Gulf Breeze (FL, USA) and London (UK): As 2013 ends in a dramatic flurry of high profile cyber breaches, AppRiver has released its list of IT security resolutions in a bid to encourage individuals and businesses alike to become more security conscious. The cloud-based email and Web security specialist, suggests everyone must make 2014 the year they take control of their cyber security.
Troy Gill, AppRiver’s senior security analyst believes, "A security breach is the digital equivalent of a wardrobe malfunction - except it can be very expensive in addition to a red face. With hackers and data thieves working desperately to steal confidential information, whether its company data or an individual's personal information, 2014 must be the year we all take security to the next level.”
On a Personal Level
Passwords are an important security measure in an increasingly digital world – often the only lock to many areas of a person’s online life. It is this element that Troy advises individuals pay particular attention. He advises, “I recommend you change your passwords frequently. Think of it like changing the oil in your car. Sure, you might get some extra mileage out of the old stuff. But is it worth the cost if you're wrong? As importantly, you need to make your passwords stronger. Making it hard to guess also makes it hard to remember but don’t write it down – instead become creative using a mix of upper and lower case letters, numbers and symbols that mean something to you but to others will appear completely random. And use different passwords for different accounts. This might strain the memory a little, but I’m pretty sure you've got some storage space left in your mental hard drive. Maybe skip the sudoku and use those brain cells to keep you safer online.”
Another area that AppRiver advises caution is social media, especially with many offering too much information that is pure nectar to hackers. Troy continues, “Don't arm hackers with information that can help them socially engineer their way past your security. Before you post, ask yourself how the information might be used by a crook. For the sake of security and your friends' sanity, remember that less is more — especially when it comes to Facebook.”
From a business perspective
Troy suggests organisations ‘Go hack yourself’ by periodically testing their security. He continues, “While we recommend having a professional firm conduct a security audit, there are less expensive measures you can employ For example, take a walk around your office and see who has their latest password on a sticky note by their desk. Check around outside and see if anyone has a clear view of your computer monitors. If you're feeling really ambitious, look through your wastebaskets to get a preview of what a dumpster diver might find. Have systems in place to make sure people are who they say they are. For example, if someone shows up to fix your copier, make sure you know who called them, check their credentials and limit their access only to areas where they are working - and perhaps the bathroom.”
If a repeat of 2013’s breaches is to be avoided, every organisation needs to not only have a security plan — but follow it. Troy concludes, “To paraphrase an old saying, the best time to develop an IT security plan was 10 years ago. The second best time is now. If you have a plan in place, great - just make sure that it's being followed and updated frequently.”