teams and tools, plus cloud storage secured by Amazon Web Services, Vista Equity Partners’ dedicated Chief Information Security Office and our own Network Operations Center. However, there are steps you can take yourself to improve your own safety against cyberattacks.
- Listen to your IT: It’s their job to ensure company assets are protected, so if they ask you to update or reboot after an update, do so as quickly as you can. Also, know and follow the computer security rules set by your company.
- Verify email requests: Phishing scams are on the rise, and they’ve gotten sneakier. One of the latest schemes is to imitate your boss or someone you work with (even outside work, like a committee chairperson or group leader) and ask you to purchase gift cards or transfer funds for an event or function. That can get expensive. Even a simple loss of personal data can cost an average of $225/record, according to an article by BlackStratus.com. Some simple ways to check the validity of an email:
- Look at the email address instead of the From name. If the domain is odd, unfamiliar or simply wrong, then don’t reply.
- Hover over links in the text. Again, look for domains that don’t seem right. For example, if you’re given a link in the email for Amazon (such as to purchase an item on behalf of the company), then the website link should say amazon.com. Hover over it to check – but don’t click!
- When in doubt, check it out. Open a separate email and ask the person if they sent the request. Or message them, call…just don’t reply to the original email.
- Be smart with passwords: Most people are beyond using their birthday or dog’s name as a password, but password cracking programs continue to get smarter. You need to as well. Symantec recommends passwords of at least 10 characters, with numbers, symbols and a mix of capital and lower-case letters.
- Give each account a unique password: One of the biggest problems with passwords is using the same password for multiple accounts. If one account gets compromised, the criminals then have access to your other accounts. Ditto if you renew passwords by simply adding a number to the old password. Having multiple unique passwords can get complex, but there are trusted programs for generating and storing passwords. If your company does not provide you with a password management program, find one yourself.
- Avoid unsecured Wi-Fi: Much as we want to get work done at odd moments, in the airport, or the café, unsecured networks can make you vulnerable. Try to plan offline tasks for these relatively quiet times.
- Back up your files: Most likely, your company already has automatic backups for company computers when logged into its network. At home, consider a backup system like OneDrive, Dropbox, Carbonite or any of a number available.
- Be careful with Reply All: Lots of people click it from carelessness or habit, but you should only use Reply All when it’s necessary for everyone to have all the information in the chain. Also look over the email and remove sensitive or inappropriate information. Finally, use BCC (Blind CC) when it’s not necessary for the recipients to see each others’ email addresses.
- Protect your personal computers: Best practices at work are generally good practices at home, too. Be sure your personal computers have firewalls and antivirus programs. Use strong passwords, back up your data regularly and practice good email and chat security as well. Update your software when asked. It can be a pain, but updates often contain security patches that remove discovered vulnerabilities before they cause trouble.
- Protect your mobile devices, too: Smartphones and tablets are just as vulnerable to attack. Here are some best practices from UC-Berkely:
- Lock your device with a PIN or password.
- Only install apps from trusted sources.
- Keep your device’s operating system updated.
- Don’t click on links or attachments from unsolicited emails or texts.
- Avoid transmitting or storing personal information on the device.
- Most handheld devices are capable of employing data encryption – consult your device’s documentation for available options.
- Use Apple’s Find my iPhone or the Android Device Manager tools to help prevent loss or theft.
- Back up your data.
“Naviga believes it’s important to be a good steward of our customers’ data and provide leadership in our industry. We have made computer security a priority and continue to invest in secure solutions,” said Joe Manley, VP Security and Compliance. “Security today is complicated to manage and can be very resource-heavy and expensive, but the cost of not being prepared is too high. While companies can provide tools and education to help keep their data safe, it’s up to everyone to do their share by making computer security a habit.”
About the Author: Karina Fabian has been writing about business, leadership & management, and software applications for over a decade. Before joining Naviga, she wrote reviews of business software and services for Top Ten Reviews and Tom’s Guide, and about business practices and leadership for Business News Daily and Business.com. In addition to writing for Naviga, she is a freelance writer and author of 16 books.