Category: Cyber-Security

Staying Safe Online – July 1, 2020

6 steps to securing IoT and taking back your privacy
In today’s world we are more connected than ever- not only to each other, but to our devices. For example, people now have the ability to open and close their garage doors and even start their cars directly from their phones. But what information do we put at risk when we do all of these amazing things? Securing Internet of Things (IoT) devices and keeping personally identifiable information (PII) safe and secure these days is of the utmost importance.
When you buy the latest IoT device, you need to be aware of two things: First, IoT devices collect your information, and second, that information is always accessible.
So, what exactly is information collection? Think of a common steaming service, like Netflix. Once you sign up, you’ll start receiving emails from Netflix letting you know they’ve added a new TV show that you might enjoy. And the thing is, they’re usually right! That’s because your viewing history and ratings have been transmitted through an algorithm to determine what else you’d be willing to watch, and thus, continue your subscription.
Now imagine every device you have on your home network collecting this type of information. It’s a scary thought! While technology enables you to control your life from your fingertips, your information is at everyone else’s fingertips as well. Security isn’t fun or flashy, and because of this, some companies do not give it the consideration it deserves before they bring their products to market.
Very often when you buy an IoT device or utilize a company’s service you have unknowingly allowed them to collect information about you. That agreement you have to sign before you can use any of their items is written by their lawyers, and unfortunately, without saying yes you can’t use that fancy new gadget. All of these companies know it, which is why hundreds of pages sit between you and your new purchase.
Always verify a charity’s authenticity before making donations. For assistance with verification, utilize the Federal Trade Commission’s (FTC) page on Charity Scams.
1. Change Default Passwords. On devices that are connected to your network you should always make sure you change the default password. It doesn’t matter if it’s a new security camera or a new fridge. Creating new credentials is the very first step in securing your IoT devices and protecting your privacy.
2. Automatic Patches and Updates. In today’s “set it and forget it” society, many electronic devices can take care of themselves. Quite often technology has a setting that allow for automatic updates. This is an important setting to turn on when securing IoT devices.
3. Set-up Multi-factor Authentication (MFA). MFA security settings are growing in popularity. This is as simple as receiving a text or code that you need to type in while signing on to a system. Often times within the account preferences of your device, you can set up an Authentication Application. If you can’t find this option call customer service, chances are it exists somewhere.
4. Utilize a Password Manager. Keep usernames and passwords unique. Most password manager applications can generate a random password for you, and will allow you to store them safely.
5. Update Default Settings. Check to see which settings are turned on by default, especially if you don’t know what they mean. If you are unfamiliar with FTP or UPnP, chances are you are not going to use them, or even notice that they are off.
6. Avoid Public Wi-Fi. It may be convenient to connect to a public Wi-Fi, but think again! If the Wi-Fi network does not require a password, then anyone can listen in on your computer’s information. Some public Wi-Fi networks are deliberately set up in the hopes that people will use it so they can steal information or credentials.
Remember that just like you lock your front door to protect the valuables inside, these days you also need to lock your IoT devices to protect your information and your privacy.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – June 3, 2020

