October is Cyber Security Awareness Month

Oversharing and Geotagging

Never click and tell.

Everyone seems to be posting their information on social media - from personal addresses to where they like to grab coffee. You may figure, if everyone’s doing it, why can’t I?

What many people don’t realize is that these seemingly random details are all criminals need to know to target you, your loved ones, and even your physical belongings—online and in the real world. Avoid posting names, phone numbers, addresses, school and work locations, and other sensitive information (whether it’s in the text or in the photo you took). Disable geotagging, which allows anyone to see where you are—and where you aren’t—at any given time.

While it’s tempting to do otherwise, limit your social networks to people you actually do know in real life, and set your privacy preferences to the most restrictive settings.

*This information is courtesy of the Department of Homeland Security as part of the 2018 National Cybersecurity Awareness Month.

October is Cyber Security Awareness Month

APP SECURITY

Keep tabs on your apps

Have you noticed that apps you recently downloaded are asking for permission to access your device’s microphone, camera, contacts, photos or other features? Or that an app you rarely use is draining your battery life?

Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved - gathering your personal information without your knowledge while also putting your identity and privacy at risk. Don’t give your apps an all-access pass. The following are some steps to avoid “over-privileged” apps:

• Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use.

• Learn to just say “no” to privilege requests that don’t make sense.

• Only download apps from trusted sources.

Enable automatic app updates in your device settings or when they pop up, because having the most up-to-date software doesn’t just make things run smoother—it helps keep you patched and protected against ever-evolving cyber threats!

*This information is courtesy of the Department of Homeland Security as part of the 2018 National Cybersecurity Awareness Month.

Human error is the most common culprit for compromising your data and patient records.

Here are four really easy ways to prevent phishing scams, stolen passwords, etc. Making sure everyone in your office realizes THEY are the key component to protecting client information and data. You are your own best security team. Use the tips below to defend yourself and your data from being compromised.

1. WATCH FOR PHISHING EMAILS

NEVER click on a link in an email or send your password through an email. A lot of scammers pretend to be your boss, coworkers, etc. to force this information from you. 

2. HOW OLD IS YOUR PASSWORD?

Some security experts think it's fine to use the same password for up to one year if it's 15 characters or more in length. If it’s 14 or fewer, they recommend changing it every 90 days. Be aware, though, that extending a password expiration period increases the risk that someone could steal and reuse it to access other accounts owned by the same person. Shorter password expiration periods are always better.

3. NEVER WRITE YOUR PASSWORD DOWN 

If you're notorious for putting your password on a post-it note on your monitor - stop it! No one should know your password. Memorize it. Keep it in your brain.

4. ALWAYS LOCK YOUR COMPUTER SCREEN WHEN YOU WALK AWAY 

If you work in an environment that has private customer data (i.e. medical office, law office, etc.) then leaving your computer unlocked when you get up to get coffee, really sets you up for failure. Keep your computer screen locked while you pour the Folgers. 

If you're planning on making some Cyber Monday purchases, here are a few tips to keep you safe.

• Use a clean machine – make sure all your software, apps, and virus protections are up to date before starting your online purchases. This helps keep malware from stealing your account information.
• Watch out for phishing emails claiming unauthorized account activity or the need to verify details. Always contact the financial institution directly.
• Another phishing attempt may come in phony ads and offers that appear to be from companies you already shop with. A few letters off in the address bar can lead to Identity Theft. Be extra careful when clicking links in emails. When in doubt contact the company directly to verify the deal.
• Only enter your personal info into websites that begin with https://. This indicates the site offers a secure connection for the transfer of sensitive information.
• If you find an incredible deal on a new website – do some research and check reviews before shopping with the site.
• Only give the information needed to complete the transaction, the required fields.
• Don’t make purchases or login into financial and other sensitive accounts over public Wi-Fi Hotspots.
• Use two-factor authentication on your accounts – Remember to Lock Down Your Login.

*Ref: Call For Action