Current technology makes it easier than ever to have access to all of your important information, no matter where you are or what devices you use. Unfortunately, this same technology makes it easier than ever for thieves and hackers to “harvest” that information, either to make mischief, to compromise confidential information, or to steal money. Paying attention to cybersecurity is a small price to pay compared to the alternatives.
A cyberattack is a purposeful attempt to steal, modify, or destroy computer systems and/or the data that they contain. The most common forms of cyberattack are:
-
- Malware— Unwanted software installed without your knowledge on your computer system(s). These include ransomware, spyware, viruses, and Trojan horses.
- Phishing — email from an apparently trusted source that attempts to trick you into releasing personal information or clicking on a link that will then surreptitiously download malware.
- Denial of Service — An attempt to overload a computer system – typically a server or a web server – to severely degrade or completely shut down access to its contents
- Password cracking — Surreptitiously stealing a password from a computer system following a valid connection to that system
- Drive-by Download — Downloading a malware application directly onto a device while connected to a website without appropriate protection
All of these nefarious activities can wreak havoc on a business, and consume serious time and financial resources to fix. The solution, however, is not a return to the 1980’s. That horse has left the barn and is already in the next county. Cybersecurity tools are plentiful, and are constantly updated to meet the challenges of malevolent cyber activity launched by “the bad guys.”
Here are some practical steps to take to improve your resistance to cyber attacks:
-
- Opt-in for automatic software updates — Many users disable these updates due to the time and effort it sometimes take for the updates to complete. That effort pales in comparison to the effort of recovering stolen data or restoring access to a compromised system. Most software updates are released specifically to keep pace with the proliferation of malware and other hacks.
- Be smart with passwords — do not include any identifying personal information I your password construction. Make all of your passwords at least 8 characters long, and use letters (upper and lower case), numbers, and symbols. Do not use the same password on dozens of websites and systems. Explore the use of a commercial password storage app (like Lastpass or Roboform) that can also auto-generate very secure passwords
- Avoid public wi-fi usage when possible — Harvesting data from a public, open wi-fi channel is a staple of most hackers. Avoid accessing sensitive information when connected to a public wi-fi channel.
- Pay close attention to “unusual” links — When receiving an “urgent’ email or text message from an apparently credible source, examine the link and the sender’s email or text address very closely to verify the spelling of the company name, unusual language, misspellings, etc. If anything looks dubious, contact the company you think this message MIGHT be from via a different method than the received message.
- Use two-factor authentication — while somewhat cumbersome, this method makes it much more difficult for evil-doers to gain access to your systems. Many software companies are adding this option to their software, and some are requiring it. With an “Authenticator” app on a separate device – typically a smartphone – the authentication process is a one-click event.
- And most importantly, back up your data — having both a local and an online backup system in place is the best protection against data loss, due to either malevolent activity or inadvertent operator error.
Having access to “data on demand” is a staple of 21st century business. Attempts to steal that data is an inevitable by-product of this access. The steps outlined above will “harden” your data as a potential target for hackers, and make them more likely to look for an easier mark.
Have questions about securing your company’s valuable information? Give us a call to discuss your needs, and let us help you construct a strategy that makes sense for your business. Reach out to us by email at [email protected], or by phone at 877-375-2810.
Jack Schaller has been active in the field of law office technology since 1989, and has worked with a variety of commercial accounting, legal billing, practice management, and document management software products during his twenty plus years in the software consulting field. During his tenure as a software consultant he has garnered many sales and service awards for his work with legal software products. Jack is a frequent presenter at legal conferences and seminars, and is a regular contributor to TechnoLawyer and other technology publications.