The Power of Updating
You may not realize it but cyber attackers are constantly looking for and finding new vulnerabilities and weaknesses in the software people use every day. This software may run your laptop, could be the mobile apps you use on your smartphone, or perhaps even the software in your baby monitor or other devices in your home. Bad guys take advantage of these software weaknesses, allowing them to remotely break into devices around the world. At the same time, the software and device vendors are constantly developing fixes for these weaknesses and pushing fixes out as software updates. One of the best ways you can protect yourself is to ensure the technologies you use all have the latest updates, making it much harder for cyber attackers to break into them.
How Updating Works. When a software vulnerability is discovered, a software update (also known as a patch) is developed and released by the vendor. Most software programs and devices nowadays have a mechanism to connect over the Internet to a vendor’s server to obtain the software update. This update, nothing more than a small program, typically installs itself and fixes the vulnerability. Examples of software you need to update are the operating systems that run your laptop (such as Microsoft Windows or OSX) or run your smartphone (such as Android or iOS). Additionally, but often overlooked, you need to update the programs that run on your devices, such as your laptop’s web browser, word processor, messaging software or your phone’s mobile apps (especially social media apps).
This is why, whenever you purchase a new computer program or a new mobile app, check first to be sure the software vendor is actively updating the program or device. The longer software goes without any updates, the more likely it has vulnerabilities that cyber criminals can exploit. This is why many vendors, such as Microsoft, automatically release new patches at least every single month.
Finally, if you are no longer using a certain computer program, software or mobile app, remove it from your system. The less software you have to update, the more secure you are.
Updating. There are two general ways of updating a system: Automatic – Whenever a device, operating system, program, or mobile app detects that a new update has been released by the vendor, it automatically downloads and installs the update. The advantage of automatic updates is that you don’t have to do anything.
The software ensures that the technologies you are using are current. Manual – When an update for a device, operating system, program, or mobile app is available, you must manually download and install the update.
This gives you more control over what and when updates are installed. Larger organizations (such as hospitals or utilities) typically like manual updates because it allows them to test the changes first to detect and address any issues caused by the update.
Up-to-date devices and software make it that much harder for any bad guys to attack them. Enabling automatic updates is one of the simplest and most effective ways to protect yourself and securely make the most of today’s technology.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – May 6, 2020

Password Managers
Password managers work by storing all of your passwords in a database, which is sometimes called a vault. The password manager encrypts the vault’s contents and protects it with a master password that only you know. When you need your passwords, such as to log in to your online bank or email account, you simply type your master password into your password manager to unlock the vault. The password manager will automatically retrieve the correct password and securely log you in to the website. You no longer have to remember your passwords or manually log in to your accounts.
In addition, most password managers include the ability to automatically synchronize across multiple devices. This way, when you update a password on your laptop, those changes are synchronized to all your other devices. Finally, most password managers detect when you’re attempting to create a new online account or update the password for an existing account, and they automatically update the vault for you.
It’s critical that the master password you use to protect the password manager is long and unique. In fact, we recommend you make your master password a passphrase – a long password made up of multiple words or phrases. If your password manager supports two-step verification, use that for your master password as well. Finally, be sure you remember your master passphrase. If you forget it, you will not be able to access any of your other passwords.
There are many password managers to choose from. When trying to find the one that’s best for you, keep the following in mind:
Your password manager should be simple to use. If you find the solution too complex to understand, find a different one that better fits your style and expertise.
The password manager should work on all devices you need to use passwords on. It should also be easy to keep your passwords synchronized across all your devices.
Use only well-known and trusted password managers. Be wary of products that have not been around for a long time or have little or no community feedback. Cybercriminals can create fake password managers to steal your information. Also, be very suspicious of vendors that promote they developed their own encryption solution.
Avoid any password manager that claims to be able to recover your master password for you. This means they know your master password, which exposes you to too much risk.
Make sure whatever solution you choose, the vendor continues to actively update and patch the password manager, and be especially sure you are always using the most recent version.
The password manager should give you the option of storing other sensitive data, such as the answers to your secret security questions, credit card information, and frequent flier numbers.
Consider writing your master passphrase in a sealed envelope and storing it in a locked cabinet, physical safe, or lockbox.
Password managers are a great way to securely store all your passwords and other sensitive data, such as credit card numbers.
However, make sure to use a unique, strong master passphrase and always use the latest version of whichever solution you choose.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – April 8, 2020

