We live in a data-centric world where everything valuable is now stored on our computers, with a large portion of that data stored on the internet -- from saved passwords to bank details. Having this data stolen entails more than just having the hardware stolen but something that can happen to anyone, anywhere. Data breaches are not only harmful to individuals but also to organizations that put their trust in their employees. Your digital habits may be leaving you vulnerable to a data breach, allowing hackers to access your workplace data.
Each year it becomes more vital to talk about the new threats that the digital realm imposes on us and the steps we can take to protect against them. Instead of leaving your workplace data vulnerable, here are some tips to protect yourself, and the company you work for from a data breach.
As the remote/hybrid work environment continues post-pandemic, more people are accessing sensitive company information from places beyond the office. More people are opting for co-working spaces, hot-desking, or even the local coffee shop. The change in scenery is in theory, a nice option, but if the correct security measures aren’t taken into consideration, employees could be leaking sensitive information without even realizing it.
The risks of connecting to an unsecured Wi-Fi connection are endless. Hackers could intercept your incoming and outgoing messages or hijack your session altogether to gain access to everything on your computer. The best way to protect your data when connecting to public networks is to use a virtual private network (VPN). This will enable you to hide your IP address and encrypt your information.
Although downloading a VPN helps protect against hackers, it doesn’t stop them altogether. If you find yourself working from public Wi-Fi, save sending any confidential files until you’re connected to a more secure network.
When you think of malware, you think of pirated software, and it’s an obvious tip to not download anything illegal onto your work devices. However, you can still contract malware even if you had no intention of downloading it in the first place.
When you forgo the required software updates that pop up on your computer, the security that is built into the application decreases. Unpatched applications have faults within their code leaving them vulnerable to hackers. The software can only stay secure if it’s up to date, so be sure to check for updates often. The next time updates pop up on your work computer, take the time to download them to ensure your work’s private information stays private.
According to Comparitech’s study, 23% of data breaches are a result of human error. Whether it is an email or a text, we have all seen messages that disguise themselves as another recognized business and encourage you to click the link. Phishing has become more sophisticated and harder to detect over the years, but there are still a few things you can look out for. Check the email address that it is actually coming from and not just the name. Is it a reputable company with slightly altered spelling or under .co when it usually comes from .com?
According to the Egress Insider Data Breach Survey 2021, 56% of IT leaders believe it will be harder to prevent data breaches caused by human error or phishing in the remote/hybrid work setting. Without the office environment and the help of the IT department just down the hall, it is more important than ever to know what to look out for.
Trust your gut -- if the message looks suspicious, don’t click on the link!
As the workday goes on, you open more and more tabs in your web browser. From your company’s confidential PDFs, working Google docs, email browsers, various news outlets, and possibly your own social media pages. Before you know it, your web browser looks like a cluttered mess. We are all guilty of it, and while it seems innocent, it could leave you vulnerable to a data breach.
The term here is “tabnabbing” and describes how hackers impersonate popular websites to convince users to submit login details to seemingly genuine websites. For best digital habits, keep your opened tabs to a minimum and close them when you’re done. This is especially important when working remotely as you may not have that added layer of security an office would.
Additionally, keep your browser windows separated between personal and work accounts. Google Chrome, for example, enables users to maintain separate profiles that link back to the different Gmail accounts. Be sure to use entirely different passwords and credentials for each.
The longer a breach goes undetected, the more sensitive information can be leaked. Ponemon Institute and IBM Security 2021 Report finds it takes on average 212 days to identify a breach. Until you know you have been hacked, you cannot take the necessary steps in protecting yourself. In fact, a hacker could be stealing your data continuously until you discover the breach.
In May 2021, Facebook confirmed their data had been hacked, leaking information from 533 million accounts. However, it is believed the hackers accessed this information back in 2019. It poses the question, if the hack was detected sooner, could more have been done to prevent the data leak?
Preventative measures to take include changing your password on a regular basis. Turn this into a habit every three months. Turn on 2-factor authorization -- this can be done with your mobile number but there are applications that implement this security feature as well. To take your security one step further, opt for an Endpoint Detection & Response solution that can monitor your system for viruses in real time and provide additional protection. Lastly, if you suspect your data may have been breached, seek advice from an IT consultant. You may not have a full understanding of how far the breach has gone.
Over the years, hackers have become increasingly adept at exploiting vulnerabilities within user activity. They have adapted their techniques and UX design to seamlessly intertwine with your software. To protect your workplace data, it is important to change your digital habits, implement some necessary security measures, and stay vigilant.