This article was co-written by Iman Watson, senior solutions architect, and Kailey Hughes, lead development representative.
As we mostly are working remotely these days, securing your space when you’re not in the safeguards of the office walls are critical. Perficient places a high value on data security and has several processes and tools in place to protect colleague and client information, but what about the everyday person?
These six areas of data privacy and security below should be at the top of your list to secure and protect yourself and your family. (We encourage you to share this blog with family and friends who might be unaware so they can protect themselves, too!)
Let’s get started!
1. Create a Secure Password
Creating strong passwords is a great first step to securing your data and maintaining your privacy online. Here are some tips to help you chose to top-notch password.
- Use Passphrases: A strong password doesn’t have to be hard for you to remember. Simply memorize a series of unrelated words and combine them together into a passphrase.
- Be Easy to Remember, Hard to Guess: If you have an easy-to-remember password, you will not have to write it down, reducing the opportunity that someone will find your written password.
- Make it Unique: Ideally, the password you make should not contain any personal details about you such as birthdays or the names of children/pets.
- Choose the Right Length: A minimum length of 8-12 characters long, with long passphrases being even better
- Enable 2FA: Use two-factor authentication for managing access to resources
- Password Rotation: Change your passwords every 90 days or less
- Use a Password Manager: By leveraging a password manager like LastPass, Keeper, or Dashlane, you only need to remember one password.
- Never Reuse a Password: Or else your hard work is for nothing.
2. How to Avoid a Phishing Scam
Threat actors have been taking advantage of the uncertainty and stress surrounding COVID-19 to trick employees into divulging sensitive information and sending company funds to fraudsters. In fact, it has been reported that a staggering 9 out of 10 coronavirus-related domains are scams. Here’s how you can protect yourself and your loved ones from these poorly-intentioned hackers.
- Verify Message Sender: If a message asks you to take a potentially damaging action (clicking a link, entering credentials, sending money, etc.), verify that the message comes from its alleged sender.
- Hover to Check Links: Before clicking a link, verify that it goes to where it claims by hovering over it and checking the destination URL. Better yet, don’t click on links in emails and browse to the target site directly in your browser.
- Be Cautious of Attachments: Attached files can carry all sorts of malicious content. Never open a file that you’re not expecting or haven’t verified out-of-band (i.e. by calling the sender).
- Don’t Enter Credentials: Phishing messages commonly try to trick people into entering their credentials into a fake, attacker-controlled website. Never click on a link and enter credentials, and consider using a password manager (which won’t fall for fake and lookalike sites).
3. Use Antivirus Software
Antivirus software does more than just protect your computer from viruses and malware. Depending on the product you use, it can also protect your privacy, prevent you from visiting unsafe websites, help you to locate a lost device, and provide secure online storage. Consider protecting your smartphones and tablets as they are at risk as well. The major industry players in antivirus software are Kaspersky, Bitdefender, Norton Antivirus, which have free and paid options.
4. Secure your Wi-Fi Network
When you’re at home, there are a few things you can do to protect yourself on your home wifi.
- Use Encryption: Preferably Wi-Fi Protected Access II (WPA2) because it is the strongest. You should be able to do this in the security settings.
- Router Settings: Changing your router settings so that the SSID remains hidden and potential hackers therefore won’t be able to find it.
- Update Network Name: Changing the name of your network (the Service Set Identifier or SSID) so that hackers cannot guess the manufacturer of the router.
- Use Strong Passwords: Ensuring you use a strong password to gain access to your network.
5. Manage Your Privacy Settings
Also, consider what browser and app you are using and what kinds of access it has, and the data it collects. If you want to view or change your privacy/security settings for Data Privacy Day (or anytime!), but don’t know where to find them? Use these direct links to update your privacy settings on popular devices and online services on everything from social media to Peloton and Spotify.
6. Watch Yourself in Public
If you’re working while on the road you may be tempted to use one of many publicly available Wi-Fi hotspots. These connections may be fine for low-risk personal browsing but there are dangers you should be aware of.
- Hotspot Spoofing: Attackers could make a “honeypot” where they spoof an existing hotspot. Once you connect to their hotspot they can perform a man-in-the-middle (MITM) attack to intercept your connection with a fake domain that looks like the one you were trying to visit. Once you login to the fake domain they now have your login credentials.
- Traffic Sniffing: Other users of the hotspot could potentially see your traffic on unencrypted websites if the provider of the public Wi-Fi does not have adequate security controls in place.
- Use a VPN: Virtual Private Networks, or VPNs, can reduce, but not eliminate, the security risks of public Wi-Fi. A few great options for personal VPN software are NordVPN, Express VPN, and Surfshark.
- Use a USB Condom: If you’re brave enough to plug your phone into a public (or worse) free charging station, at least protect yourself with a USB Condom. Better to have it and not need it…
- Watch Your Back: Keep an eye out who is watching you. Hold your hand over your phone when entering passwords and keep an eye on anyone who may be watching you work.
Celebrate Data Privacy Day with Perficient
Data Privacy Day is an international effort to empower individuals and encourage businesses to respect privacy, safeguard data, and enable trust. You can get involved at home, at work, and in your community. Take action and help create a culture of privacy. Learn more about Data Privacy Day, including Privacy Tips for Parents and the chance to quiz yourself with the National Privacy Test and Google Phishing Quiz.
At Perficient, we continually look for ways to champion and challenge our talented workforce with interesting projects for high-profile clients, encourage personal and professional growth through training and mentoring, and celebrate our people-oriented culture and the innovative ways they serve Perficient and the community.