FusionETA

Five key ways you can make your data more secure

Screenshot 2021-02-26 at 1.51.22 AM.png
High-profile hacking cases in recent years have made some people nervous about storing their data in the cloud. But in nearly every case, it’s not as simple as the cloud being the problem. Often it's the way the cloud is used that causes issues. Here are five ways you can increase the security of your data:

  1. Make sure your passwords are secure
    Many people use passwords that aren't secure. They might use their pet's name combined with their date of birth, or their child's name spelled backwards. Or they might use other combinations that seem clever but are actually easy to guess.

    Short passwords can be cracked by brute force, by giving a computer a word list and letting it try combinations of words. Longer passwords are harder to crack – but also harder to remember.

    This is a widely-debated area of computer security. It's worth doing a web search for ‘correct horse battery staple’ for some interesting information. In the meantime, remember to keep your passwords long, as random as possible, and unrelated to your own life. Use a different password for each cloud application. If you want something more secure than a password, you might want to use a passphrase instead. Passphrases are typically about 20 to 30 characters long and usually harder to crack than passwords. While these need to be meaningful, try not to use your birth date or username.

    You can use password manager software to help you remember multiple logins and to generate strong passwords. You only need to remember one password to access the manager, which securely stores all of your other usernames and passwords for you.

  2. Use multi-factor authentication
    In addition to requiring a username and password to log in, some software solutions offer multi-factor authentication. This type of solution is also referred to as two-factor authentication, two-step authentication or two-step verification, depending on the approach used. Multi-factor authentication places an additional layer of security on your login. This means that in addition to your standard login, you're required to provide another factor to authenticate your identity. This could be a unique code generated by a separate application, service or device, or something unique to you – like your fingerprint or voice. This reduces the risk of your account being accessed if your password is compromised.

  3. Take advantage of login and online activity monitoring
    Some cloud applications provide additional information about how their system is being used. Review the additional security services they provide and take advantage of them – every precaution you take makes a difference. For example, some online services display details of when you last logged in to their service. If you notice this is incorrect, or from a suspicious location, then raise it with the appropriate party. Remember: tools like this are provided as a service – they're there for you to use.

  4. Use anti-malware (also known as anti-virus software)

    Malware (short for malicious software) can get onto your computer, laptop, tablet or smartphone and do something malicious like stealing your data. It usually means that the user of the device has clicked on a link or attachment in an email, or visited a website that’s not secure. If there’s a link or attachment that you don’t know or trust then don’t click on it.

    Once malware is on your machine, it might log your user ID, password or credit card information and send it to a hacker. Or it might quietly take over your computer and use it to attack other machines.

    Malware is designed to be hidden, so you're not likely to notice it by chance. Make sure you use anti-malware on your phone, laptop, desktop and tablet. And always ensure that your anti-malware and any other software you have is kept up to date.

    Make sure you get your anti-malware from a reputable source. This is because often what can look like genuine software, is actually malware in disguise. If in doubt, run virustotal.com as a preliminary check. Malware is one of the easiest ways for hackers to get access to your device, so it's important to take this seriously.

  5. Be aware of phishing or other hacking methods

    Hacking can happen through people, not just computers. For example, imagine a phone call: "Hello, it's Mary from IT support. We're upgrading your software but it looks like your password has changed since last time and we can't get in to do the upgrade. What's your new password?" This is type of hacking attempt is called social engineering.

    Another method of hacking is called ‘phishing’ and this happens by email. Often the email will contain links that the hacker wants you to click on. Without training, your staff might give away vital security information via phone or email.

In any of these cases, the cloud isn't the problem. The same attacks could be carried out on data stored in-house. In fact the risk would be even greater, because burglary or theft could also be issues. It's easier to steal a USB stick or a laptop full of data than it is to steal information in the cloud. The problem is usually in the way the technology is used.
Screenshot 2021-02-26 at 1.53.33 AM.png
Train your staff about online safety and good security practices

You wouldn't let your staff drive a forklift truck or work in sales without proper training. The same should be true of computer equipment and software.

Whether your business uses a smartphone, laptop, desktop or tablet, staff should be trained in data security best practices. They should also be taught how to choose secure passwords and identify phishing scams.

A full data security policy is beyond the scope of this guide, but it's something every business needs. There are online resources that can help you draft one, and plenty of security companies can advise you too. Remember, an unsecured computer is an open door into your vital business data. Make sure all the doors are locked.

Screenshot 2021-02-26 at 1.54.53 AM.png

Cloud security is all about your attitude

Cloud data storage can be more secure than storing data on your own business premises. There's less risk of loss or theft, more flexibility and the ability to recover quickly from a disaster.

But nothing can be perfectly secure on its own. The way you use something affects its security. For example, you wouldn't leave your car unlocked in the middle of a town at night. Make sure you take cloud security seriously by:

  • using sensible passwords
  • protecting your computing devices against malware
  • training your staff to identify risks and phishing attacks
  • having a sensible data security and privacy policy
  • complying with all laws about data storage in your area.

Remember, nothing is ever 100 percent secure, so you need to take the right precautions to protect your data. If you follow the steps in this guide, you’ll be well on your way to making your data safer in the cloud.


Source : Xero