Digital spring cleaning
Most of us are so looking forward to spring! The landscape starts to take shape, flowers start to bloom, and, for many, there’s a desire to spring clean. While it might be easy to see the need to purge and tidy up, realizing the need to also digitally declutter isn’t so apparent. Here are some quick tips to get your digital life in order and establish new digital habits:
BACKUPS: We listed this step first because, in the long run, it’s one of the most important and a step you want to take before moving on to the others. No matter how safe or secure you are, at some point, you will most likely need backups to recover your important information. Reasons can include having a hard drive fail, losing a device, and becoming infected with malware such as ransomware. Creating and scheduling automatic backups ensures you can recover your most important information.
DELETE: Delete any unused programs or apps on your mobile devices and computers. Some apps require large amounts of storage, can introduce new vulnerabilities, and may even slow things down. The fewer apps you have, the more secure your system and your information. Many devices show you how long it has been since you’ve used an app – if it has been more than a few months, chances are you don’t need the app!
UPDATE: Update all of the devices and apps you do have, and enable automatic updating whenever possible. This way, your devices and apps stay current, not only ensuring they run faster but making it much harder for anyone to hack into them.
PASSWORDS: Review your passwords. If you are using the same passwords for multiple accounts, change them so each account has a unique password. Can’t remember all your unique passwords? Consider using a password manager. Finally, enable two-factor authentication (2FA) whenever possible, especially for any email or financial accounts.
FINANCIAL ACCOUNTS: Make sure your bank accounts, credit card accounts, and retirement accounts are configured to alert you whenever a transaction is made, especially for large purchases or money transfers. The sooner you spot fraudulent activity, the sooner you can stop it.
BROWSER: Review any and all add-ons or plugins installed in your browser. Review the permission settings; do the plugins really need access to your location, passwords, or contact lists? If you are no longer using certain plugins, or have privacy concerns about them, delete them.
SOCIAL MEDIA: Check out your online presence and own it. Review your privacy settings and delete any photos and videos that are no longer accessed or needed. You can also search for yourself on a search engine and see what information is out there about you. Remember, it’s fine to limit how much information you share, and even with whom you choose to share it with.
DESK: Clean out your desk drawer, wipe any old hard drives and USBs, and perhaps even destroy any sticky notes with too much information. Consider investing in a document shredder if you don’t have one.
EMAIL: Perform an email file purge, delete what you don’t need, and organize what you do. Pay particular attention to any sensitive documents, such as those with your date of birth or Social Security number, and get those out of your inbox!
While this may appear to be a daunting task, rest assured your devices and information will be far more protected. If this seems like a lot to do, consider choosing just a few items, or try to check off one item per day or week. Every little step goes a long way in protecting you.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – March 4, 2020

Social media privacy
Most people would never consider walking into a crowded room and loudly broadcasting to total strangers all the details of their private life – from their health issues to their family and friends’ names, ages, jobs, or school locations. But often these same individuals won’t think twice about posting that same information on social media. The ramifications of sharing too much can have an impact not only on your personal and professional life but also the lives of your family and friends.
Social media is a great place to reconnect, share, and learn. However, just ensuring that your social media privacy settings are strong isn’t the only way to protect yourself. Once you post anything online, you have lost control of it. You need to understand what is being collected and how it is being used. Here are some privacy concerns you should have when using social media:
Privacy Settings: Carefully create and frequently review privacy settings for all of your social media accounts, especially when changes in terms of service and privacy policies take place. Remember that even if you have secured your settings for who can view your postings, all of your information is being collected, mined, and stored on the social media platform servers – perhaps forever.
Privacy Tree: Social media settings can’t protect you from friends, relatives, and co-workers who view your postings and then have the ability to share those postings with their circle of friends and so on.
Family Sharing: Everyone loves to talk about their friends and family. But posting silly birthday cake pictures or health and behavior problems can lead to bullying, especially for those who are younger, and could impact their personal lives.
Information Sharing: If a service is “free,” then you are the product. Investigations have found that what you are doing online may be sold to others.
Location Services: Check-in data can be added to other personal data to create a profile of your life and habits, which can lead to stalking and open you to other harassing events. In addition, be aware of any location information included in any pictures or videos you post.
Artificial Intelligence: AI, social media, and marketing are the perfect combination. Marketers now use information gathered from your habits online to feed you ads focused on your last search or purchase, and thereby continue to learn even more about you.
Digital Death: When a person dies, their online presence becomes more vulnerable to malicious individuals if their accounts aren’t being maintained or eliminated by their survivors. The privacy of an individual is not just about that person alone; it also can impact extended family and friends.
Unintentional Disclosure: The information you post about yourself may reveal much of your personal history, and thus the answers to your online secret security questions.
Privacy is far more than just setting the privacy options in your social media accounts. The more information you share, and the more others share about you, the more information that is collected and used by corporations, governments, and others. One of the best ways to protect yourself is to consider and limit what you share and what others share about you, regardless of the privacy options you use.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust


Forgot Password?

Join Us