The breadth of data breaches is widening and now your personal computer network may be a target. Company executives, small business owners, investors, and others who tend to access sensitive or financial data from their home computer or mobile device may be at risk for a personal data breach.
An article that appeared in the 9/21/15 WSJ (Do Individuals Need Cyber Insurance?) notes that the types of users mentioned above have higher than normal exposure due to the sort of data they generally deal with; banking information, company financials, intellectual property, and other company related data. Though the scale of a personal breach may be smaller than that of a Target, Apple, or Home Depot, the impact may be devastating nonetheless.
The article also mentions that new services are being offered by insurance companies which allow an insured to purchase an audit of their home network and/or subscribe to monthly monitoring to guard against cyber intrusions. The cost ($1,500+) of these assessments can be well justified by people with a lot to lose. Combining such a service with some simple IT best practices may prove exponentially beneficial to protecting your data assets.
Here is a very basic list of “best practices” for your home network that may help mitigate personal cyber risk:
- Cyber Insurance – Though a personal cyber insurance policy is still somewhat hard to come by, individuals can purchase identity theft and credit monitoring services in addition to homeowners and renters insurance policy endorsements that may help cover the cost of phone calls, mailings, and some legal fees in the event of a breach;
- Strong Passwords – Ensure all of your passwords are complex. They should contain a minimum of 8 random characters, capital and lower case letters, a number, and a special character. For example “AdGj2378%”. In addition, update your password every 90-120 days and do not save them in a text file on your desktop. NEVER use default passwords on routers or any other devices;
- Cautious E-Mail/Internet Use – Many breaches start with an errant click by the user. Hackers and malicious users develop phishing and social engineering scams specifically to “trick” the user into clicking on an ad or to provide them with their personal information. Be cautious when opening bank accounts or applying for credit cards online. Anytime you enter your personal information, be wary. Question everything – especially if it has come to you in an email;
- Social Media Awareness – Between LinkedIn, Facebook, Twitter and Instagram, your entire life is documented online. Avoid posting your phone or cell phone number, birth date, or other personally identifiable information;
- Run Updates Consistently – Keep your software (Windows, iOS, OSx) up to date. Security patches are released on a regular basis and are designed to close vulnerabilities. Don’t ignore them.
- Anti-Virus – Make sure your anti-virus programs is up-to-date and receiving virus definition updates daily. Most real-time scanning software packages allow users to schedule regular scans on your PC;
- Malware Protection – Most anti-virus programs will protect you against some malware, spyware, and grayware, but not all of it. There is additional software out there that will protect your PC from these other forms of malicious software.
Identifying and securing yourself against cyber risk can be a daunting task. If the best practices noted above are difficult for you to understand, seek out training for yourself or a professional who can assist in safeguarding your home network. Unfortunately, cyber risk is no longer left at the office when your leave for the day.
About the Author
Jon Edwards is the IT Manager for The ALS Group. Click here to request more information about The ALS Group or on limiting your cyber risk exposure.