Have you or your business already been hacked? How do you know for sure?
How to avoid being hacked
The real scary thing is that they are collecting all the data they need to damage your business during this time.
Once they have what they need, they use it to access bank accounts, sensitive information, personal data, or anything else they find of interest.
What does it mean to be hacked?
A business mentor of mine was recently “hacked” and it cost him $400,000!
He was doing business overseas and stopped in a coffee shop to take care of some business.
He bought a coffee and signed onto the coffee shop’s free wi-fi and started working.
On average, a hacker is typically inside your computer systems for 210 days before you detect them.
As he was going through his emails (he was not using VPN or SSL) he noticed a note from his secretary mentioning that they needed to wire money to a vendor for payment of an invoice.
The usual protocol in a case like this was for him to call the secretary and the bank and provide passcode and security information (two-person verification) to make this transaction.
But as he was overseas (and in a noisy coffee shop), he thought it would be easier to just email her the information instead of making the phone calls.
Unfortunately for him, some nefarious intruders had hacked into his unsecured email and essentially began a conversation with him in a way that made them appear to be his secretary.
He unknowingly gave them his bank account information and access codes and they subsequently removed $400,000 from his account!
The money was unrecoverable!
We get warned about security every day but this incident hit close to home. It was a wake-up call for me to ensure that I am working as securely as possible so I don’t get hacked!
What actions should you take to avoid being hacked?
There are probably an infinite number of ways of being hacked. Your job is to make it as hard as possible for hackers to infiltrate your business and personal accounts.
The following 15 steps will go a long way to ensuring you and your business keep hackers out.
About the hardware
- All your computers must use hard drive encryption. Use Bitlocker for Windows and FileVault on OS X computers. This way if someone steals your computer, they will never be able to access its contents.
- Cover the camera on your computer when it is not in use. Cameras can be hacked and hackers will leverage what they see in many devious ways!
- Disable the automatic login on your computers and use a password for login.
- Do not walk away from your computer without locking it first. The following shortcuts make it easy to lock your computer:
- Windows: Windows button + L
- Mac: Control + Shift + Eject/Power
- Also, set your computer to log out after 10 minutes of idle time (in case you do forget to lock it when you walk away).
About the password
- Use a respected virus and malware scanning software package that continually updates for new threats (MacAfee, Norton, Windows 10 comes with a system built in, etc.).
- Use some sort of encryption for all sites you visit where you are sharing critical or sensitive data. If the URL starts out with HTTPS it is using encryption. Never provide any sensitive information to any site that does not use HTTPS. Use an email service that sends email securely using SSL or TLS encryption.
- All smartphones and tablets must use lock codes and you must be able to wipe them remotely. Increase your PIN from 4 characters to 8 characters.
- Use a unique, long-form password for each site you visit.
- Don’t use the same password twice.
- Use random passwords that no one can randomly guess.
Don’t send password or account information for anything important over email or text message.
- Make sure your email password is DIFFERENT than all other passwords. The reason for this is many websites use your email address as your username. If you give your email address as your username and then use a common password, you have literally given your entire login credentials to anyone who may be digitally eavesdropping (special thanks to intoria.com for providing this tip).
- Use tools like 1Password to manage your passwords for you.
- Use 2-factor authentication when using services like Gmail. Two-factor authentication uses two separate methods to log in when you access an account from a new device or terminal.
- Be extremely cautious when accepting a thumb drive from anyone. This is an easy way for viruses, key loggers, malware, etc. to transfer to your computer.
Just like you are not immune from the common cold, you are also not immune from hackers! So, take these 15 steps to protect, you, your family, and your business!
For more information, check out this article on security in your business.
“Security is our top priority because for all the exciting things you will be able to do with computers – organizing your lives, staying in touch with people, being creative – if we don’t solve these security problems, then people will hold back.” Bill Gates
Do you have a favourite internet security tool or did I miss something that you think I should include in the list above? Leave a comment below and let us know!
Download a free copy of my new Ebook: 12 Steps to Business Transformation. If you would like a business assessment to help kick off your business transformation, contact me at firstname.lastname@example.org or at 587-227-5179. Be sure to sign up at www.thinkingbusinessblog.com for weekly blog updates delivered to your inbox.