CPINetworks

by

6 Ways Your Business Could Get Hacked

The following article was written by Myki and originally published on the Seedstars World blog.

Protecting your business from burglars can be as simple as installing a few security cameras and locking the doors every night before heading home.

Hackers, however, tend to be much more creative. As technology continues to evolve and businesses become more aware of the importance of protecting their valuable private data, hackers continue to figure out new and deceptive ways to bypass security measures.

This is why it’s crucial for you and your team members to familiarize yourselves with the various tricks and tactics hackers and cybercriminals have up their sleeves in order to avoid falling victim to them.

Here are just 6 of the ways that your business might get hacked.

1- Credential Stuffing

Credential stuffing works under the assumption that many people use the same password for multiple accounts, which is unfortunately very true.

Suppose a social media site your business uses gets breached, and a hacker obtains your account’s credentials. The hacker might then take those credentials and try using them in some other places around the web, hoping that they work there as well.

If you do use the same password everywhere, this one set of leaked credentials would have effectively given a hacker immediate access to pretty much all your other accounts.

2- Phishing

Cybercriminals send out phishing emails en masse, hoping to trick people into clicking on a shady link or downloading some malicious software (also known as malware).

Suppose one of your team members receives an email which claims to be from “Google”, informing them that their account is at risk and that they need to follow a certain link for instructions on how to fix this issue. The link might take them to a very convincing-looking page which asks them to provide their email address and password.

As you’ve probably guessed, that isn’t actually an email from Google, and that Google login page isn’t the real deal. It’s a direct line to a clever hacker, patiently waiting for anyone gullible enough to willingly send them their private credentials.

3- Spear Phishing

Spear phishing is a much more sophisticated form of phishing where a hacker specifically targets one particular person or organization.

Suppose you receive an email from your longtime team member, Jim. He starts his email with a friendly “Hiya”, like always, and asks if you can send him the credentials for one of your shared work accounts because he forgot them. You’re mildly annoyed but quickly reply to Jim with the password in question so you can carry on with your work.

In reality, “Jim” was a hacker who did a bit of research on the real Jim, in order to convincingly mimic his writing style, and used email spoofing to make it look like the email you received wasn’t from some suspicious unfamiliar email address, but from your trusted coworker.

4- Keylogger

keylogger is a piece of malware that secretly records everything you type on your keyboard and relays it directly to a third party, allowing them to monitor everything you type.

Suppose one of your team members falls for a particularly convincing phishing email and downloads its nasty attachment. If that attachment is a keylogger, then they’ve just given one particularly lucky hacker a window into some very private information.

Since a keylogger records everything you type, it’s not just your passwords that would be relayed to them. Your team member could inadvertently be sharing all kinds of sensitive information about your business, and even personal information, all without realizing it.

5- Ransomware

Ransomware is a form of malware designed to remotely encrypt your files and lock you out of them. As the name suggests, the only way to get all your data back is by paying an often hefty ransom.

Suppose you download an innocuous looking email attachment one night, after which you shut down your computer and head home. The next morning, you log back on, only to be greeted by a popup window informing you that your files have been encrypted, and that you must pay $1000 worth of Bitcoin to regain access to them.

Compared to someone stealing your passwords, this sounds like something straight out of an action thriller. But it’s much more common than you might think. Ransomware has affected all types of businesses and institutions, including shipping companies and hospitals, and even entire cities like Baltimore.

6- Insider Threats

As hard as it might be to believe, sometimes the risks can come from within. An insider threat is defined as a malicious threat to an organization that comes from people within the organization, such as employees, former employees, etc.

The keyword here is “access”. Suppose one of your team members leaves your business on less than favorable terms, but one day they realize that they still have access to all their work accounts and decide to have some sinister fun. Or suppose one of your junior team members accidentally leaks some private information they were never meant to have access to in the first place.

Human error and malicious behavior are often difficult to predict, which makes this one of the toughest security risks to prevent.

Use the right tools

When it comes to protecting your team and your business against these kinds of threats, two of the best tools would have to be: common sense and a password manager.

