Imagine this. It’s about 11:45am on a Thursday morning. Your calendar is clear until 1pm, you’ve finished your morning tasks ahead of schedule, and you’re hungry. Lucky for you your DoorDash driver showed up early with that burrito bowl you ordered from Chipotle. You message your team to let them know you’re taking an early lunch and will return in an hour. You head to reception to retrieve your hard-earned burrito bowl, stomach growling like you haven’t eaten since breakfast. You head for the employee lounge. Twenty minutes goes by. You get a notification on your phone from the IT department saying they’ve caught wind of some suspicious activity happening on your workstation. You drop the fork, pause the cat video, and speed walk back to your cubicle because you realize that, in your excitement at the thought of an early lunch…you forgot to lock your computer! When you get there all that’s on the screen is a small black window with the words “Command Prompt” at the top and “C:\Users>” followed by a flashing white cursor. And no one. Saw. Anything.
Lock Before You Walk
Locking your computer is like drawing the shades over your windows and closing the garage door when you’re home for the evening. Digitally speaking, of course. After all, who wants random people walking by staring in their windows while they binge watch The Office for the twentieth time? No one! The same goes for your computer. Whenever you step away, make it a habit to lock your computer or device, and double down with the use of a strong password. Better yet, biometrics like a fingerprint or facial recognition (and if you’re REALLY cool…a hardware key). And here's the secret sauce: set your screen to auto-lock after moments of inactivity. Because let’s be honest, we’ve got enough going on at work without having to remember to lock the screen every time we walk away. Your screen, your rules.
Don't Be Click-Happy
I bet you checked that back-up camera on the dash of your car before just rolling out of your driveway this morning, right? Think before you click! In less than 90 seconds you can apply a few simple checks to any link or attachment and save yourself a lot of potential headaches. When you get an email you’re not expecting or end up on a website you didn’t intend to end up on, follow the SLAM Method:
- SENDER: Ask yourself, “Do I recognize the source?” If not, stop and think, "Why am I seeing this?". Then proceed with caution.
- LINK: Hover your mouse over links to preview the URL before clicking. If the website looks sketchy and/or doesn't match the sender, it’s worth further investigation. Never be afraid to ask an IT pro to be sure. Use a free website like virustotal.com to check the link for any malicious history.
- ATTACHMENTS: These can contain malware that is installed without you even knowing it, but only if you click on them. Be cautious of attachments, pop-ups and ads that ask for you to input personal information or promise unbelievable offers. As the old saying goes, “If it sounds too good to be true, it probably is.” Especially on the internet!
- MESSAGE: If an email sounds threatening but says it’s from a source you recognize—say, the bank you use—skip the email and take yourself over to the website and check the validity of the claim yourself. Hackers can easily create emails that look legitimate. Never hesitate to ask a professional like, a customer support agent for said bank, or your organizations’ IT department.
Keep Your Passwords Fortified
Ok, this is both one of the most tedious, and yet, most crucial things you can do to keep yourself and your organization secure online. Most of us are tired of hearing about “strong passwords”. It’s understandable. There’s a lot to remember here. BUT, even a novice hacker can utilize free software and a consumer-grade laptop to crack a simple password in minutes. And guess what? If you used that same password on multiple platforms….we’re talking compounding damages. A reputable password manager is an incredible solution. So, do this. Create strong unique passwords using a mix of uppercase, lowercase, numbers, and symbols. Good password managers will have a mechanism that will generate a strong password for you on demand using built-in algorithms. If you think you’ve got the chops to keep it all in your head…avoid using easily guessable information like birthdays or names. Opt for something unrelated, yet memorable to you. And DO NOT reuse the same one twice.
Updates
I know, I know, change is hard. You love your trusty steed of a laptop running Windows 7. You know where everything is and don’t want to have to “re-learn” new features on an updated operating system. But you know who else loves old software that hasn’t been updated? Hackers! Why? Two words: Software Bugs. Software bugs make it easier for hackers to exploit your system and gain access to your organization. Software is changing all the time and the companies that build that software spend a lot of money paying really smart people to find and repair software bugs in the programs you and I use every day. When you run an update on your system you get to participate in the fix for those software bugs. If you don’t run the updates…well…you get the idea. If you work in an organization that has a solid IT Partner (Like Ascend Technology Group 😏) they’re likely way ahead of you on this. So be cool and trust their process.
That’s it! You’re now safe from all hackers, everywhere, all at once! Just kidding. Never trust anyone that says that with a straight face. But this is the game we play when we use technology. There’s always risk. There’s always reward. And there will always be “baddies” that would love to get their dirty malware claws into the petabytes of data that you and I sling across the web everyday. But the good news is that, more often than not, their success starts with your naivety. And that’s why we’re here. To arm you with the knowledge to keep yourself from being an easy target. To be so good at basic security practice that they won’t even waste their time on you. And if you’re looking for an IT partner that does the work to build security into the managed IT services it provides its clients, ATG is here for it!
