With over three billion internet users around the globe totaling roughly 40% of the population, the internet is rife with opportunities for hackers to steal users’ information. And with technology constantly evolving and the internet growing, it’s not likely to get safer anytime soon. It therefore pays to take extra precautions when surfing the web. We’ve compiled these three easy tips that can amp up your online security.
Tip #1: Use HTTPS
Short for Hypertext Transfer Protocol Secure, HTTPS indicates that a website has an extra layer of security for its users. This layer encrypts data exchanged between a user’s browser and the web server that delivers the data that the user requests. To use a simpler comparison, imagine someone tapping your landline, but instead of getting to listen in on your conversations, they’ll hear people speaking in tongues instead.
In August 2014, Google Chrome, the world’s most popular browser, announced that having HTTPS makes your website rank higher in its search algorithm. And since October 2017, the browser began flagging non-HTTPS websites as not secure whenever users try to fill out something as simple as a contact form on it. In July 2018, Chrome started showing a “not secure” warning on any website that does not implement HTTPS, whether or not users are filling out a form there.
Because of Google’s measures, the security protocol has been widely adopted. Even if your website does not contain or ask for sensitive information, implementing HTTPS on it engenders trust and a sense of security among internet users, while staying left behind security-wise will make web visitors abandon or avoid you sooner or later.
Tip #2: Embrace multifactor authentication (MFA)
Since account credentials can be easily stolen via phishing attacks, username and password combos are no longer enough to keep bad actors at bay. To ensure that the one accessing an account is truly that account’s owner, additional identity authentication steps must be implemented.
These steps can involve the use of the account holder’s device — the one logging in must first verify their phone number, receive a one-time password on their smartphone, then enter that code in the access portal before the validity of the code lapses. Alternatively, MFA may ask for a face, retina, voice, or fingerprint scan for authentication. MFA can be a bit of a hassle for your internal and external users, but a little inconvenience is a small price to pay for immensely effective cybersecurity.
Tip #3: Update browsers and devices
Did you know that dated versions of browsers, operating systems (OSs), and even other software packages can create an easy entry point for hackers? Often, new updates are created specifically to fix security holes. And hackers are ever aware that people can be lazy, saving that update for another day that never seems to come. They’ll often try to take advantage of this, searching for outdated devices to infiltrate while their victims watch YouTube on last year’s version of Firefox.
Yes, installing an update might take 15 minutes of your time. But it can pay dividends in preventing a security breach that could cost you or your business thousands.
Looking for more tips to boost your internet security? Get in touch to find out how we can help.
In the digital age, cybersecurity should be one of the top priorities for anyone who goes online. One way is to vet those who are trying to access your systems. But when it comes to verifying users’ identity, many are unaware of the two kinds of authentication measures available. Read on to know the differences between two-step authentication and two-factor authentication.
If you want to improve your business’s cybersecurity for you and your customers, you should look at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cybersecurity. Many businesses use the terms two-step and two-factor authentication interchangeably. There are, however, subtle differences between the two.
A two-step authentication process requires a single-factor login (such as a password or biometric reading) as well as another similar type of login that is essentially sent to the user. For example, you may have a password for your first step and then receive a one-time-use code on your cell phone as the second step.
Two-step authentication adds an extra step in the verification process, making it more secure than single-step authentication (i.e., just the password). However, if a person or business is hacked, it won’t be enough to stop hackers from getting a hold of whatever they are looking for.
On the other hand, there is two-factor authentication (sometimes referred to as multifactor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate a user’s identity. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.
The difference between the two
In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, make sure that you are using the right type of authentication in your business to keep your company and customer information as secure as possible.
Your network needs the best security technology has to offer. The type of authentication you should use is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.
Just updated to iOS 12, Apple’s latest software for iPhone and iPad? Have you checked out its new security and privacy settings? It’s a good idea to set these up right now so you can take full advantage of your device’s robust features.
Set a stronger passcode
iOS 12 now requires six-digit passcodes, and this means hackers will have a harder time cracking your passcode through a brute force attack.
That’s because you can now go above and beyond that by setting a passcode with 8, 12, or more digits, or even a combination of numbers and letters. To do this, go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones and iPads with Face ID) and enter your current passcode. Next, tap on Change Passcode and from Passcode Options, choose between Custom Numeric Code and Custom Alphanumeric Code.
Enable two-factor authentication (2FA)
With 2FA, you’re required to input both your password and a unique code sent to your device as an extra layer of security. The latter is considered by many as the most annoying thing about 2FA. But iOS 12’s built-in 2FA feature eliminates this step by sending the code to your device’s keypad, where it should appear as an Autofill option. Simply tap on the code to auto-fill the security field.
To set up 2FA on your iPhone or iPad, go to Settings > Password & Security > Two-Factor Authentication, and follow the prompts.
Keep track of and change your reused passwords
You don’t need to be told what a security nightmare using the same passwords for multiple websites, apps, and devices is. Luckily, your iOS 12 device has a feature that will check for password reuse so you can finally kick this dangerous habit.
To use this feature, go to Settings > Passwords & Accounts > Website & App Passwords and enter your passcode or authenticate with Face ID. You’ll see a list of all the passwords that you’ve used, and iOS will tell you whether you’ve used certain passwords before for various sites and apps.
