The Digital You – Protecting Yourself Online
Originally published in the Honolulu Star-Advertiser, April 20, 2021
A couple of weeks ago, it was discovered that data stolen from Facebook was available on the dark web. While the data was stolen in 2019, it can still be effectively used by bad actors today. Individuals and organizations should see this as a wake-up call to take care of their data themselves instead of assuming that everyone else will keep them safe.
Three techniques of which everyone should take advantage include multi-factor authentication, password management, and proper backups.
We’ve written about multi-factor authentication (MFA) before, and many are already familiar with it. Simply put, MFA requires a secondary form of authentication before allowing login. This secondary form is typically an app on a cell phone.
One thing to be aware of in the Facebook breach is that phone numbers were stolen. So if at all possible, one should avoid using plain old SMS texting and use an authentication app. Microsoft Authenticator, Google Authenticator, and Authy are the most common authentication apps. Many financial services firms have taken to using their own apps to provide this authentication.
Take advantage of MFA wherever possible when signing in. Organizations should also ensure that their apps are MFA-enabled.
While passwords were not exposed in the Facebook incident, they are still a highly prized target and something the bad guys go after quite a bit. Gone are the days of using one’s birthday and a special character after it for all your passwords.
You must use a different password for every site. And to keep track of all of these different passwords, you need a password manager. LastPass, DashLane and KeePass all have very good low-cost, if not free offerings. Institutionally, adopting a password management solution improves the overall security of the organization.
The last line of defense is ensuring you have a proper backup of your data. This will mitigate your exposure to ransomware. It should be clear, however, that backups are the last line of defense, not the first.
A common strategy for backups is the 3-2-1 method. Under this approach, you have three copies of the data. One is your live data, and two are backups. Two different storage media are used for the backup, and one copy is kept offsite, such as in the cloud. A cloud based backup knocks out two of the requirements, since it is both a different storage media and offsite.
While cloud-based backups used to be impervious to ransomware, there have been recent reports of cloud backups being compromised. So, while the onsite backup is primarily intended for quick restores, it is also another line of defense overall.
Cybersecurity Means Your Peace of Mind
Our Cybersecurity Services protect businesses all over Los Angeles…
InclusiveTech helped us upgrade our home-grown SharePoint site to SharePoint 2013. They consolidated internal and external sites for better maintenance and tight security, and also performed a data conversion/migration of our database to SQL 2012.
— Inland Empire Health Plan
InclusiveTech conducts our annual Cybersecurity Risk Analysis, and manages our entire organization’s I.T., including PC’s, network, phones, cloud based EMR system, and x-ray system.
— Los Angeles-based Orthopedic Specialist
InclusiveTech is offering you a FREE Cybersecurity and Technology Risk Assessment!
Whether you have an upcoming cybersecurity report to make to your board, or you’re just curious to know if your security can pass the test of InclusiveTech’s I.T. Ninjas, take advantage of this limited-time offer today!
YES! I want a FREE Cybersecurity and Technology Risk Assessment!
Please provide your contact details with the best time for us to call you:
Ask us about our comprehensive, cloud-based endpoint management and anti-ransomware software suite for Windows.