The best way to keep your files secure in today’s internet age is to keep things offline, period. Unfortunately, that’s not possible with present technology. We can’t move backwards in business, but to keep moving forward with new conveniences such as cloud computing, we all need to be aware of new risks and challenges that may arise. Here’s what you should know when it comes to security breaches:
You may have heard about celebrity photos being stolen from the cloud storage space. When we rely on cloud computing, we are all exposed to this same risk. Unless you have your data stored on your local computer, which is not online, we all face this risk anytime we are transmitting data online, email, in the cloud. Be aware of who has access to your files in the cloud, change the password to something memorable that has characters, numbers and capital letters in it, and keep changing it on a regular basis. (Definitely do NOT use something like “password” or “0000.”) Audit the status of your cloud access on a regular basis and make sure your team is following policies you’ve put in place for access, sharing and password changes.
Browser hijacking occurs when scammers install malicious software (malware) to take control of your web browser. It can occur more often than you think. It can happen again with weak passwords, or with the security issues in the software itself. You need to make sure your software is up to date (most current version) and put in place strong password policies. Sometimes, hijacking can occur without you realizing it, and scammers can figure out deceptive ways to get your password or your account information. Do not use your password for a site that is not yours, and review your credit card and bank statement often.
DoS stands for Denial of Service, and it is basically when an attacker tries to prevent a legitimate user from accessing information. According to US-CERT.gov
: “The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a 'denial of service' because you can't access that site.”
This type of attack can similarly happen over email and in the cloud. When this happens, contact your service provider.
Of all the technology we have in this new age, humans are still the cause of major scams using a technique called Social Engineering. This occurs when they call or email your office, pretending to be your staff, or your bank, or someone familiar, and try to get sensitive information such as your passwords, social security numbers and such. Again, you will need to have a policy and procedure for recognizing and handling these types of phony calls or emails to prevent any type of fraud.