World-renowned hacker turned cyber security consultant Kevin Mitnick provides his top tips on protecting your business from cyber attacks.
There are plenty of risks to your business in the digital age, with fraudsters and cyber hackers after everything from money to data, or simply wanting to create havoc.
According to Kevin, these four steps form the most secure way to manage digital log-ins and applications in both your business and your private life:
1. Use a VPN
“Whenever an employee connects to an open wireless network, ideally they should use VPN, which stands for virtual private network,” Kevin explains.
“So when they are connecting at the local coffee shop or wherever they have open wireless networks, they immediately connect to a VPN service. It costs about $60 a year if you purchase access as a consumer.”
2. Don’t choose your own passwords
“Don't pick your own passwords,” Kevin advises.
“Use a password manager like LastPass or 1Password. What that does is it enforces that you have a different password at each different employee, application or website, and basically stops the common problem from happening of people using the same password on a multitude of sites.”
Kevin also has some useful advice on what makes a good password – some of which goes against common practice.
3. Use two-factor authentication
Anyone familiar with mobile banking will have used the process known as two-factor authentication.
“As far as setting up access to systems or sites like eBay, Amazon, Google or any of these sites ... enable two-factor authentication.
“So before you can log in, not only do you have to have your username and password, but you usually through a mobile device get a text message, or there'll be an application you can install on your mobile device that actually will contain a code, and the code changes every 60 seconds, and you need all three things to actually gain access to the system that you want to gain access to.”
4. Open attachments using Google Docs
“Whenever you receive an office document or a PDF file in an email, use Google Docs to open it or Google Quick View,” says Kevin.
“Don't open it on your computer with your typical Adobe software, because there are so many security flaws in Adobe that might be a method a social engineer is trying to use to break into your computer.”
Check out more advice on protecting yourself online in this Q&A with Kevin Mitnick, or read more about specific types of scams targeting SMEs, such as phishing scams, fake recipient fraud and bogus up-front payment requests.
Employer obligations for work travel explained
By Nathan Luke
Too many SMEs are making this mistake
By Adam Joy
Taking digitisation out of the ‘too hard’ basket for SMEs
By Jason Brouwers