Protect and Defend Your Data

Davide Bonazzi

Most of us lock our cars, rely on home-security systems and avoid dangerous neighborhoods. When it comes to cybercrime, however, we do relatively little to protect ourselves, even though last year, on average, an American fell victim to identity theft every two seconds.

Antivirus software identifies less than 5 percent of new computer threats, says Marc Goodman, underscoring why we need to take steps to guard against a growing number of dangers.

Goodman makes the following recommendations to help you fend off international organized crime, hacktivists, foreign nation-states and other predators, all of whom are “coming after you and your data on a daily basis,” he says.

Tune in, then turn off

If you’re not using your computer, Wi-Fi connection or smartphone services, turn them off. Thieves can reach out and touch your machine any time you’re connected to the Internet. Likewise, turn off Bluetooth and cellular hot spots to reduce potential avenues for attack. Just by turning your Wi-Fi off before you go to bed at night, you reduce your risk of attack by about one-third, Goodman says.

Protect your password

Never use the same password on multiple sites. And keep the passwords complicated. It’s best to use a password-management program that can generate unique passwords at least 20 digits long.

Find passwords hard to keep track of? Use password wallets. The safest are operated by 1Password, LastPass, KeePass and Dashlane.

Google, Apple, Facebook and others allow users to take advantage of two-factor authentication, which means thieves can’t access your account, even if your primary password is hacked, without physical access to your phone.

Think twice before you download and click

Download software only from trusted parties or directly from a company’s own verified website. Be extremely cautious of clicking unfamiliar links and attachments. “Bad clicks are the most common cause of infections,” Goodman says. “When in doubt, don’t click — throw it out.”

Be wary of apps and their permissions — the cost of free apps is your privacy. Choose the Windows or Mac setting that “whitelists” software, so only approved programs can run on your machine. On your computer or device, search for the option to, for instance, “only download and install apps from the Mac App Store.” Selecting this option means rogue apps can’t be installed.

Update and encrypt

Modern software is riddled with security vulnerabilities that hackers exploit to break into computers and devices. Plug these holes by setting your software to automatically update from trusted parties. You can do this by selecting the “update automatically” option in Windows, Mac, Firefox, Chrome or Microsoft Office.

The best way to protect your data is by encrypting it. Encryption makes your information useless to others by “using large prime numbers to scramble your data so that only those with the secret key can read it,” Goodman says. Attackers gained access to information, records and Social Security numbers at Sony Pictures and Anthem Blue Cross simply because the information wasn’t encrypted.

For those using personal devices, Windows and Mac offer free built-in encryption programs. Setting a password on iPhone automatically encrypts that device.

Prepare for attack

Coordination is crucial in combating cyberattacks. If you run a company, make sure those in charge of such areas as corporate risk, general counsel, marketing, information security, computer systems and personnel security work closely together to fend off possible attacks.

Businesses should actively search for hacks and other attacks rather than waiting for them to occur. Remember, hackers routinely break into firewalls and antivirus systems.

The military conducts exercises to try to breach its own security measures. Shouldn’t you conduct your own war games to fight cybercrime? And have a plan for an inevitable hack. If one takes place, don’t assume others will handle it.

“Cybersecurity is everybody’s responsibility,” Goodman says. “When it happens, all hands on deck will be required, from the CEO, COO and CIO, to the CSO, CMO and general counsel.”

— G.Z.