Big data breaches among companies like Yahoo, Target and Equifax in recent years have presented a few alarming questions, the least of which is: If these large companies with reasonable IT and security budgets can't protect themselves, how can smaller businesses and individuals?
"Whether you're a home user or a business user, we're all more connected now than we realize," said Dr. Jared DeMott, founder of VDA Labs—a specialized information security firm based in Rockford, Michigan, that provides penetration testing, advanced security training and code security services to leading organizations across the country.
Not only do companies, both large and small, stockpile private information like credit card numbers from individuals, but also more and more things are being connected to the Internet of Things: phones, houses, cars ... refrigerators.
DeMott notes these cyber connections can be really good—they make life more convenient.
They also have their downfalls.
"Assume breach mentality," DeMott said. "Assume that your username and password, your credit card, all the private stuff about you, will be exposed at some point ... You can get away with really bad cyber hygiene for a while, but eventually it will catch up to you, and you'll have a problem."
DeMott offers tips to be proactive about cyber security to help keep your home, business, finances and identity safe in 2018 and beyond:
Manage your passwords.
Regularly update your passwords, make them strong, and don't use the same one for all your accounts. "Hackers know people do that," DeMott said. When one account is exposed, it allows access into other accounts. DeMott recommends using a password manager to help keep track of your accounts.
He also notes that in an era of widespread corporate hacks, individuals and businesses often need more protection for their passwords—especially for sensitive accounts.
That's where multifactor authentication comes in. Two-factor authentication uses multiple pieces of information to verify your identity. To log into an account, you may need to enter a code that is sent to your phone, as well as your username and password.
"Even if your username and password are stolen, it's unlikely that a hacker will come and take your phone from you too," DeMott said.
Update devices, invest in security software and backup data.
If you keep all your software updated with the latest security patches, you're a lot less likely to get hacked. "A lot of vulnerabilities [hackers] use are related to out of date software, particularly for every day crimeware or ransomware," DeMott said.
Many devices will alert you about backups, and you can turn on automatic updates so you don't have to think about it. Other devices, such as cable modems, require you to update them manually.
Backups also help. Even if you're up-to-date, DeMott notes you could click on the wrong file and lose data. If you regularly back up your information, you don't have to pay a ransom to restore it.
Be street smart.
DeMott notes that surfing the Internet is as similar as if you were walking down a street at night—be careful about what you do online, which sites you visit and what you share. Many of today's threats are based on phishing or social engineering, and there are a lot of opportunities to share business or personal information. Open social media accounts also enable attackers to spy on people or guess at passwords, and if they breach your account, they can spam your friends and family.
Written by Cassie Westrate, staff writer for West Michigan Woman.