Hat tip to our very own Robyn Flach, Dashboard’s social media expert, for coining the term “Happy Change Your Password Again” Day.
Robyn sent us the following article, and by the next day, it was top of the headlines: a massive data breach exposed 16 billion login credentials. No, that’s not a typo.
If you wonder if your information was exposed, chances are good it was.
Here is a list of the companies whose login credentials were exposed. This list may grow as more information is reported:
- Apple
- Netflix
- Government database
- Many others
Change Passwords Immediately
It’s imperative that you change your passwords immediately. Choose strong passwords that include random letters, numbers, and symbols. Do not use words commonly found in the dictionary due to the risk of what is called a ‘dictionary attack’.
Set up two-factor authentication, including stronger authentication protocols such as authenticator apps. New technology that includes biometrics can also help secure accounts.
Secure Your Customer Data
Businesses that handle customer data, including but not limited to user names, passwords, names, addresses, telephone numbers, email addresses, and credit card information, must take extra precautions. Speak with your managed services provider or IT support on the steps you need to take to store such data safely.
Zendesk offers 10 tips to keep customer data safe. These tips include limiting data access and maintaining a record of employees who have access to sensitive data. Another tip is to use encryption methods. Encryption is a security method that allows only authorized users to read the data – it is illegible to unauthorized users.
Another tip that we think is invaluable is keeping your software (and your website) updated. This means updating software, including operating systems and web browsers, when prompted to do so. It also means updating plugins and themes on WordPress websites and performing similar updates on sites hosted on other platforms.
Companies routinely issue security patches via updates to compensate for vulnerabilities exposed after the initial software launch. Even though it may seem like a lot of updates to do, if you keep up to date with them, not only will it be less work, but it will also better protect your systems.
Lastly, train your staff on how to recognize phishing attacks and similar cybercriminal activities. Criminals have become more clever, using psychological techniques as well as old-fashioned tricks to get your employees to divulge usernames and passwords.
Many criminals create fake emails called spoofs that look nearly identical to emails you receive from your bank, big retailers, utility companies, or other trusted vendors.
Never click on links sent via email or text from even companies that you know if you aren’t expecting an email from them; prompts to reset your password or log in because of a problem with an order should be treated with suspicion. Close the email, open a new browser, and log in to check on the situation if you feel it’s necessary.
We hope that these tips are helpful. We aren’t cybersecurity experts. We are business owners just like you. But we know that sharing even a simple tip may help someone, and we care about your business success!