During Cybersecurity Awareness Month we have talked about various ways to protect yourself online. We learned how to protect our accounts by crafting and managing stronger passwords, how to implement multi-factor authentication to enhance the security of our accounts and, last week, we discussed how to protect ourselves from social engineers and how to spot a phishing email. In our last installment for Cybersecurity Awareness Month, I want to bring us full circle and talk about why it is important to practice good security hygiene to secure our data.
The organizations you partner with in your professional and personal life do a lot to protect your data. There are many regulations they must follow, like HIPPA for healthcare, Gramm-Leach-Bliley Act for financial institutions, and FISMA for federal government agencies. Just naming those three is an oversimplification, as there are many others, but the bottom line is that they provide guidance and protections for how organizations safeguard your data and notify you when there is a breach of that data.
If you have been paying attention this month, you’ll know this is the part of our journey where I explain that you have a large part to play in your own data security. I’m a simple guy and a creature of habit, so if you expected this Gotcha! moment, congrats you are correct. The catch is that many organizations aren’t bound by the same regulatory requirements, so you won’t know how they protect your data or if that data is exposed. On top of that, there may still be instances where your data is exposed where it shouldn’t be because humans are involved, and no one is perfect. So, like my mother always told me: focus on what you can control and what you can do.
Let’s look at steps you can take to improve your own cyber hygiene around data security.
- Monitor your data online
All of us voluntarily provide sensitive data on a daily basis to companies for various goods and services like getting a loan, opening an account, applying for insurance, etc. and we all have logins we use to manage those accounts. A good practice is to have credit monitoring and/or dark web monitoring in place to see what data is available to malicious actors online. When you get an alert that a company you use has had a breach, you can be proactive and change your password or lock your credit to help prevent fraud.
- Don’t send sensitive information through email
We use email for personal and professional communication daily for a variety of reasons. The proliferation of email in our daily lives has significantly increased over the last couple of decades and has fundamentally changed how we communicate. What hasn’t changed is what is appropriate to send through that medium. You should avoid sending sensitive information through email. In general, email is an unsecured medium. While email encryption solutions do exist to protect emails in transit, the residual data you send remains in your inbox and, potentially, the recipient’s email box depending on how their solution is configured. If either of you experienced a social engineering attack that compromised credentials, that data is now potentially exposed. Some email encryption solutions hold the email in a secure portal that you access and interact with to avoid this pitfall, but many do not. It’s good to understand how the entire chain of custody works before you shoot off every bit of personal information in an application that could be used to steal your identity.
Whenever you are working with sending sensitive information, a better alternative is a file share for internal documents or a secure web portal to exchange that information in a more secure manner.
- Encrypt your data
How many of you have lost your smart phone, laptop, or tablet? Maybe you even had one stolen? What information was stored on that device? Pretty much everything, right? It is a best practice to utilize encryption to help protect your data on your devices should a device fall into the wrong hands.
Most solutions today come with built-in encryption you can turn on (or it may be on by default). It’s an incredibly important data security tool because it ensures that your information won’t be used, even if someone gains unauthorized access to it.
- Delete unnecessary data
How many of us are pack rats that keep everything? Guilty as charged. I have old switches and firewalls and computers I haven’t used in years sitting on a shelf because I “might need it one day.” We shouldn’t be the same way with our data. We shred papers and cut up old credit cards and write “VOID” on checks to protect our physical copies of sensitive documents and information, and we should do the same with digital data. Know when it’s time to get rid of old digital data and do some spring cleaning.
- Update your applications and systems
Vulnerabilities in your systems and applications can be compromised and put your sensitive data at risk. This is low-hanging fruit for attackers, especially for systems with old vulnerabilities. Make sure you turn on automatic updates at home to keep your environment current and help protect against attacks.
Thank you for spending time with me during Cybersecurity Awareness Month looking at how we “See Ourselves in Cyber.” In our time together we reviewed a few things you can do to improve your security posture in your personal and professional life. I hope you continue to build on the base and stay safe and secure in our digital world.
About Sharonview Federal Credit Union
Sharonview Federal Credit Union, voted in 2018 the No.1 credit union in South Carolina by Forbes, is headquartered in Fort Mill, South Carolina, and has been serving its members since 1955. Today, Sharonview serves over 100,000 members nationwide, has assets totaling more than $1.7 billion and operates 19 branches in North Carolina, South Carolina and New Jersey. It is also ranked as one of the top 200 credit unions in the country, proving its dedication to providing its members with a full array of value-added financial services, all of which are backed by the United States government and federally insured by the National Credit Union Administration. Sharonview currently stands above the crowd in delivering the personal touch, providing loans with fewer restrictions, flexible terms and lower rates. For over 60 years, Sharonview has promised exceptional value and delivered financial services members can trust, with us it’s personal.
Questions from the Media
Journalists, please note Sharonview Federal Credit Union's public relations agency of record is Infinity Marketing.
The following contact information is for members of the media only. Other inquiries will not be returned or forwarded.
Marketing and Advertising Opportunities and Questions
Have advertising inquires, proposals and opportunities? Please contact us.