October 7, 2020 All Journal Entries

Security in Cyberspace

By Christina Maxwell

NATIONAL CYBERSECURITY AWARENESS MONTH

For the past 17 years, October has been National Cybersecurity Awareness Month. An initiative, led by the Department of Homeland Security, focused on raising awareness about the importance of staying safe and secure online. This year’s theme is “Do Your Part. #BeCyberSmart.” encouraging individuals and organizations to take precautionary measures to protect themselves and enhance their cybersecurity. The Department of Homeland Security site offers tip sheets and resources for staying secure in a variety of different settings, like work, traveling, social media and more to help citizens protect themselves from cyber threats. 

THE VIRTUAL REALITY OF 2020

Every year new gadgets and technologies come out to help streamline our lives with endless voice commands, payment options, video chat devices, fitness trackers and virtual assistants. There’s a good chance you’ve heard a friend or family member say something similar to the following:

“Okay Google. Set a timer for 20 minutes.”

“Alexa, what is the weather supposed to be like today?”

“Siri, how many coffee shops are in the area?”

“Cortana, play music by my favorite band.”

These virtual assistants are helpful for simple requests when we’ve got our hands full putting dinner in the oven, or running around in the morning trying to leave on time. Digital watches, always attached to our wrist, are great for tracking fitness, quick calls and notification alerts. We’ve learned to rely so heavily on technology that it’s easy to forget the dangers it can pose. A few weeks ago I was video chatting with our Lead Designer Stephanie and my virtual assistant answered my question before she could. Talk about creepy. 

Unsurprisingly, this year has seen a major increase in online activity due to the pandemic. According to an article published in The Wall Street Journal, internet usage soared 25% in Mid-March as states started enforcing stay-at-home orders, and is likely to remain higher for the foreseeable future (1).  And the quarantine has accelerated the ecommerce shift by 5 years according to IBM. Ecommerce is projected to grow by nearly 20% YoY as consumers are still unsure about in-store shopping (2). This quick shift to so much of our lives occurring digitally makes cybersecurity more important than ever.

SECURE YOUR HOME OFFICE

Working remotely can expose new cyber security threats not normally found in the office. Home setups are often less secure than networks found in an office building and data-sharing through the internet can increase the possibility of a breach. Oftentimes employees are using several devices, so their laptop might have sufficient security controls but emails accessed through their smartphone are a liability (3).  

VPN, a virtual private network, is a secure way to share files and reduce the risk of criminal activity. Since the rapid rise of remote work started in March, VPN usage has increased 124% in the US (4). But COVID-19 has still sparked an increase in cyber-criminal activity. These hackers have been using social engineering techniques in their attempts to gain sensitive data. Social engineering hacks involve a hacker manipulating an unsuspecting victim to reveal private, personal information.  A report from Microsoft found about 30,000 attacks per day using this method (5).

We have precautionary measures in place to protect our information and programs we use. These are easy to set up and will help keep your information secure. 

PASSWORD PROTECTION

Nearly every platform we use requires a password: online banking, healthcare, shopping sites, social media, the list goes on. Unfortunately, most people don’t do a very good job with password management. According to a survey done by LastPass, 44% of respondents used the same or similar passwords for multiple platforms and 53% of respondents hadn’t changed a password(s) in the last 12 months, even after hearing about a breach in the news (6). 

Passwords required for work platforms are no different, and oftentimes multiple people need the same password to access a program. A written or electronic document with a list of passwords is not secure, especially when being sent between employees. LastPass, a password manager, is a program that stores passwords in a safe environment using a local-only security model. All members of a team can have access to the vault with a master password and multi-factor authentication. This allows everyone to access up-to-date passwords without compromising a platform. 

G SUITE

In April we decided to move our day-to-day operations to G Suite, Google’s collection of collaboration and productivity tools. The cloud-based system simplifies file access and sharing, video chatting, calendar management and more all while adhering to security standards and protections used by Google and it’s enterprise partners. G Suite administrators have access to a security center with a dashboard that gives insights into external file sharing, spam and malware targeting users in an organization and a measurement of security effectiveness. G Suite also offers multi-factor authentication, helping to keep email and files protected on laptops and phones. 

These are just a few things we do to keep our team cyber secure. Tune in next week to learn what we do to keep our client websites safe. 

ARTICLES CITED

  1. https://www.wsj.com/articles/coronavirus-lockdown-tested-internets-backbone-11597503600 
  2. https://www.roirevolution.com/blog/2020/09/coronavirus-and-ecommerce/ 
  3. https://cyberexperts.com/work-from-home-cyber-risks%EF%BB%BF/ 
  4. https://www.statista.com/statistics/1106137/vpn-usage-coronavirus/ 
  5. https://www.microsoft.com/security/blog/2020/06/16/exploiting-a-crisis-how-cybercriminals-behaved-during-the-outbreak/
  6. https://www.lastpass.com/resources/psychology-of-passwords-2020?sf121917722=1&fbclid=IwAR3ERzflyPrJGa0gBf8Ec75Rzqe81e_6COXNtabPdI__WI-OUw_A9-Ykzak