Cybersecurity Hygiene – Seminar Follow Up

Will MullinNovember 15, 2018


We recently held a client seminar on Cybersecurity, and I left the building that night thinking about all the good ideas that were presented. However, I kept wondering if we had made the program easy enough for people to understand. Did we give them tools to make a change. Or, was it more like an episode of The Big Bang Theory where we watch Sheldon try to educate Penny on the Universe and black holes.  Sometimes information is so overwhelming and foreign you don’t know where to start.

Our speaker, Elad Yoran, a 20-year-plus cybersecurity veteran, retired military officer and a former member of the FBI IT Advisory Council, shared with the audience:  Elad’s Rules for Better Cybersecurity Hygiene.  Elad’s rules really represent things each and every one of us can do to protect our data, privacy and technology on a daily and weekly basis.  He stressed that we must adapt our behavior in this new and changing world.  I could not agree more. Cyber hygiene is about training ourselves to think proactively about our cybersecurity, just like we do our daily personal hygiene, to resist cyber threats and online security issues.  

I thought I would take a couple of Elad’s suggestions and offer a starting point, application or web site to learn more and have a place to begin.

  • Long, Complex or Unique Passwords: Try something like:  My1stdogwasgreat!    
  • We also talked about using a password application to store our passwords. Some free ones are: Lastpass: lastpass.com or Dashlane: dashlane.com
  • 2FA/MFA Two-factor authentication or Multifactor Authentication.  Both are methods of confirming a user’s identity using a combination of at least two different factors such as something they know (answering a question), something they have (a PIN), a fingerprint, or a random generated number from an app known to both systems.   A lot of these are already on devices we own; we must turn them on.  Immediately go to your laptop, smartphone or tablet and add a password and/or fingerprint.  They are most likely found in the settings tab. 
  • Patch and Update regularly/automatically: Almost every smart phone will send you a note saying there is a new update ready for your phone.  You can even update overnight while sleeping.  For Microsoft office, you can click on the Microsoft tab and go to windows where there is an update tab.  These companies work very hard to make sure that they are staying ahead of problems and hackers; it is your job to use the tools they have put in place. 
  • Back up Regularly. If any of you know my wife, you know that she loves to take pictures.  Her biggest fear was that we would lose them if something happened to her phone or computer.  We decided to take two steps, to ensure this would never happen.  We purchased a Terabyte drive (this is a lot of space) that connects to our home computer, and once a week we have a scheduled back up from the computer.  We also went to the apple store and had a technician set us up with iCloud backup storage that backs up our phones every day.  (There is a free service, but I think we had a lot of data, so it cost us .99 per phone. The whole process took less the 20 minutes in the apple store)
  • Encrypt everything. Do not send an email with any important information on it without encrypting it.  (Such information would include:  SS#’s, DOB, account numbers, phone numbers, passwords and PINS, Id#’s for work or school).  You should also avoid using your name as your email address as it gives away unnecessary information. Here is a link to an article that walks you through encrypting email for people that use (Gmail, outlook, IOS, OSX, Android or webmail)  
  • Disable old accounts and devices: If you are not using it anymore, don’t just leave the account open.  Shut it down.  Get on the company’s web site and close the account.  If you have an old iPhone, computer or another electronic device, you should do a factory reset.  You can find this under most phone setting options.  After you complete a factory reset, you can safely drop the device off at an electronics recycling day in your local community.
  • Similarly get in the habit of regularly clearing out data that you don’t need and make sure to wipe it clean from your hard drive.

At HFA, we take your privacy, confidentiality and data security very seriously.  We perform due diligence on our technology partners to ensure they are utilizing secure channels to store and maintain your data. We are confident that the companies we work with are spending a lot of time, effort and money to keep your data safe and secure. We have links to several of our technology partners online data security policies here.  Please let us know if you have any further questions around these.

Finally, cyber security starts and ends with the user. Yet the most effective way to be successful is to consider it to be a good habit – a part of your everyday routine.  The same way we make a practice of locking our cars and homes every day, we must take identical measures to protect our data and privacy.  If you have more questions about this topic please contact us at 610-651-2777, we are happy to help.

If you would like to view Elad’s full presentation that he shared during our October seminar, please click here.  Thank you!