Last month we hosted a webinar on the topic of cybersecurity, “A Fireside Chat on Cybersecurity: The Pathway to Digital Peace of Mind.” Our guest was Erin Donham, a Senior Technology Consultant for Charles Schwab. Erin provided us with a lot of important and useful information as well as actionable suggestions on how to work towards “digital peace of mind”! We’re eager to share our top 5 takeaways.
- Adopt a “culture of skepticism” when it comes to online activities. Slow down and take a moment when reading email or texts. Before clicking any links, stop and think if it makes sense, if you recognize the sender, if the email address (when you hover over it) looks legitimate. Err on the side of deleting anything that seems suspicious or unexpected, and when in doubt, pick up the phone and call the sender to verify.
- Passwords & password managers were a hot topic, with good reason. Erin stressed the importance of unique, complex, and lengthy passwords. The difficulty in cracking a password rises exponentially with each additional character added in length. Passwords with 7 to 9 characters can be cracked in a matter of hours (if not quicker). A 16-character password can take decades to crack. It’s also crucial not to use the same password on different accounts or portals. A password manager will store all your unique passwords in a safe and secure way. Several of the most popular password managers are:
- Password
- DashLane
- LastPass
- Bitwarden
- iCloud Keychain (Apple)
- Multi Factor Authentication (MFA), also called Two Factor Authentication, is critically important. These days, it’s the single most effective strategy to keep fraudsters out of accounts. Whether you receive the second factor via your phone, a token, or use biometrics such as face recognition or a fingerprint, the important thing is to set it up across all the accounts you have. Using email to receive the second factor is not recommended, in case your email has been hacked.
- Cell phone “smishing” is the practice of sending fraudulent texts to try and get you to click on a link in the text message. Be on guard for these and delete them – don’t click the link. Be sure to set your phone to lock after 30 seconds of inactivity. This may be annoying, but important if you are using your phone out in public where someone could easily walk by and grab it from you. Be sure you have activated the features that locate and remotely wipe your phone. As a best practice – put your phone in your pocket or your bag when you are walking down the street. Look up not down!
- Stay off public Wi-Fi. If you do need to use public Wi-Fi, it is preferable to use a VPN (Virtual Private Network) that encrypts your data in transit, or to use the hot spot on your cell phone. It is generally not necessary to use a VPN when on your home network. But do remember to change the password on your router from the factory default.
One of our attendees asked how we can remain calm in the face of all this. Erin’s answer is a good closing reminder for us all: assume your information is already on the dark web, take the appropriate steps regarding your passwords (unique, complex, lengthy), and get on with living your life.
We’re happy to do a deeper dive into any of this if you would like, just give us a call. In the meantime, enjoy the lovely fall weather.
