How to Protect Your Personal Information on Facebook
With up to 87 million Facebook users’ personal information harvested and passed on to Trump-affiliated political firm Cambridge Analytica, which used it to target voters in the 2016 presidential election, people throughout the world are scrambling to better understand how to protect their personal information on Facebook and other social media outlets.
Before beginning to lock down your account, it’s a good idea to know whether or not your data was shared without your knowledge. This can be done either by waiting for the slow rollout of Facebook notifications that the company promises to post to your News Feed or you can check on it yourself through Facebook’s online Help Center.
What You’re Sharing Your Information With
After you’ve checked if your data was given to Cambridge Analytica, you’ll want to go ahead and see which apps and websites have access to your personal information. This can be done by going into your settings, and then clicking on “Apps and Websites.”
Wired explains, “If you do find apps there that you want to remove—it’s amazing how many you can pile up over the years—keep in mind that they can still hold onto your data after you give them the boot. To be totally free and clear, you have to contact them directly, through their Facebook page or website, and ask them to clear out whatever they have on hand.”
Facebook’s Suggestions for Security
Facebook offers six things you can do to help keep your account safe, but they don’t seem to offer much insight other than what most would consider the most basic of internet security.
Protect your password: Don’t use your Facebook password anywhere else online and don’t let anyone else know it.
Log out of Facebook when you’re done using it on a shared device.
Use anti-virus software.
Think before you click or download anything.
If Facebook’s list doesn’t really make you feel any more secure or informed—don’t worry, you’re not alone.
Put Your Account on Lock Down
The first step toward understanding and gaining control over your social media accounts, especially Facebook, is locking them down. You can tighten up your Facebook account by clicking on the settings and selecting “Privacy” from the options on the right.
Take a look at who can see your future posts and start editing. You’ll most likely want to move it from “Public” to “Friends.” However, if you’re really wanting to keep things private, you can select “Only Me.”
This only takes care of future posts. Now, take a look under “Who Can see my stuff?” Here, you’ll find the option to limit the audience for posts that you’ve already shared with friends of friends or the public. Click on “Limit Past Posts.” After the menu expands and you click on “Limit Old Posts,” a warning box will appear—click confirm.
Once these two major steps have been taken, you can start going through the details of your profile and deciding what you want to make available to friends or the public—like if you want your age to show, your relationship status, and so on.
Protect Your Personal Information on Facebook
What this most recent breach of trust between Facebook and its users—most of whom did not fully understand how much of their personal information they were selling for the privilege of using Facebook—reveals, is the need for individual users, as well as businesses, to be savvier in understanding cybersecurity risks. These risks are heavily compounded for businesses that not only need to protect their own data but are also saddled with the responsibility of protecting the sensitive personal information of employees and clients.
IT solution companies, such as Harrington Technologies, are built to keep your business running smooth and fast, ensuring the highest-level of security for you, your employees, and your clients. Get in touch to learn more!
How to Create a Strong Password
One of my quirks is an uncanny ability to create nearly impenetrable passwords. Are the passwords I create for my clients quick to type and easy to remember? No. But they offer the type of data protection I demand for my clients.
When I received a report recently with the most popular passwords of 2017, I couldn’t help but shake my head. I have a feeling that, if you know anything about cyber security, you’ll have the same reaction. Here are the top 10, according to SplashData:
123456
password
12345678
Qwerty
12345
123456789
letmein
1234567
football
iloveyou
Number 16 on the list was an interesting addition for 2017, so it’s worth mentioning too. It was “starwars.”
Now, I love Star Wars and football just as much as the next guy, and I can relate to the frustration of just wanting to get let in to an account, but to use these words and number series as a password is asking for trouble. If you’re tempted to steal from this list of passwords because they’re easy to type and remember, I urge you to think twice.
Here are a few tips from yours truly, the password fanatic, on how to create memorable, yet strong passwords.
Avoid Patterns
Notice that some of the most popular passwords contain a series of numbers. These series are patterns that are easy to guess and easy to hack. SplashData reported seeing some attempt at securing this style of password by adding a character at the end (for example, 123456!) but alas, adding a character does not make the password safer to use.
I suggest avoiding patterns in general. Instead, mix up your password with letters, numbers, and characters. More on how to do that effectively below
Jumble a Phrase
If you demand a password you can remember, choose a phrase you love. Since ‘starwars’ made the list of popular passwords, let’s use this as an example to illustrate this point.
Once you have a phrase in mind that’s memorable to you, jumble it with numbers and characters. Starwars could then become $t@r34rS or S!a&w@r$. It’s hard to see but those characters and numbers are replacing letters. $ can be used in lieu of the letter S. @ can be used in lieu of the letter a. It’s a simple concept but when used effectively it can exponentially increase your password’s strength while still making it memorable.