It’s not exactly a good idea to reuse the same password for all your accounts, but with a password manager, you’ll be able to quickly and easily set strong and unique passwords for each of your accounts and quickly change any of them in case of a data breach.

Be sure to carefully scrutinize any suspicious emails you receive, though it also wouldn’t hurt to use a password manager to set up two-factor authentication, adding an extra layer of security to an account in case its password falls into the wrong hands.

Unfortunately, common sense can’t autofill your passwords for you, but a password manager absolutely can, thwarting any keyloggers that may be monitoring your keystrokes.

Another thing common sense can’t do for you is to make sure none of your ex-team members tries to wreak havoc after they’ve left the company, unlike a password manager, which gives you control over what data each of your team members has access to, current or former.

Use common sense. Use a Team password manager.

To get your team setup with MYKI password manager, call us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

 

by

How MYKI Respects Your Privacy

The following is a reprint from MYKI:

Privacy was one of the biggest issues of the last decade in tech.

From Cambridge Analytica to Siri and Alexa, people have become more aware and concerned with what data is being collected about them and how that data is being used.

Privacy has been our priority from the start, so we thought we’d take this opportunity to remind you about exactly how MYKI handles privacy and the data it collects from you.

No cloud, no problem

First and foremost, MYKI does not have access to any of the data you store in it, which includes passwords, 2FAs, payment card details, secure notes, and anything else you choose to save in MYKI.

Any data you add to MYKI is stored locally on your device and synced P2P across your other

MYKI-enabled devices (desktop, tablet, Apple Watch, etc.). This means that none of your data gets stored on any servers, and is always far out of the reach of hackers and cybercriminals. We ourselves can’t access it either, even if we wanted to.

Only the essentials

Another way MYKI respects the privacy of its users is by only requesting a limited amount of personal information. When creating a MYKI account, all that a user is asked to provide is their phone number.

You are not required to disclose your name, email address, or any other private information. Phone numbers are only collected to allow users to restore their data to a new device and are stored on our servers in a hashed format.

The choice is yours

We also believe in giving our users a choice. Like most apps, MYKI does collect data on how users interact with the app to better understand how we can improve the user experience. However, users are free to opt-out of this by navigating to the Anonymous Data page, located within the Privacy Center section.

It’s also worth noting that MYKI does not record any browsing data, keystrokes, or mouse movements, and does not store any account metadata.

To learn how MYKI handles privacy, visit the Privacy section of the MYKI website.

To learn more about MYKI or to have a MYKI password management account setup for your business, call us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

More Than 15 Billion Passwords are Circulating on the Dark Web

The following is reprinted from MYKI:

By now, we’re all aware that the Dark Web is full of stolen passwords, but new data revealing how many there actually are floating around on there should be a wakeup call.

Over the course of two and a half years, researchers at Digital Shadows have been investigating how cybercriminals go about taking over online accounts to sell access to them. As it turns out, it’s never been easier for them.

Billions and billions of passwords

According to the recently published findings, there are more than 15 billion credentials in circulation on the Dark Web, up by 300% since 2018 and coming from 100,000+ discrete breaches.

The bulk of these credentials belong to consumer accounts, some of which are just given away for free. The fact that these breached accounts are shared so frequently indicates that the users they belong to are not even aware that they’ve been hacked, otherwise they would have already changed their passwords.

Out of all those billions of usernames and passwords floating around on the Dark Web, only 5 billion were found to be “unique” and not have repeated credential pairs. In other words, only 5 billion of those passwords weren’t reused across multiple accounts.

These unique accounts with passwords that can’t easily be guessed are where the money’s at. Bank login credentials were found to sell for the highest value, at an average price of $70.91, while credentials for antivirus software accounts came in second at $21.67.

The password problem

All these account takeovers are only possible thanks to a handful of bad password habits that a lot of people out there just can’t seem to kick.

Setting weak passwords for accounts and reusing the same password across multiple accounts make it easy for a cybercriminal to figure out these passwords via brute force or credential stuffing attacks.

In some cases, the passwords people could have already been strong and unique, but got compromised in a data breach and were never changed afterwards.

