As a busy professional, you rely on your ability to be both mobile and connected, often working remotely—from home, a coffee shop, a library, or shared community workspace. You go about your day aiming for productivity, professionalism, and efficiency—and online security often gets overlooked for the sake of timeliness and convenience.
Your devices are your professional lifeline. They also contain a digital record and extension of your personal life—your financial documents and accounts, photos, passwords, credit card numbers, copies of your passport and birth certificate, your search and browsing history, medical records, creative work, intellectual property, your kid’s science project, and the list goes on. Your digital footprint is large, comprehensive, and very, very intimate.
Whether a data breach comes from a lost or stolen device, or a well respected online retailer that can’t seem to keep your credit card number to themselves, cyber threats are very real—and it’s not a matter of if, but when it will happen to you.
Does Digital Security Actually Affect Me?
According to Wikipedia, a data breach is simply “the intentional or unintentional release of secure or private/confidential information to an untrusted environment.” This could be a major leak from a corporate source, losing data from a lost or stolen device, or a hacker collecting personal information through phishing emails and texts from an individual—all for the purpose of identity theft or fraud.
Data breaches, phishing attacks, and cyber hacks affect all of us on an individual, business, and even governmental level, and are becoming more dangerous, as more and more of our personal information is stored online. We are all targets for hackers, digital thieves, and shady data snatchers bent on making money from our information.
It takes effort and attention to be mindful of our data security, especially as professionals working remotely from many different and typically insecure spots, and carrying our precious data with us. Because these attacks are so common and frequent, it’s easy not to see them as a real threat, especially when the immediate effects are not visible. It could be months or years after a breach that your information is used in a fraudulent or dangerous way.
How Serious is this Threat?
- 43% of cyber attack victims were small businesses (organizations with fewer than 250 employees) Why? Because small businesses are very vulnerable due to weak security measures and poor online safety practices.
- 60% of the time, the compromised web application vector was the front-end to cloud-based email servers. In layperson’s terms, this means that hackers gained access to the company server by breaking into email accounts directly, or someone on the network gave them access by clicking on a link or attachment in a malicious email.
- There was a 424% increase in new small business breaches in 2018.
- It is estimated that by 2021, cybercrime will cost the world $6 trillion annually. This represents the greatest transfer of economic wealth in history and will be more profitable than the global trade of all major illegal drugs combined.
Many businesses suffer production and financial losses so severe as a result of these attacks that they are unable to continue business or reopen after the attacks.
That's the bad news.
The good news? You don’t have to be a professional cyber security specialist to protect yourself, your clients, and your business like a very safe and secure online super boss.
How Do I Protect Myself?
Being smart about how you send and share information is vital to protecting yourself, your data, and the information of your clients, colleagues, employees, and customers. Researching and understanding the risks, and knowing what to do if you do lose your device or your data is otherwise compromised, adds another layer of protection to your arsenal. And finally, bringing awareness and intention to how you use digital products, interact with the web, and share information and resources is the cherry on top of your online security sundae.
Elevate Your Security Profile
Never, ever send things like credit card numbers, confidential financial information, or passwords over email, text, or fax.
Methods to Use Instead
Verbal: The old school way is the safest way! Pick up the phone and call, or have a face to face meeting where you can share a credit card number or password securely.
Password Managers like Lastpass or Dashlane. These programs not only store your information securely, they can be used to share passwords or secure notes with others. They also enable you to store payment data, IDs, secure notes, and have increasingly complex and unique passwords, and can generate complex passwords for you. They do not store your Master Password on their servers, so while they are not failproof, they are very secure and can exponentially improve your data security health.
Protected Text is an open source encryption and communication tool that uses “trustless” technology and is ad-free. Here, you setup a password protected website URL (https://protectedtext.com/yournamehere) that only you can see, unless you share the password. You can use this to store secure notes and share information, just make sure you share the password in a smart and safe way.
Signal: An open source, fully end-to-end encrypted text messaging platform. If you want to say anything without fear of being hacked, recorded, or a large company mining your data, this is the place. While we still don’t condone sending sensitive information over text, Signal is the most secure way to communicate this way.
Protect Access to Your Devices and Data
A lost or stolen laptop or phone will ruin anyone’s day, but if you don’t have your device or accounts properly secured, it will be that much easier for someone to come in and ransack your digital (and real) life.
Take your security and peace of mind to the next level by taking some security precautions BEFORE you need to.
- Be selective with who you let use your computer, phone, or tablet, particularly anything you are using for work. Do not let others use your logins or accounts. If you do need to lend your device, make sure you protect your security codes and passwords, or log someone in as a guest.
- Do not reuse passwords, ever. All your passwords should have a minimum of 12 characters—a mix of numbers, symbols, capital and lowercase letters. The most secure method is using a passphrase—a group of five or more common words together that others would have a difficult time guessing. These are easier to remember than traditional complex passwords and much harder to crack.
- Turn on Find My Device. If your device is lost or stolen, your best ally is the ability to lock, erase, and even find it using these built-in security measures. At the very least, you can prevent your data from being accessed, even if you never see your device again.
- Use a VPN (Virtual Private Network). This is vital to making sure you are safe online, particularly in a public place. VPNs connect your device to another device (a server) and allow you to browse the internet with that internet connection. Learn more about VPNs and why you want one.
Jumpstart your cybersecurity checklist with the basics here: 5 Keys to Online Security for Remote Work.
For a deeper dive, check out these articles:
- How to secure, protect, and completely lock down your Android phone
- Configuring Your iPhone for Maximum Privacy and Security: Web Browsing
Taking the time to understand why these precautions are necessary, and putting a little time and thought into your own digital ecosystem will give both you and your clients the peace of mind you need to focus on the things you’re good at.