Now, although this approach helps, using a phrase and replacing letters with numbers that look similar isn’t always the safest approach. Still, it’s far better than typing a series of words that are easy to guess, so we’re at least moving a step in the right direction if you use this method.
Use a Password Generator and Keeper
The most secure types of passwords are those you could never rattle off to a friend or remember to type without hours of practice. They’re secure because they’re nonsensical. Having a password like this might sound like a nightmare scenario, but there are apps to help you remember and protect them, so you don’t have to memorize 20 random characters, numbers, or letters.
To generate a password, I like Random.org’s Password Generator. You can choose how many characters each password should be and how many different passwords you need.
Storing passwords, so you can quickly pull them up when needed, is another important step. After all, what good is a password if you don’t have it when you need to login to an account? There are a few services that help with this. A few of my favorite include:
I’m an advocate for strong passwords because I’ve seen the devastation it can cause when passwords aren’t secure. There’s a reason for being such a stickler about this and I hope when you create your next password, you choose a strong one for your sake.
Want extra help with your cyber security? I’m here for you. Give us a call for a free audit of your business’s security and find loopholes you might not know exist.
The Best Gift for Your Small Business in 2018? Cyber Security Consulting
‘Tis the gift giving season. While you might be busy checking others off your holiday list, it’s important for you to remember one very deserving recipient – your business. On this year’s hot list for small businesses: Cyber security consulting.
How secure will your business be during the clinking of champagne glasses and singing of Auld Lang Syne? Will all of your sensitive business data continue to be securely stored when you arrive at work in the New Year and in the 52 weeks to come?
If you’re not sure how safe your business intelligence is, now is the time to think about putting a big red ribbon an important and potentially money saving gift this holiday season. Here’s why.
78% of Organizations Have Suffered a Data Breach
That shocking statistic from Ponemon Institute and TrendMicro proves that companies of all sizes are vulnerable. It also shows just how active hackers are these days – and the matter is only getting worse.
A few months ago, the Equifax data breach struck people around the world causing many business owners to freeze their credit reports and keep a laser focus on what went in and out of their bank accounts. One business owner we heard from got notice of a $650,000 withdrawl from her business account at 8 p.m. on a Wednesday night. She immediately had to shift focus away from productivity to get that money back.
Hacks like this aren’t unheard of, although most happen on a much smaller scale. Although you can’t ever be fully protected from outside risk, there are certain things you can give to your business now to improve your security in the New Year and beyond.
Train Your Employees
Cybercriminals steal approximately $1 billion annually from US and European small businesses every year, according to SC Magazine. Many times, the entry point isn’t through a data server; it’s through an employee’s negligence. A click on a malicious link from a seemingly innocent email can send your business into a tailspin.
With cyber security consulting for your small business, you can train your team on how to identify these threats, so there’s less opportunity for the bad guys to access your sensitive information.
Up The Protection Ante
When was the last time you looked at your cyber security architecture? When was the last time you evaluated the programs you have in place to protect the data stored on your servers? If it’s been awhile, you might have a few outdated systems that could be leaving you at risk.
Calling in a cyber security expert can help you analyze what you need and what you don’t. It’ll help you identify holes in your current approach, so you’re not leaving your business to chance.
Think Again About Your Device Policy
I get it. It’s easier and cheaper to operate with a Bring Your Own Device (BYOD) policy at work. Employees like it because they can use only one computer or mobile device to keep in touch with the office. Still, these policies expose your business to attacks that, if not approached correctly, could be disastrous.
Before you nix the BYOD policy altogether, bring on someone who is an expert in these types of attacks that can analyze how you’re operating and where you’re exposing your business to danger. The longer you keep your personal devices unsecure, the more at risk you put your business.
Backup Your Data
I can’t stress this enough. Having a solid solution for backing up your data is one of the best things you can do to protect your business. There are several reasons for this.
The most obvious reason is that backing up your data means you have your most private business information in the event of a loss.
The lesser obvious reason lies in how that loss happens and when. For example, if you arrive at work one morning to find your business has been attacked by ransomware (which happens at a shockingly high rate to small businesses in Tucson and around the country), you could face days or weeks of downtime. This in turn could mean lost sales, lost future business, and in many cases, the shutting down of your business all together.
This isn’t something to mess with. By having your business data backed up on a regular basis, you’re able to restore it quickly in case of an attack, keeping you profitable.
Ready to Schedule a Cyber Security Consultation?
Give your business the gift of security this holiday season. In doing so, you could be giving yourself and your employees the gift of continued growth and uptime, which could be the difference between having a job and losing a job.
We’re here to help. Call us to schedule your consultation and learn more about how you can stay protected.
