When Making Your New Year’s Resolutions, Don’t Forget Your InfoSec Resolutions


There are the common New Year’s resolutions like unplugging more often, planning more vacations or staycations, reading more books, writing a book, and losing weight. But, in today’s connected and always plugged in world, it’s easy to ignore technology. So, in keeping with the spirit of the season, here are five resolutions that should not only be part of a list of resolutions to celebrate the New Year but should also be part of a regular security awareness plan for every midsize business.

If you have one key password or several, change them every couple of months or at least quarterly. Use Microsoft’s Password Strength Checker (https://www.microsoft.com/security/pc-security/password-checker.aspx) to determine the strength of your password, and don’t forget to use lower case letters, capital letters, and symbols – and preferably 10 or more characters. Don’t use any information that other people could figure out about you, such as, the names of significant others, kids, pets, or streets. And if you have so many passwords that you cannot remember them all, consider using a cloud-based password manager program. Check out reviews online before downloading or purchasing.

Abbreviated links may be synonymous with social media, but don’t click on any short links before seeing the link it its entirety first. Here are two options to convert an abbreviated link back to its full link: http://checkshorturl.com and http://urlxray.com. Here’s an example of what can happen if you don’t check out a link before clicking: a co-worker clicked on a link she thought was sent by a reputable person, but the abbreviated link led her straight to a contaminated site, and before she knew it, her computer had been compromised, and her hard drive had to be reformatted. Her IT admin was not happy, but at least, the entire network was not affected. Learn from this person’s mistake – and don’t let it happen to you or your business.

Do you have important spreadsheets on your computer: anything from a list of passwords to a confidential customer list? No matter what important files you may have, consider password-protecting them. This will add a layer of protection to the information in the event that a breach happens – and be realistic, a breach will happen eventually.

ALWAYS use virus protection. Always allow auto-updates. For an additional layer of security, consider Malwarebytes Anti-Malware. (http://www.malwarebytes.org) It’s always good to have a second opinion of a file’s security.

Everyone who knows me knows that this is my mantra, but I know people who swore that they had no need to back up their systems. With electrical surges, storms, tsunamis, earthquakes, etc., who wouldn’t agree that it’s better to be prepared than to have to re-create all your files and documents? And what about photos, illustrations, or other images? Today, most of us keep photos on our computers, laptops, tablets, and smartphones. If your system got corrupted, how would you recreate those photos and images? How would a business recreate its archives containing years of product images? So, once a week, or even more often, back up your entire system. Even if you’re not a system admin, add the back up to your smartphone or other mobile device calendar.

If you follow these practices on a regular basis, and not just at New Year’s, you’ll be one step ahead of the cyber criminals who want access to your data or to turn your system into a tool for cybercrime. Happy New Year, and make it cybercrime-free.

Image Credit: Stuart Miles via FreeDigitalPhotos.net

This post was brought to you by IBM for MSPs. Dedicated to providing valuable insight from industry thought leaders, PivotPoint offers expertise to help you develop, differentiate, and scale your business.

wordpress blog stats

About Allan Pratt

Technology and cybersecurity professional with focus on tech news, cybersecurity, networking, infrastructure, data protection, consumer electronics, and social media.
This entry was posted in Business Process, BYOD, Cloud Computing, corporate data, Cybersecurity, Data Breach, data protection, Data Security, Disaster Recovery, Management and Technology, Network Security, Online Security, Tech Equipment and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s