10 Best Practices for Internet Security
Despite firewalls, antivirus software, security services, and identity protection, there are
still many cybersecurity vulnerabilities that you should keep in mind. Follow these 10 best practices,
or basic rules, in order to help maintain your business' security on the web.
- Use secure passwords. You may (or may not) be surprised to find
out that the three most common passwords are "123456," "password," and "12345678." Don't use those. The
ideal password is a random collection of letters, numbers, and some symbols, but that's not a password
that most people will be able to remember. To simplify things, a good rule of thumb is to include at
least 1 number, 1 uppercase letter, and 1 symbol in whatever word(s) you choose to use.
- Don't reuse passwords. This is a password mistake that most people
don't think about. You never know exactly when a password is compromised. Most applications or software
will make you change for your password every 6 months to a year for that reason. Don't use the same
password across different accounts, either. If a hacker gets the password to one account, they have it
for all accounts.
- Be suspicious of external downloads and emails. Go with your gut
on this one. If something smells fishy or feels off, it probably is. Phishing emails are designed to
seem like they are being sent from a real person or company in order to obtain information from you. A
spyware download may also look like a genuine file. Bogus security experts may also claim that your
computer has a virus and that they'll take care of it for you—usually for a fee or remote access
to your computer. If you think it's fake, don't even open it. You can try to determine if it's fake by
looking for inconsistencies in the sender's address or subject line.
- Keep an eye on the news for security incidents. For a timely
example, look at Home Depot. News sources recently revealed that this home improvement company
experienced a security breach that may have compromised up to 56
million credit cards. If you hear that one of your vendors was hacked, you shouldy consider getting
a new card with a new number. Yes, it's annoying to have to request one, even when you aren't sure if
your card was compromised, but the security is worth it.
- Have a crisis management and response plan. If something happens,
don't waste time scrambling for the best response. That's how mistakes happen. By setting up this kind
of cybersecurity plan, you're actually helping to prevent crises from happening. The Federal
Communications Commission, or FCC, provides a nice tool for creating a customized cybersecurity plan.
- Back up your data. Doing this simple step on a regular basis will
help keep your Small Business running if mayhem strikes. A tool like Verizon's Backup and Sharing service allows you to securely store and access your
data from anywhere.
- Keep software, programs, and applications up to date. One, never
disable your firewall. For most people, there really isn't a good reason to ever do that. Two, always
keep software up to date. Most of the time, an update is a company plugging a security hole in their
program. Three, delete or deactivate any software, programs, or applications that you're not using.
- Secure your Wi-Fi. Ensure that your company's private Wi-Fi
network is encrypted, secured, and hidden. When using an unsecure Internet source (like public Wi-Fi
spots), use a VPN service to provide a secure connection.
- Wipe data from old technology completely. Data can be left behind
if you don't completely wipe a computer with a certified tool. There have been reports of information
being recovered from a deleted or reformatted hard drive. To prevent that, there are three ways
to wipe data: erase it using destruction software, degauss it, or destroy the hard drive.
Destruction software, for example, follows the standards of a "DOD wipe", which is what government
agencies, like the Department of Defense, would use. If it works for them, it will work for you,
Install, register, and renew a total antivirus, antispyware, and
firewall package on every computer. This may sound obvious, but it's easy to forget. Make sure
you purchase, renew, or register whatever security package you have. Don't forget that new computers may
only come with trial software that has to be purchased when the timeframe runs out. Your best bet is to
search for a service that does all three, like the Verizon Internet Security Suite.
Professional service firms, such as law and accounting firms, and other businesses may
need to encrypt their email and documents, as well as use general Internet security and online backup
services. Verizon offers a Data Protection Premium bundle for these needs.
Use this guide to make sure your organization is trained in these basic Internet security
standards. After all, each person in your company is part of its overall defense. Print it, pin it to a
bulletin board, hand it out, or email it. Do whatever it takes to ensure that everyone's on the same
page. By taking action now, you're already reducing the risk of a security incident.