What if there was a really easy way to protect your important data and make your accounts exponentially more difficult to hack? There are two simple ways to make you and your data hacker proof, and you can do them yourself.
In his 2015 State of the Union address, President Obama discussed the recent wave of cyberattacks and offer what he thinks the government should do to help large companies protect their users and data, well…your data, really…from attack.
Why? Because last year was a banner year for computer hackers. They were in the news often as we heard about high profile data breaches at places like Target, Home Depot, LinkedIn, Staples, Schnucks if you’re here in St. Louis – heck, even the Pentagon’s Twitter account got hacked last week.
It’s good that the president is taking notice and we’re all having a conversation about it, companies that have our data entrusted to them can and must do more to keep it safe. But let’s face it, the hackers are sophisticated, smart and highly motivated to continue carrying out their attacks. In other words, you can’t afford to wait for the government to debate the best way to require large companies to protect you.
The good news is it’s not very hard nor expensive to do that. In fact it’s really simple. All it takes is a little prevention, and a better lock on your data’s front door. Here’s how to do it.
Step 1: Protect Your Data
Being hacked these days generally means one of two things has happened: either your personal information has been compromised, or your data has. We’ll get to how to protect your personal information in step 2, but first we have to protect your data. All those pictures, music, documents, possibly emails, and other bits of your digital life you couldn’t work, and possibly live, without.
Having your digital data compromised can happen in many ways, and not all of them are caused by hackers. Sometimes the problem is even you. Your hard drive can fail, you can accidentally delete a file, you might lose your computer.
You may also catch a virus. A big one going around at the moment is the cryptolocker virus. The virus, sometimes referred to as ransomware, infects your computer when you click on an infected link or open an infected email attachment. Then, cybercriminals lock you out of your computer and demand money for the key to unlock your files.
Here is a quick video that explains just how bad the cryptolocker virus is:
So, how does one protect one’s data from these types of threats? By backing up your data to an external drive or to the cloud.
Here at Office Essentials, we use and recommend Mozy. It is a cloud-based backup service. It has saved our data several times, from all the types of threats listed above – including a nasty cryptolocker infection.
The best thing I can say about it is that it just works, it is a reasonably priced option for businesses, and most importantly it works automatically in the background. Which overcomes the biggest problem most people encounter with their backups: not doing them on a regular basis.
We can offer you Mozy for free for 30 days if you would like to test it out. There is a lot more information at that link, and the video below can give you a much better explanation. That said, whether you use Mozy or something else – use something! Backing up your data is critical to your online well-being.
Step 2: Enable two-factor authentication
Enable 2-what? Two-factor authentication, sometimes called 2FA or two-step verification, is a method of logging into your online accounts and services that requires a second form of verification beyond your password. When you enter a login and password to enter a site, and nothing else, that is known as single-factor authentication. It’s what most of us use on most of the sites we visit and use. Two-factor adds another step – a special code sent to your cell phone, a piece of knowledge like a zip code, or a PIN number. If you use it, theoretically even if your password is guessed correctly, the hacker would not have the 2nd piece of information and would not be granted access to your accounts. In other words, two-factor authentication requires “something you know” (like a password) and “something you have,” which can be an object like a phone, to get into your accounts. Hackers might have one, but almost never have both.
Detractors will tell you that it adds an extra step to the login process and it can be an inconvenience, but don’t listen to them, it beats being hacked.
That sounds like a pain, why do I need it?
Bottom line? We use passwords that are too easy to guess. And then we use the same ones on all of our accounts.
Also, these days we carry around in our pockets a staggering amount of data. From our personal financial information, to sensitive company documents, and we tend to chain it all together, meaning that if a hacker gained entry into one of your accounts, it would likely make it pretty easy for him or her to get into more of your accounts.
Will two-factor authentication protect me?
Well, that is a hard question to answer, and no one can tell you that you are 100% protected no matter what. It definitely makes it harder for hackers to get into your accounts. Think of it like this: does a burglar alarm on your house mean that your home will never get robbed? No, but it makes the chances of it happening much lower.
What services use two-factor authentication and how can I turn it on?
Most of the common web services you use have two-factor authentication available to you at this point. Here’s a list of some popular ones with either a brief description or a link that will take you to the page to set up two-factor authentication for that service.
Apple ID / iCloud
- Go to My Apple ID.
- Select Manage your Apple ID and sign in.
- Select Password and Security.
- Under two-factor authentication, select Get Started and follow the onscreen instructions.
For Google services like Gmail, you can setup two-factor authentication here. Then, whenever you sign in to Google, you’ll enter your password as usual. Then, a code will be sent to your phone via text, voice call, or our mobile app. That can get tedious after a while, so Google lets you choose not to use 2-Step Verification again on a particular computer anymore but you’ll still be covered, because when you or anyone else tries to sign in to your account from another computer, 2-Step Verification will kick back in.
Facebook calls their two-factor authentication “Login Approvals” because they like to be different, but it is two-factor authentication and that link shows you how to set it up.
“Login Verification”" in this case. Here’s how to set it up
- For any other service you use, google “its name + 2FA” and that should take you to the instructions for turning it on
The bottom line
Unfortunately, if you use the internet, you will never be 100% safe from attack, but you can mitigate the risk by being vigilant about protecting yourself. Backing up your data and using two-factor authentication will go a long way to protecting you.