10 Best Practices for Internet Security
Despite firewalls, antivirus software, security services, and identity protection, there are still many cybersecurity vulnerabilities that you should keep in mind. Follow these 10 best practices, or basic rules, in order to help maintain your business' security on the web.
- Use secure passwords. You may (or may not) be surprised to find out that the three most common passwords are "123456," "password," and "12345678." Don't use those. The ideal password is a random collection of letters, numbers, and some symbols, but that's not a password that most people will be able to remember. To simplify things, a good rule of thumb is to include at least 1 number, 1 uppercase letter, and 1 symbol in whatever word(s) you choose to use.
- Don't reuse passwords. This is a password mistake that most people don't think about. You never know exactly when a password is compromised. Most applications or software will make you change for your password every 6 months to a year for that reason. Don't use the same password across different accounts, either. If a hacker gets the password to one account, they have it for all accounts.
- Be suspicious of external downloads and emails. Go with your gut on this one. If something smells fishy or feels off, it probably is. Phishing emails are designed to seem like they are being sent from a real person or company in order to obtain information from you. A spyware download may also look like a genuine file. Bogus security experts may also claim that your computer has a virus and that they'll take care of it for you—usually for a fee or remote access to your computer. If you think it's fake, don't even open it. You can try to determine if it's fake by looking for inconsistencies in the sender's address or subject line.
- Keep an eye on the news for security incidents. For a timely example, look at Home Depot. News sources recently revealed that this home improvement company experienced a security breach that may have compromised up to 56 million credit cards. If you hear that one of your vendors was hacked, you shouldy consider getting a new card with a new number. Yes, it's annoying to have to request one, even when you aren't sure if your card was compromised, but the security is worth it.
- Have a crisis management and response plan. If something happens, don't waste time scrambling for the best response. That's how mistakes happen. By setting up this kind of cybersecurity plan, you're actually helping to prevent crises from happening. The Federal Communications Commission, or FCC, provides a nice tool for creating a customized cybersecurity plan.
- Back up your data. Doing this simple step on a regular basis will help keep your Small Business running if mayhem strikes. A tool like Verizon's Backup and Sharing service allows you to securely store and access your data from anywhere.
- Keep software, programs, and applications up to date. One, never disable your firewall. For most people, there really isn't a good reason to ever do that. Two, always keep software up to date. Most of the time, an update is a company plugging a security hole in their program. Three, delete or deactivate any software, programs, or applications that you're not using.
- Secure your Wi-Fi. Ensure that your company's private Wi-Fi network is encrypted, secured, and hidden. When using an unsecure Internet source (like public Wi-Fi spots), use a VPN service to provide a secure connection.
- Wipe data from old technology completely. Data can be left behind if you don't completely wipe a computer with a certified tool. There have been reports of information being recovered from a deleted or reformatted hard drive. To prevent that, there are three ways to wipe data: erase it using destruction software, degauss it, or destroy the hard drive. Destruction software, for example, follows the standards of a "DOD wipe", which is what government agencies, like the Department of Defense, would use. If it works for them, it will work for you, too.
Install, register, and renew a total antivirus, antispyware, and firewall package on every computer. This may sound obvious, but it's easy to forget. Make sure you purchase, renew, or register whatever security package you have. Don't forget that new computers may only come with trial software that has to be purchased when the timeframe runs out. Your best bet is to search for a service that does all three, like the Verizon Internet Security Suite.
Professional service firms, such as law and accounting firms, and other businesses may need to encrypt their email and documents, as well as use general Internet security and online backup services. Verizon offers a Data Protection Premium bundle for these needs.
Use this guide to make sure your organization is trained in these basic Internet security standards. After all, each person in your company is part of its overall defense. Print it, pin it to a bulletin board, hand it out, or email it. Do whatever it takes to ensure that everyone's on the same page. By taking action now, you're already reducing the risk of a security incident.