The password solution

The best and easiest way to ensure that you’re practicing good password hygiene is by using a password manager.

The MYKI password manager and authenticator allows you to generate strong and unique passwords for each of your online accounts and securely store them on your own devices. You can also use MYKI’s free Was I Hacked? tool to check if any of your accounts have been compromised in any data breaches and give them new passwords.

Contact CPI Networks today to get your MYKI password management account and start taking control of your digital identity. Call CPI Networks today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

 

by
myki-don't store password to your browser

Why You Shouldn’t Let Your Web Browser Store Your Passwords

myki-don't store password to your browserThe following is a reprint from MYKI:

When it comes to creating and storing passwords, a web browser just can’t compete with a password manager.

Although most web browsers offer you the options to remember, autofill, and even generate passwords for you, you may want to consider letting a dedicated password manager handle all that for you instead. Here are just a few good reasons why.

Identifying Bad Passwords

If you tell a web browser to remember your account passwords for you, it will do just that, regardless of what those passwords are. A password manager, on the other hand, will actually  let you know if any of the passwords you’re using are weak or reused. That’s exactly what MYKI’s Security Dashboard feature is designed for.

Generating Strong Passwords

When creating a new account, your web browser will suggest a strong and complex password you can use instead of having to come up with one yourself. But while a web browser will just present you with a suggestion, a password manager like MYKI allows you to customize these strong passwords and select the number of characters used and whether the password includes numbers, uppercase letters, lowercase letters, or special characters.

Not Limited to One Browser

We’d all like to stick to one browser, but sometimes you just need to switch over to something different. For those who use their web browsers to store all their passwords, that means constantly having to export and import their passwords every time they make the move to a different browser. If you use a password manager like MYKI, all you need to do is install the MYKI browser extension that corresponds to your current browser to get immediate access to all your passwords, no matter what browser you’re using.

More Than Just Passwords

It’s true that web browsers can store your passwords for you, but that’s as much as they can do in most cases. Don’t let the name fool you: most password managers allow you to store a lot more than just passwords. With MYKI, you can store not only passwords, but 2FA secrets, payment card information, and much more.

When it comes to protecting your digital identity, there’s just no substitute for a good password manager like MYKI to prevent Phishing attacks.

Ask CPI Networks to set you up with a password management account. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Are Your Passwords Compromised?

News of a big brand suffering a data breach is all too common today. But if you don’t get an email from such a company, you could mistakenly be thinking it doesn’t affect you.

The thing is, large breaches are happening all the time. Cybercriminals then put access credentials online, and other bad actors buy and exploit those email addresses, usernames, passwords, etc.

Why do the bad guys care to buy these member details? Presumably, the victims of the breach quickly change their passwords to prevent security vulnerabilities. So, what good does that info do?

Take a moment to think about how many unique passwords you actually have. Many of us have dozens of different online accounts but only a handful of distinct passwords. That means a hacker can take that stolen data from, say, LinkedIn and try the same password on your banking site.

Cybercriminals have the capacity to keep on trying. They will take one stolen password and use that data to try and hit other accounts in a massive, brute-force effort.

What can you do about it?

Stop using the same passwords over and over again. Yes, unique passwords for every account are difficult to remember, but they are critical.

One solution is to use a password manager. Many browsers have a pop-up window offering to remember a password for a particular site. If you say “yes,” the browser automatically populates access credentials on your return to the site.

If you use Google Chrome, you can also check if your passwords have been compromised. Google Safety Check compares your saved usernames and passwords against over 4 billion compromised credentials.

To check for leaked passwords, head to “Settings” in the Chrome browser, then navigate to “Safety Check” and “Check Now.” You’ll get a report that identifies any compromised passwords, and allows you to review and fix leaks.

MacOS users will be happy to hear that Safari added similar functionality in its latest release, and Mozilla’s Firefox browser also has password checking built in.

Strengthen your passwords

Creating a strong password is challenging; almost as difficult as remembering all your different passwords. You’re aiming to come up with something a human or computer can’t guess!

