The fact that plays the primary role in the continued success of hackers is a lack of awareness and vigilance on the part of computer system users and website owners.
People who still use “password” as their password, and those who have extremely outdated software are the ones who encourage hackers. Many people still remain blind to their own vulnerabilities and for hackers its just a numbers game – try enough and eventually the will find a vulnerable one to exploit. But it doesn’t have to be yours!
1. Encrypt devices and files where possible
Be careful with data on all your devices and encrypt where possible. Information leakage can occur via any portable storage (DVDs, Memory Disks, USB Stick, etc), your internet connection, cloud storage services, e-mails, mobile devices (mobile phones, tablets, etc), laptops and more.
Cloud services tend to be based overseas, primarily in the United States, but the data servers may be hosted elsewhere around the world and thus have lower security and confidentiality standards than you would expect. It is worth reading through the privacy information on the cloud storage providers website before using such a services. The best way to minimise exposure of sensitive information being obtained by third parties is to limit what is stored on such services. Cloud services include, but are not limited to Google Documents, Dropbox, HighTail (formerly YouSendIt) and Box.
2. Security analyse your website before launch
Website hacking is more common than you think. Your data is valuable because its ‘available’, ‘integral’ and possibly ‘confidential’. Think about what data you have on your website, does it mention your name, your business name, your contact details, etc. If this information was suddenly changed or removed without your knowledge and your customers saw what it was changed to, what would happen? For example, what if just the phone number was changed on your website to an alternative number, where would all those enquiries go and could some hacker mess with your loyal customers?
Remember that the weakest aspect of a website will be targeted. Take ownership of your risks and content.
3. Use up-to-date software
It is possible that flaws within software (known as vulnerabilities) can allow hackers to remotely access and take control of your system or website. When software providers become aware of vulnerabilities in their products, they often issue an update to fix the problem.
Anti-virus and anti-spyware software are probably the most important pieces of software any Windows system can have. It is equally important to keep it up to date to avoid being vulnerable to newly discovered threats. While Macs, Linux, and other systems are vulnerable to virus and spyware attacks as well, the design of their systems and their lower market share has made them less desirable to malicious software developers. There are hundreds of companies offering anti-virus and anti-spyware software these days, so its worth investigating online and amongst friends and family which are most highly recommended. Using software such as ‘File Vault’ (which comes by default on most Mac systems) may be sufficient enough to secure data stored on those machines. Instructions for setup of ‘File Vault’ can be found online at Dummies.com and ItServices.Stamford.edu. Please note, we do not endorse the websites listed with instructions of ‘File Vault’ setup, they are available for convenience and alternative instructions may be found elsewhere.
4. Take care with credit card information online
Never ever email credit card numbers!
“I have personally been witness to many customers in the past emailing their entire credit card number and security code within a single email which can easily be intercepted by third parties.” – Nadia Kerr (Web Developer at WRD)
In layman’s terms, when you send an email it doesn’t just go directly from your mailbox to the recipients, but instead bounces between a number of servers (and systems) on the world wide web before ending up at its final destination, thus can be intercepted any third parties along the way or retrieved via a hacker of yours or the recipients system.
Consider using third party payment providers for storing credit card information as they usually only store credit card information using the strongest security encryption available.
6. Strengthen your passwords
You only need to read through some of the articles online about the top most common passwords (such as this one posted by Gizmodo) used to determine how easily your password may be figured out by a hacker. The top three passwords of 2013 were “123456”, “password” and “12345678”. The top three passwords from the previous year hadn’t even changed, only “123456” and “password” swapped places in order of frequency.
Ideally you should use passwords of eight characters or more with a mixture of number and letter combinations. Passwords with common substitutions can also be vulnerable too such as “pr1nce55″. One way to create more secure passwords that are easy to recall is to use phrases, a collection of short words grouped together and separating them with numbers or special characters (where allowed).
Avoid using the same username / password combination for multiple systems. Pick strong passwords and use different ones where possible for banking, emails, cPanel, FTP, CMS, etc. It is especially risky using the same password for entertainment sites that you do for networking and financial services.
If you have trouble remembering all your passwords consider using a password management application or storing them somewhere securely offline.
These tips are just the basics, but a great starting point to help avoid unnecessary attacks. Most hackers, if they come across a website or system that is locked down tightly, would just rather move on to another one that offers easier access then waste time with yours.
Keep in mind that any house can be broken into, but if you don’t leave your doors and windows open inviting intruders inside. The same applies to computer and website security, keeping in mind some of the security measures mentioned above will help prevent intruder attacks.