Nobody wants their personal or business info compromised, but that’s exactly what’s happening more and more as ransomware attacks ramp up. It’s hard to find someone these days who hasn’t been targeted, whether through email or text.
So what exactly is going on? Well, hackers make money by holding your data and files hostage until you pay to get them back, and the ways they’re doing it are getting more sophisticated and harder to detect. There are ways you can protect yourself from attacks. Let’s start with some easy ones.
Set up 2-factor verification on your accounts.
This adds a second layer of security so that if your password is compromised, someone will also need your phone or additional security code to access your account.
Use passphrases rather than passwords.
Simply put, a phrase is harder to guess than a word. The additional complexity helps to ward off an unauthorized breach.
Don’t click on spam emails or texts.
If you don’t recognize the sender (and sometimes even if you do, but something seems off about the message), don’t click on links from incoming text messages or emails on any of your devices to protect yourself from inadvertently downloading malware. Delete, delete, delete.
Now let’s talk business. More than half of ransomware attacks are aimed at small or medium-sized businesses, many of which can never recover from the losses. According to the National Cyber Security Alliance, an estimated 60% of small businesses fail within six months of an attack. With the shift to remote work during the course of the pandemic, this number is on the rise thanks to the vulnerabilities of unsecured home networks. At Rare Bird, we’re committed to ensuring the security of online client assets as security threats continue (and they most certainly will). Here are a few of the things we’ve implemented; perhaps these will give you some ideas to help safeguard your information.
We take nightly backups of each server separately and store multiple backups for an extended period. Some of these are periodically off-loaded to a separate, secure storage environment for safekeeping.
All server software is automatically updated with security updates as they are made available. Additionally, we regularly schedule more in-depth server software updates as software approaches its end-of-life and needs to switch to a new major version. The codebase and any associated 3rd-party plugins are updated regularly to ensure the latest security patches are installed.
We employ an outside security company to perform monthly security scans to expose any vulnerabilities. These companies deploy similar software and techniques used by hackers to evaluate security, identify weaknesses, and recommend ongoing fixes.
Security of online information is a continually evolving issue, and we’re frequently reviewing our policies and procedures to help protect data. While most companies aren’t maintaining critical data on their websites that could have a major impact on the life of the business, it’s simply good practice to review how you’re handling things to mitigate the risks.
If you need additional motivation to put data security on your to-do list, we’d recommend reviewing the case of law firm Mossack Fonseca, commonly referred to as “The Panama Papers,” which we detailed back in 2016. If you have questions or concerns about online security, feel free to reach out to us.