As we gratefully say goodbye to 2020, we should consider our New Year’s Resolutions for 2021.
Sure, some of us may have to resolve to put away the pajama bottoms for good later this year, and others may resolve to recall where their desks are in the office.
Beyond that, we’d like to suggest some resolutions that will help keep your online life secure whether you continue working from home or return to office life when appropriate.
- Buy and use a password manager. We refer to the software version, not the $5.88 little books sold by Wal-Mart. Software password managers can generate secure passwords, scour the Dark Web for compromised passwords, stop you from reusing the same password over and over – and store everything securely with encryption. The books cannot.
Remember – the book doesn’t do autofill, but the software does. The software syncs across your devices and is always available to supply your password. The book, on the other hand, could disappear under your sofa cushions.
- Use multifactor authentication. It stops Russians, Chinese, Iranians, North Koreans, Nigerian Princes, and who knows who else from hacking in and stealing your information and assets. Yes, it’s an extra annoying step. But we’re living in 2021, and that’s now part of life. Do it.
Multifactor authentication can be a text message sent to your phone, the Google app that generates those random six-digit codes, or other apps. Everywhere you log in, look at settings -> security, and turn on authentication. If you do business with a financial entity NOT using multifactor authentication, pull your funds out NOW because otherwise, a hacker will.
Multifactor authentication can stop up to 94-95 percent of breaches and data theft.
- Be a skeptic online. When someone sends you an email telling you to update your login credentials or install a new email program by clicking a link – check it out. (Well, actually, we think you should just delete it.) Check it out by clicking on the sender’s name and seeing what email comes up. Most likely, it will be an email that has no relation to the content. Delete! Same with offers for something free or significantly reduced if you just click a link, or offers of information on a trending topic (coronavirus and vaccines, for example.)
Be skeptical about attachments, too, especially ones demanding payment. If you have accounts payable responsibilities, make sure your company has up-to-date security software installed to block known malware and malicious links – the kind of software that may also throw some emails you want into junk.
- Stop playing identity games on Facebook. Many of those “What animal are you?” “What flower are you?” are from crooks interested in harvesting background information about you so they can turn around and fool you with phishing emails – or program bots to guess your passwords. The short-term fascination with the results could turn into long-term identity theft. Don’t play those games.
- Back it up. Keep an offline backup current even as you use convenient automatic Cloud backups. At a minimum, use a reputable Cloud provider (Microsoft, Google, etc.) They will have better security than other providers. On the other hand, they are also high-value targets for hackers, and from time to time, get exploited. So a current offline backup is insurance for what might seem impossible. (See also: SolarWinds.)
- Set updates to automatic. Most programs now give you an alert that allows you to install “in an hour” or “later tonight,” so you’re not waiting on updates to download and install while on deadline. But keep your software current, as many updates are fixes for security vulnerabilities. Cybersecurity constantly evolves, hence the constant updates.
Online security requires layers, as with a castle, to repel invaders. Take the steps above, and you are much less likely to face embarrassment or fear for a compromised account.
We wish you a Happy – and Healthy – New Year!