How likely is it that someone out there has your data? You can go to a website called www.haveibeenpwned.com (currently the site is English only), type in your email address. It will tell you how many data breaches your information has had. This information is also possible to get by entering a username or password. On a basic level, know that if you're an active user of the internet it's likely that your data has been part of a data breach. Beyond that, we're seeing a number of companies online who are expanding the amount of information that they hold about us. As covered in our blog Part 1: Introduction to O365's Advanced Threat Protection features, consider getting Cyber Insurance Coverage if you are particularly worried about being able to recover from damages.
Two weeks ago 6 million Canadians, found out that Capital One's database was breached. There are people out there who devote their days to scouring the internet for S3 buckets of data.
After one of these type of hacks be wary of messages prompting you to change your password.
Don't get tripped up by phishing attacks tied to recent events. Try your best to be vigilant and to think critically about messages that you're getting, including other media such as text messages and prompts. Look up the support number of the company separate from the email you received. Contact them to ask for more information. Sure there's lots of breaches out there but there lots you can do to minimize your risk as well.
Want more resources? Check out securityplanner.org, it's a simple tool (currently only available in English) to answer questions and concerns about security to improve some of the security and privacy concerns you may have. Once you're on the site, click on Get Started, you'll see the below options. Continuing with the process will provide you with an Action Plan with tips personalized to you on how to help you better secure your Online Accounts, Computer, and or Internet Connection. You can also get details on how to connect with Specialists. The best advice is often that which is designed specifically for your needs. If you have a pressing security concern, talk to a professional.
What can you do?
It's not hard to take a bit of control over your online accounts to lessen the impact of a breach and keep some privacy. Some examples:
- Don't reuse passwords
- Use 2 factor authentication
- Put in a username, password, then get access to a code that is sent to your phone.
- Educate other users and your customers about data security.
A lot of people don't know where to start. As a business owner you may have already gone the extra mile in configuring your servers to ensure that they cannot be accessed remotely by other people who don't have authorization.
What is your responsibility as a business owner and holder of data?
Data is more valuable than you'd think and changing all of your passwords can be a lot of work.
- Get a password manager
- Create unique passwords for each of your accounts
You don't have to do everything at once. Set up a reminder every couple of weeks where you get prompted to reset your passwords to update them. A password manager can also be set up to do this automatically.
How secure is your Sage Data?
It's a good idea to set a password for your company database. Get the full 7 tips for securing your Sage company data here.
REMINDER to backup your data
Online backups are a great way to protect your files from ransomware. Make sure to use an encrypted backup solution to protect your privacy. Did you know that Sage 50 CA integrates with Office 365 and can backup / encrypt your company database? This is a good option for securing this data securely in a remote location in the event of a natural disaster. Learn more about this in our blog called Part 2: Office 365 data protection measures.
References and Resources:
Thanks for reading!
For more resources visit: Sage Product Support Resources for help with products in North America