Kalles/Group Articles
2-17 hacker pic

Five security mistakes and how to prevent them

Sometimes it’s just a matter of changing your password more often.

Security breaches have become distressingly common in recent years, compromising everything from employment records (security specialist RSA in 2011) to payment card information (Home Depot in 2014). And they’re becoming more complex and lethal, according to the recently released 2017 Verizon Data Breach Digest.

Some of the most damaging breaches from last year might seem overwhelming, but actually could have been mitigated. Established frameworks, for instance, weren’t adhered to in the Democratic National Committee email hack. And Yahoo’s massive data leak probably resulted, in part, from the marginalization of its security team.

On a smaller scale, preventing hacks often comes down to common sense and simple practices. Below are some common security breaches and what we can do to prevent them, courtesy of TechAdvisory.org.

Malware is unknowingly installed. Most of the time the user is tricked into downloading it. Hackers plant malware in software, then place it on a website. A user is told to download it to make a site load properly, allowing the malware to infect the system. Or an infected file is sent through email.

To combat malware, don’t download files from untrusted locations; pay attention to the file’s name before downloading; avoid torrents, adult-content sites; and movie-streaming sites; scan files before downloading them.

Hackers can alter operating system settings. If you’re an admin on your computer and a hacker accesses it, he or she gains full access. This is an invitation to malware, changed settings or a complete hijack of the machine. Worse yet, if the hacker taps into a computer that manages the overall network, you cede control over all the network’s systems.

If a user doesn’t need to install files or change settings, make sure he or she doesn’t have administrator access. Also, installing security software like anti-virus scanners and keeping them current, along with conducting regular scans, limits the chances for infection and its spread.

It’s not virtual, it’s physical. Oftentimes malware or stolen data is the result of physical access to your systems. Leave your computer on, and someone can plug in a USB drive to infect your system. Or that someone can access your system and reset the password, locking you out and gaining access.

Ensure that your computer is password protected, and that you shut down or log off when you’re away. Also, disable drives and connections like USB if you don’t use them.

Some employees just aren’t happy. A disgruntled employee might delete essential data, remove it entirely from the system, or introduce highly destructive malware. That’s why it’s important to limit access to necessary systems. Along with restricting admin access and installing scanners, this step can help prevent employee-driven breaches.

Surprise: Your password is compromised. Many folks have dismally weak passwords. Services are increasingly being breached through the theft of user account data. A hacker who obtains your username when the password is obvious will have little trouble accessing your account.

Worse yet, many people employ the same password for multiple accounts. That could mean a massive breach leading to stolen data and the theft of your identity.

For every account, use a separate password, ensuring that each one is strong and widely different from others. A password manager can create a separate one for each account. Lastly, be sure to change your password regularly.