While we’d like to believe the holiday season relieves us of cybersecurity threats, unfortunately, the weather isn’t the only thing that’s frightful this time of year. Cybercriminals don’t take a break while you travel home for the holidays.
In today’s smartphone era, more employees than ever before are using their personal computers and devices at work — devices they’ll be traveling with over the next few weeks — and possibly exposing your business information to countless threats.
Stay safe while traveling and ensure your network is in good standing this month by avoiding these risks and pitfalls.
Before you leave your office, be sure to set up two-factor authentication on all your profiles and your VPN network. This year, cybercriminals have made a habit of exploiting databases and payment processing systems with remote access tools. Implement multifactor authentication for all users with privileged access — including third-party vendors. Employing passphrases also increases your safety and makes you harder to hack.
No Malicious Links
You’re going to receive an uptick of emails from all sorts of holiday card platforms — seemingly from familiar people or businesses. But are they really? Don’t forget, spear phishing accounts for a large percentage of cyberattacks. Cybercriminals have become extremely adept at imitating familiar platforms and creating convincing lures. Before clicking on an attachment or even a “track package” link, contact your friend to confirm this is really from them or double-check the item matches something you bought from the corresponding company. And don’t forget to remind your employees to practice safe clicking!
Restrict Keychain Privileges
This year continued the trend of increased eCommerce via mobile traffic. If you’re doing some last-minute shopping, be safe with your financial information. The biggest culprit of leaked information in 2017 came from misconfigured servers that unveiled billions of user records from SQL injection attacks. Remember, risk should always supersede convenience in your online habits. Always look for the lock icon in the browser address to ensure a secure connection to websites.
(Lock icon in the URL bar indicates secure connection)
A creative method of making yourself a less easy target is getting creative with answers to security questions. While you want to avoid using obvious information that a criminal could wane from perusing your Facebook page, feel free to make answers that are impossible to guess. For instance, as far as E*TRADE knows, my mother’s maiden name is “H0ckey pUck.”
Whether you’re at an airport, coffee shop or even a ski lodge, beware of fake internet hotspots. Avoid enticingly named, unsecured connections like, “FreePublicWifi,” as these tend to be traps that pull your usernames and passwords. Always protect hotspot traffic using VPN tunnels or SSL/TLS sessions.
While traveling, always keep a close eye on your devices or USBs. New York’s LaGuardia airport finds thousands of unclaimed mobile devices each month — imagine how many lost devices go unreported and wind up in unwelcome hands.
Avoid Dangerous Downloads
Over the course of the next week, thousands of families will be unwrapping new laptops and smartphones that will (for the most part) come with security software. However, while it may be tempting to download that new, exciting game or access your social media profile on your new devices, make security a priority and create strong passcodes, encrypt your storage and if you’re really gung-ho about cybersecurity, set up remote wipe on your iPhone through iCloud or by using Google Sync for an Android device.
Likewise, thousands of new games and apps will launch for download just in time to target these new devices — some of which may be cleverly disguised schemes to loot your private information. Keep an eye on bored kids at your holiday event to make sure they’re downloading with caution.
Set up Alerts
Reach out to your MSP and ask for a security audit before you leave your office to ensure all your firewalls are in place and functioning for some peace-of-mind. While you’re away, a reliable MSP can monitor your network remotely and will alert you in the event of activity or a breach.
If you take these steps to prepare your company and secure your devices for the holidays properly, you’ll greatly reduce the risk of a Grinch raining on your parade, and increase the likelihood that when you return to your workflow in January, you won’t find a disrupted or compromised server.