Why It’s Important to Keep Your Medical Office IT Secure
Prior to today’s tech boom, recordkeeping was done by locking papers away in cabinets inaccessible to unauthorized individuals. Keeping patient records confidential was literally done through lock and key. With today’s technology, it’s even more important to keep patient records confidential so as not to breach the patient-doctor privilege.
With the passage of the Health Information Technology for Economic and Clinical Health Act (HITECH Act) in 2009, hospitals and health care providers were mandated to adopt electronic health records (EHR). By 2015, doctors and health care practitionerswere instructed to avoid the use of handwritten charts, and fully switched to an electronic medical record system.
This process brings about a whole host of new challenges in preserving patient confidentiality.
Advantages of EHRs
The new law does have its advantages. According to a study by Therry, Thorpe, et al (2008) for the US National Library for Medicine, some benefits of the EHR include:
Efficiency: no need to look for patient’s physicals charts, just look them up on the database
Easier collaboration between healthcare professionals: whether for patients who frequently transfer hospitals or have multiple doctors, to gathering data for research studies
Decreased medical errors
So, why is a tech person talking about the advantages of the medical industry? Because without proper technology, you could be putting your medical office at risk. Despite the advantages, it is imperative to protect patient data from the most nefarious of culprits; hackers.
Medical Office Hacking
Several people have authorized access to a patient’s medical records including: doctors, nurses, billing officers, database administrators, and office staff. Patients usually have access as well, via online portals.
But like germs a hospital aims to treat, this information may spread and cause problems. The US Department of Health & Human Services has reported 116,000 data breaches in 2009, when the law was first enacted – affecting about 31.3 million people.
In April 2014, health care provider, Community Health Systems, experienced a breach affecting 4.5 million individuals, stealing “nonmedical patient identification data.”
Why Hackers Love EHRs
The biggest reason hackers love EHRs is the value of the data contained therein. Hackers can use personal data obtained to claim medical benefits, file illegal tax returns, commit identity theft, or even blackmail patients. EHRs are 10x more valuable than credit card information on the black market, according to a Reuters report.
Another factor that makes EHR a prime target is the lack of awareness among healthcare institutions. Many do not have enough experience protecting data, because they are busy helping their patients live happier, healthier lives. There is a lack of cybersecurity professionals in the healthcare industry.
How Hackers Gain Access to Medical Data
Many hackers get access via ransomware. This infects computers in the network, and encrypts files, making them inaccessible to the intended user. Similar to kidnapping, hackers ask for a ransom to unlock the data. Most EHRs lack basics like antivirus or firewalls, and many fail to update their systems regularly.
What You Can Do to Protect Medical Office IT
Patients are entitled to know how their health records are secured under HIPAA (the Health Information Portability & Accountability Act). If their information is not secure enough for their liking, Rachel Seeger, spokeswoman for the HHS Office of Civil Rights, goes as far as to recommend that they change doctors.
For health care providers. Take the following steps to keep your records secure:
Invest in a reputable EHR vendor that will work with you closely to secure your system
Invest in training your employees on how to properly utilize your records system
Establish proper user logins and verification of authorized users
Perform periodic audits to check for any security breaches or identify weaknesses
Encrypt patient data
If that sounds like too much to handle, consider investing in professional managed IT services that can do that for you after the EHR vendor has installed the system.
Besides the health of your patients, medical record safety should be a top priority for healthcare providers. It is not enough to ensure that your patients are healthy – make sure your systems are safe from hacking or misuse. It is everyone’s responsibility to keep this information secure!
Why Your IT Services Must Include Security Against Ransomware
You wear many hats as a business owner. IT shouldn’t be one of them. But are the IT services you’re employing doing an effective job at stopping some of the biggest cybersecurity threats to small businesses today? If protecting against the threats posed by ransomware isn’t on the list, your small business might be in jeopardy.
Ransomware is a Bigger Threat Than You Might Think
As the name implies, ransomware is when hackers take all of your business’s data (including sensitive financial information and customer details) hostage and demand a ransom. It hits suddenly, without warning. One night you close up shop as usual and the next morning you arrive at the office unable to open or delete any of your files. The only way to regain access is to pay up. Prolong payment and the ransom amount will increase.
Small and medium sized businesses like yours are the biggest victims of this threat. That’s because SMBs usually employ outside IT services to help manage their technology. If ransomware protection isn’t on the list, they’re the ones that are most likely to fork over the money to keep their business up and running.
It’s a Commercial Operation
Ransomware isn’t a new threat but it is quickly becoming an epidemic. There are commercial outfits running the game, making the hackers more powerful, effective, and downright destructive. These hackers are raking in upwards of millions of dollars each year preying on unsuspecting business owners.
If you’re not proactively working to protect your business from this growing threat, you’re in danger.
