Many of us deal with sensitive information on a daily basis. Whether that’s financial accounts, healthcare records, social security numbers, or trade secrets (to name a few), it’s imperative that we take precautions to safeguard this data as best we can. I’m going to share a few free or low-cost options that can better accomplish this.
1. Secure Your Smartphone
A lot of damage could be done if your phone falls into the wrong hands. I’d guess that a majority of us have our e-mail accounts configured on our phones in addition to a decent list of contacts. It would be easy enough for someone to impersonate you by sending a text message or e-mail, potentially gaining access to sensitive information. Minimally, you should make sure your phone is protected with a PIN or password. This should buy you enough time to change passwords and/or let people know that your phone has been lost. A better option would be to enable a Remote Wipe utility on your phone, that allows you to factory reset your phone and wipe away any important data. This article offers a good smartphone protection synopsis.
2. Encrypt Your Hard Drive
If you use a laptop for work purposes, I strongly suggest that you encrypt your hard drive. It’s a lot simpler to accomplish than it sounds and it provides a great peace of mind for you, your company, and, potentially, your customers. Why take the chance that your sensitive data could be compromised so easily? The EFF outlines a few different encryption options.
3. Don’t Overreact to E-mails
Phishers and scammers love to prey on your emotions. A popular ploy is to send an e-mail claiming that there has been a security breach and that you need to verify your current credentials and then change your current password. Often, this e-mail will include a link to a fake site that asks for authentication. If you’re not careful and react too quickly to a scam such as this, your entire network could be compromised. It’s best to take a second and ask around first and/or call your security personnel directly and verify the e-mail.
4. Use a Password Manager
Ahh, password security. You know the drill. Create a secure password, usually with a mix of symbols, upper and lower case letters, and numbers. Oh, and don’t re-use passwords. Oh, and change your password for every account every X days. Make it easy on yourself, and ensure that you’re taking proper precautions to safeguard all of your accounts in the event that one of them gets compromised. An easy way to manage this is to install a password management utility. Most of them work the same way; create one ultra-secure passphrase that opens the utility, then copy and paste the specific password for the account you’re accessing. Once again, this sounds more complicated than it is in practice.
5. Enable 2-Factor Authentication for Gmail
If you have a Gmail account that you use for e-mail, consider enabling 2-factor authentication. It’s a free option that Google provides that allows you to add an additional layer of security to your account. In addition to username and password, you’ll be sent an additional token code (by voice or text message) that you’ll have to enter to verify your identity. If you’d prefer to not enter a token every time you authenticate, there’s an option to designate trusted computers instead. Google outlines their 2-factor authentication options on their support site.