It’s Time To Get Serious About P@SSW0RDs
Today, everyone is online; whether it be your kids and virtual school, executives working from home, grandparents trying to figure out Zoom to stay connected to the family… I feel confident when I say that most people have some type of device in their home that connects them to the wondrous world that we affectionately call the internet.
But with every great invention or discovery that is made in this modern age, we must remember a crucial mantra that Peter Parker lived by long before the world we live in now was even a possibility… with great power comes great responsibility!
Think about it! When you open your laptop or mobile phone, you hold everything. You have a never-ending supply of information, data and possibility right at your fingertips just waiting to be discovered. And for every keystroke you make or any link that you think about clicking, there is even more data just waiting to fill your screen.
But what if I told you that there are times when you may be innocently surfing the web, but someone is working on the backend to steal the information you have entered because of a false sense of security?
Your password is supposed to be a security point used to make sure that no one BUT YOU can access your data. But as the internet and computers evolve, we have found that having a password management policy where you have to constantly change them is annoying or time-consuming. So we find ourselves just adding a * or 1 to the end of an old password and figure that will keep us safe, right? WRONG!
Not only are you allowing your data to be breached and easily accessed by anyone who is trying to hack your network, but when you use the same password across multiple platforms (and sometimes even for work and personal logins) then you are making their jobs even easier and could be allowing a cyberattack to happen that could easily be avoided.
A recent study across Fortune 1000 companies showed that many principals and business leaders in large organizations are just as guilty… they will not only use the same (or similar password) across multiple programs within their company, but then use the same password for their personal banking or social media as well. With this 1 piece of information and the domain name from the users email address (for example: email@example.com), hackers can easily dive into the “Pretend Business” network and work on logging into multiple systems across the platform to access all the data they want.
And why is that so easy? Because we all fall victim to human nature! There is so much going on in the world today that we don’t stop to think about how much information we easily hand out to people. By visiting someone’s personal social media page, you can find out everything you wanted to know about them without ever speaking to them directly: they will have a photo with their spouse and relationship status tagged to them directly, the schools they have attended, interests, family information including parents & grandparents. Think about it, if you give the right person just a link to your social accounts how quickly could they learn your mothers maiden name, find out what sports teams you follow, what year you graduated high school… and these are all commonly used security questions to access all sorts of websites – including your personal banking information!
So what steps can you take to help keep your data secure?
1) Use strong, UNIQUE passwords for each website.
2) Change your passwords often (and not just add a number to the end of it).
3) Use a password management tool like LastPass – this will not only help you log your passwords so we don’t go back to the days of having them written in a book, but they are encrypted to ensure they are securely saved and easy for you to access (but keep the bad guys guessing).
4) Stay up-to-date on what tactics hackers and cybercriminals are using! Just as the world is constantly changing, so is the way that people are accessing information which means that the world of breaches is constantly evolving. Just because you haven’t been breached YET doesn’t mean it won’t happen, stay up to date on the latest ways to protect yourself and how to keep your data and information secured.
5) Never take your guard down! The days of getting emails that you have inherited $100,000,000,000.00 are over… sometimes the breaches that seem most innocent are the ones that will cause the most damage. If you are not expecting an email from someone, or if you have a second of doubt about an attachment, CALL and make sure that it was sent by them.
I know that you hear all of us say this a lot, but we continually push the importance of a password policy because it really is that crucial to your security and making sure your data is safe. If you have questions or aren’t sure how to even start, feel free to reachout to our team. We are here to help make sure that you and your company are secure from the moment you click open a webpage and have to enter in data to login!
Stay safe, be well and as always… change your passwords!
Client Relations Manager