How Your Small Business IT Services Can Save You From Falling Victim
Train Your Team
Ransomware wreaks havoc after one person unsuspectingly opens a seemingly innocent file in an email. Training your team is the first line of defense against this threat. Your IT services provider can help talk to your employees and teach them about how to identify dangerous links or attachments to minimize the threat of your business being attacked.
Keep Your Security Software Up-To-Date
Anti-virus and anti-malware security software is essential in today’s business environment. But you can’t just install it and then forget about it. It must be kept current to stop the latest strains of threats. The company providing you with this essential service should ensure you’re always up-to-date with your computer security software.
Backup Your Data
The best way to protect against ransomware? Back up your data!
Data protection software will regularly scan your computer and take snapshots of your data. If you’re hit with a demand for ransom, you can hit the reset button to the last snapshot, essentially turning back the clock and restoring your company’s data to before the attack.
Not Sure if You’re Protected?
The risk isn’t worth it. Let us know if you’re in doubt about whether or not you’re protected. We’ll do a free security audit on your IT to expose any potential threats and show you how you can get more secure.
Save
Save
How a Simple Backup Plan Can Save Your Business Thousands of Dollars
Do you cringe when you hear you need to backup your data? You know it’s important, but the thought of implementing a backup system in your small business sounds daunting and costly.
Unfortunately, in today’s world where cyber security threats run rampant and business is done online, having a backup plan is no longer an option. Protecting your data by backing it up has become a non-negotiable.
Fortunately, simple backup plans have made this essential technology more affordable and easier to implement.
Data Loss is More Common Than You Think
Data loss doesn’t just happen to large businesses, or companies with lots of servers. It happens daily to unsuspecting small businesses for a large variety of reasons.
In the U.S., a hard drive dies every 15 seconds, according to Carnegie Mellon Universities.
There are 3.5 new hacking threats every second, according to Trend Micro.
Neglected software updates and patches can lead to lost files.
Human errors lead to deleted files, misplaced USB drives, and lost hardware.
Natural disasters can strike anywhere, anytime, and in any business.
Ransomware is a fast-growing threat to small businesses.
The list of reasons could go on and on. Regardless of how or why data loss occurs, it immediately puts a halt to your operations. The lack of productivity and prolonged downtime can chip away at your profits, costing your business beau coup bucks.
The True Cost of Data Loss
Many small businesses don’t realize the true costs of not having a protection plan in place until it’s too late. When disaster has struck and you’re struggling to recover your customer’s information, your business intelligence, and other essentials, you’re not working on your business. Your business is suffering from downtime. That downtime can add up quickly.
80% of data interruptions close a business for a day or more, according to a 2009 Disaster Recovery and Business Continuity Survey;
43% of businesses that suffer a major data loss never reopen their doors, according to studies at the University of Texas;
And 70% go out of business within a year, according to DTI/Pricewaterhousecoopers.
The reason? 75% of customers are more likely to stop dealing with businesses who experience data loss because they don’t trust them anymore, according to the Ponemon Institute’s “Reputation Impact of a Data Breach” report.
How to Simplify the Data Backup Process
Are you sold on the importance of data backup yet? I hope so. But if you’re like most small business owners, you’re hesitant to start backing up your data because you’re busy. You have too much going on to research backup solutions and implement a backup process.
Backing up your data doesn’t have to break the bank, or break your back (figuratively, of course). There are a few simple things you can do to protective your business’s most sensitive information and avoid disastrous downtime.
Get an External Hard Drive
External hard drives come in all shapes and sizes. The amount of data you have and the features you need will determine which hard drive is right for you to use as backup.
You can hard drives with wifi-enabled backup, which means you don’t have to have a clunky mess of cables just to secure your data.
You can get hard drives that are smaller than shoeboxes, which means you don’t need to have bulky hardware cluttering up your office.
There are a wide variety of options that will work effectively to keep your business data safe that don’t require you to sacrifice closet space to store large equipment or for you to remember to move your data over so it stays safe. Set up is easy, storage is small, and backing up your data is simple.
Supplement With Software
Having hardware as your exclusive form of business backup can still mean you’re at risk of disaster if a fire, flood, or other natural disaster breaks out. Supplementing your backup plan with software is a smart idea.
There are plenty of software solutions that work quietly in the background to store your most up-to-date data. Carbonite, for example, sits on your computers and constantly takes snapshots of your data so if something goes wrong, you have the latest version of your files. There’s no risk of forgetting to update. It’s done for you. Simple.
Ready to Get Started?
Data backup isn’t optional. It’s necessary.
If you’d like help finding the right simple backup solution for your business, we’re just a phone call or email away. Get in touch with us to learn more about how you can secure your business without tremendous work or high cost.