If you believe that your personal information is protected online, you are sorely mistaken. Almost 306 million people’s information has been leaked online, and that number is only increasing.
The internet has made our lives easier in so many ways, but it has also opened us up to vulnerabilities that without the right education are increasingly dangerous.
It is easy enough to say “Don’t use the same password twice” or “Always keep your portable devices safe”, but what can you do to immediately upgrade your cybersecurity in under 5 minutes?
Firstly, what is Pwn?
No, it’s not a real word, but it is a real thing.
‘Pwn is a leetspeak slang term derived from the verb own, meaning to appropriate or to conquer to gain ownership. The term implies domination or humiliation of a rival, used primarily in the Internet-based video game culture to taunt an opponent who has just been soundly defeated (e.g., "You just got pwned!").’ Wikipedia
Although most of our readers may not be going home after work to play a few rounds of HoN with the lads, Pwn is a relevant term that most of you will have been succumbed to. If your email address, passwords, or any personal information has ever been leaked online, you have been Pwned.
So have you been pwned? Well, unfortunately, most of us have and may not even know it.
How do you know if your information has been compromised online?
Have you used your email address on a website that has then been hacked? When it got hacked what information was stolen? You can check if you have an account that has been compromised in a data breach here.
You will most likely fall into one of two camps:
- The least likely to be pwned camp where you use a unique and complicated password for every account you have ever made.
- The most likely to be pwned camp where you often use the same email address and password for multiple accounts and logins on the web.
Now be honest. Which one are you?
If you are number 2 now is the time to make a change and prevent yourself being Pwned in the future.
So what action do you need to take?
It is almost impossible to make strong and unique passwords for all the accounts we have on the web, and remember them. So it is time to get some help. I highly recommend LastPass. This is a password vault that has an app for your mobile and a plugin to Chrome. It generates strong secure passwords, and stores and fills in your login details for you online.
The most common question I get asked is “Is having all our passwords in one place safe?” Yes, it is safe. When logging into your LastPass account you are required to enter your master password whenever you’re connecting from an unknown device. I highly recommend activating the two-factor authentication to increase security further. It takes an extra 30 seconds of your time to ensure all your personal information is safe.
The sentence method
I recommend the sentence method for making the master password. You take a sentence like “when will my 13-year-old do her homework!!!” and turn it into your password. Wwm13y0dhH!!!
I always make the first and last letters capitals, I change O for 0 (zero) and e for 3. I find these tricks make passwords easier to remember.
LastPass for home and business.
You can have separate LastPass accounts for your personal and business logins. Both accounts can be connected on all of your devices (using your master password and the two-factor authentication), so no matter where you are, you have access to your passwords and login information.
Qbit has an Enterprise plan so that we can keep your data safe and our Engineers productive. Working in an office environment often means many people need to log into the same websites using the same passwords, LastPass handles this. You can also create groups and assign people to those groups. This restricts who has access to each online account.
If an employee leaves you, just deactivate their LastPass account. You no longer need to go through and change all the passwords.
Security needs to be taken very seriously, these are the top ten security musts!
- Every password is unique
- Use a password vault like LastPass to help
- Passwords must be strong, with at least eight characters with letters and symbols
- Change your Windows passwords every 90 days
- Use two-factor authentication wherever possible
- Do not use Facebook or Google to sign into other websites
- Do not let your browser save your password
- Be suspicious of everything including phone calls
- Never change a suppliers bank account without verifying it
- Have a payments process that even the CEO is not allowed to override
Interested in setting up an enterprise version of LastPass?
If you are a current Qbit client, please have a chat to your account manager.
If you are looking for a new Outsourced Managed IT provider reach out and we can sit down for a coffee and discuss your security requirements.