Dear Security Cat,
I spend a lot of time creating strong, unique passwords for every account I have. I even try to update them regularly. But with all these massive data breaches stealing my info, what’s the point? Am I just wasting my time?
-Frustrated in Philadelphia, PA
Indeed, our efforts as Human Firewalls are being undermined thanks to the likes of Equifax and Yahoo. It does make you wonder if personal security practices, like complex passwords, are just a waste of time. But a major corporation’s major security fail is no excuse for us to lower our security standards as individuals, especially when it comes to passwords. Here are three reasons why personal security is more important than ever:
Because unique, complex passwords are the first line of defense.
There have been a lot of words spilled on the importance of strong, unique passwords on this blog and many others. Why? Because our personal accounts can easily be infiltrated if we use weak and common passwords.
For example, if someone cracks a database of account credentials (glares at Yahoo), they will leverage those credentials against multitudes of other accounts hoping to find a match. If they find a match, such as if you used the same password for your email, Facebook, and bank account, suddenly the damage to you as an individual gets much worse.
For that matter, unique passwords aren’t enough. You should also implement multi-factor authentication, or MFA (sometimes referred to as 2FA) to further strengthen your security stance. MFA requires someone to have two passcodes in order to access an account. Usually, this second factor is a pin sent via SMS or separate email.
Not sure if your passwords are strong? Check out this flowchart! (which can be downloaded for free here)
Because cybercriminals have no bias.
The attitude of “well, criminals are just going to hack a major database and steal my info, so I’m screwed anyway” is a terrible way to think about security. You might as well click on every link sent in every email and go ahead send that payment to Nigeria.
It’s easy to forget that attackers and social engineers have no bias. Meaning, they don’t care who you are, what you do, where you work; if you have something worth stealing (and you do) they will come after you. A major corporation making a big mistake is no excuse for you to make the same big mistake. If anything, it’s a wake-up call that demonstrates how humans are vulnerable even when top security measures are in place. In short, we encourage you to be the anti-Equifax.
And while you’re at it, be a leader. If you’re a parent, set an example for your kids and teach them the importance of personal security at an early age. If you’re an educator, stoke the conversation in your classroom whenever possible. At work, be the strong Human Firewall that goes above and beyond your organization’s expectations. If we all embrace our roles in the battle against cybercrime, fewer data breaches will occur in the future!
Because a proactive approach is the best way to protect yourself.
By implementing the resources available to you, such as password managers, antivirus/malware software, VPNs, and multi-factor authentication, you establish a perimeter defense that cybercriminals will struggle to penetrate.
This is especially true when it comes to identity theft, which is one of the biggest concerns associated with massive data breaches. There are simple steps we can all take to protect our identities and those of our families, like placing fraud alerts on credit, freezing the credit of our children, filing tax returns as soon as possible, and simply thinking before clicking.
For more information on how to prevent ID theft, read this: https://www.thesecurityawarenesscompany.com/2017/03/23/five-ways-prevent-identity-theft/
And here are more resources for prevent, reporting and recovering from ID theft:
Contact info for major credit agencies:
- Equifax Fraud Department – 1-800-525-6285
- Experian Fraud Department – 1-888-397-3742
- TransUnion Fraud Department – 1-800-680-7289
- Callcredit Information Group – +0113 388 4300
- CreditInfo Group – +354 550 9600
(For more international, check out https://en.wikipedia.org/wiki/Credit_bureau)
Report ID theft and get a recovery plan here: https://www.identitytheft.gov/
Credit Freeze FAQs: https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
What to do if your driver’s license is lost or stolen: http://www.dmv.org/articles/9-urgent-must-dos-if-you-lose-your-drivers-license/
The bottom line is, data breaches are going to occur. It’s an unfortunate side effect of living in a connected world. But that’s no excuse to be lax on personal security. If anything, it highlights how important it is for every single one of us to step up security efforts, both personally and professionally!
Latest posts by Justin Bonnema (see all)
- How Do I Keep My Grandparents Safe Online? - October 19, 2017
- With All These Major Data Breaches Do Passwords Even Matter? - October 12, 2017
- What Should I Do if I’m a Victim of a Data Breach? - October 5, 2017