A small warning symbol will appear next to each account with a reused password. Change the password by tapping on Change Password on Website, and keep your device protected from password reuse attacks called “credential stuffing.”
Turn on USB Restricted Mode
This feature makes hacking into your iOS device through USB cables next to impossible. It’s not an entirely new feature, though, as you first saw it in iOS 11. Essentially, USB Restricted Mode locks down the charging port into power-only mode to prevent attempts to breach your iPhone’s or iPad’s security while it’s connected to a computer. However, the iOS 12 version does this after just one hour of being locked — far shorter than the seven days it takes the iOS 11 version to do so.
To enjoy this feature, go to Settings > Touch ID (or Face ID) & Passcode, and turn off the USB Accessories setting.
Enable automatic iOS updates
You probably don’t think about updating your device unless Apple releases a major one. But by not updating regularly, you may be exposing yourself to a raft of security risks. You may also be missing out on cool and exciting new features, just like iOS 12’s auto-update feature.
Go to Settings > General > Software Update and turn on automatic updates to get patches as soon as they’re released.
With iOS 12, Apple has made massive improvements in the way you can keep your device and the data it holds safe and secure. For more tips on securing your iOS device and personal data, call us today.
In the wake of Facebook’s worldwide privacy scandal, it’s time to revisit some social media best practices. Your information is incredibly valuable, and you can’t rely on social media platforms to keep it safe from hackers. Heed these tips to make sure your Facebook and Twitter accounts are well secured.
Lockscreens exist for a reason
Make sure all your computing devices lock the moment you stop using them. This way, you are safe from the simplest hack of all: someone opening a browser on your computer that has your social media login saved. As long as your password isn’t your birthday or anniversary, you’ll be forcing hackers to work for access to your account.
Strong passwords are never out of fashion
Unlocking your phone may be limited to a six-digit passcode, but you’ll need something much more complicated for your account password. The first thing you’ll need to do is create a password that isn’t used for any other account. Because data breaches have become such a regular occurrence, hackers probably have a long list of your favorite passwords from other websites and platforms.
In this case, it is best to use a password manager like an app or online service that allows you to generate and retrieve complex passwords.
Another thing you can do is enable something called two-factor authentication, which requires you to type in a secondary code sent to your phone. Even if hackers have your password, they won’t be able to log in without your phone.
Make use of social media features
Facebook offers functions that help you keep tabs on who’s accessing your account and from
where. To use this feature, click the down arrow in the upper right corner of your Newsfeed and select Settings. Then click Security and Login to get more information. If you sense an imposter, click the right-hand icon to give you the option of logging out remotely or reporting the person.
From there, turn on Get alerts about unrecognized logins to be notified via Facebook, Messenger, or email if someone is logged into your account from an unrecognized browser. Unfortunately, Twitter doesn’t have the same option (that makes the two-factor authentication extremely necessary).
While it may be difficult for a hacker to barge into your Facebook or Twitter account through a third-party service that you have given access to your profile, it’s still advisable that you check what you have approved.
- Facebook: Go to Settings > Apps and Websites to view and manage outside service with access to your account
- Twitter: Go to Settings and Privacy > Apps to check and edit the list
Last, be sure to check the permissions mobile apps like Facebook and Twitter have on your smartphone or tablet.
- Android: Go to Settings > Apps > tap the icon in the upper right and then tap App permissions
- iOS: Go to Settings > Privacy to manage which service can access which parts of your phone
Less personal info, fewer problems
These steps are just the beginning of what you should be doing. The next thing you should consider is limiting the personal data you input into your social media accounts. If you have to put a ton of information, then be sure you read this blog from the top.
With a little practical knowledge, you can prevent Facebook and Twitter hackers from doing what they do. Cybersecurity is a sprawling issue and social media privacy is such a small sliver of what you need to stay on top of. For 24/7 support, call our team of experts today.
When it comes to protecting yourself and your business online, the type of authentication you use for logins, whether for business or for personal use, is vitally important. While many people understand that secure logins are crucial, the differences between the various security measures may be lost on many people. Before you give up on understanding the variances between two-factor and two-step authentication, read this article to learn more so you have a fuller understanding of your cyber security.
If you are seeking out a way to improve your business’s cyber security, both for your business itself as well as for your customers, you are likely looking at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cyber security. And in current cyber security, many businesses use the terms two-step and two-factor authentication interchangeably.
There are, however, subtle differences between the two. A two-step authentication process requires a single-factor login (such as a memorized password or biometric reading) as well as another of the same type of login that is essentially sent to the user. For example, you may have a memorized password for your first step and then receive a one-time-use code on your cell phone as the second step.
Two-step authentication does function to add an extra step in the authentication process, making it more secure than a single-step authentication (i.e. just the password). However, if a person or business is hacked, it will do only a little to stop hackers from getting a hold of whatever they are looking for.
On the other hand, there is two-factor authentication (sometimes referred to as multi-factor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.
In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, you can be certain that you are using the right type of authentication in your business to keep your business and customer information as secure as possible.
Your network needs the best security technology has to offer. What type of authentication that results in is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.