Different sites will have different parameters. You need a combination of uppercase and lowercase letters, numbers, and special characters. Having a different mix of these helps make the password more difficult to crack. And the longer the better; That’s why passwords a browser suggests to you look like a string of gibberish.

Pay attention also to warnings from the site requiring your credentials. If they say your password is weak, believe them. Safari and Chrome suggest stronger passwords when you create a new account.

Change your passwords immediately if you are advised to do so. Password management tools are continuously improving, but there is still the human element, and that’s often the weakest link. If you don’t practice healthy password hygiene, hackers are ready to take advantage of your ambivalence.

Need help checking your passwords and setting up a password manager for your business? Our IT experts can help. Contact us today at at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Ring in the New Year with New IT

For many of us, 2021 can’t come soon enough, and we’re hoping next year will be a better one. One way to get the best start in the new year? Take the time now to review business technology. There are several areas that you might improve to support 2021 success.

First, look at your website. In this digital age, your business website is your calling card to the world. It is where your prospects and customers will go to learn more and buy your product or service. Yet many business websites are at least a few years old. That won’t do these days. Whether you’re a B2B or B2C, your buyers are making a decision about your brand based on your website. If your website looks a decade old, they’re going to doubt you’re on top of your game.

When reviewing your website, priorities should be:

  • ease of site navigation – people have a low tolerance searching for information online;
  • mobile responsiveness – depending on industry, more than 60% of website visits are from mobile devices;
  • call to action – you’re making it clear what you want people to do on your site;
  • visual appeal – if it doesn’t look good, your credibility will be damaged;
  • search engine optimization – are you doing all you can to get people to your site?
  • security – customers care more and more about data security and privacy.

Updates in the Office Environment Of course, there are still people who will pick up a phone and call a business. Traditional phone systems are the reliable business workhorse. But settling for a plain old phone system could mean you’re missing out on a lot. Modern digital phone systems offer you access to a wide range of useful features. With a voice over Internet protocol (VoIP) phone system, businesses of any size can get enterprise-level features. These include:

Updates in the Office Environment

Of course, there are still people who will pick up a phone and call a business. Traditional phone systems are the reliable business workhorse. But settling for a plain old phone system could mean you’re missing out on a lot. Modern digital phone systems offer you access to a wide range of useful features. With a voice over Internet protocol (VoIP) phone system, businesses of any size can get enterprise-level features. These include:

  • interactive voice response (IVR) systems (e.g. “Press 1 to speak to sales, 2 to speak to tech support… etc.”;
  • call queuing that helps distribute incoming calls to the right party;
  • call recording that helps you track compliance, and provides training and sales script intel;
  • local phone numbers, free in-network calling, and consistent international-rate plans.

Also in the office, there may still be employees signing in to desktop workstations running Windows 7. This operating system reached “end of life” on January 14, 2020. That means Microsoft is no longer updating the software. Hackers know that, too, so sticking with the old system could make you vulnerable to cyberattack.

COVID-19 prompted businesses that might have been putting off cloud migration to move up their timetable, but some use virtual private networks or other remote access to enable work from home. It doesn’t look like we’ll be back in the office full-time, full-force at the outset of 2021, so this is also a good time to revisit the idea of cloud computing.

Making Your Business Secure in 2021

Start the new year off right with a resolution to make your business IT more secure. This could mean embracing two-factor authentication as an upgrade to password-only authentication.

Encourage employees to change their passwords. Most people have dozens of online accounts but only two or three unique passwords. So, it’s a good idea to require your people to update their passwords regularly. That way, if a site such as LinkedIn suffers a data breach, you aren’t vulnerable because of an employee’s duplicated password.

End-of-year downtime provides an opportunity to review any long-standing IT problems. Evaluate how much time or productivity was lost in 2020 while troubleshooting IT. It’s also a good idea to proactively plan your backup strategy and set up for disaster recovery. That way, if the worst does happen in 2021, you’re ready.

Keep your business secure and up to date with the help of a managed service provider. We’ll make sure you’ve got the best technology for your needs. We manage and monitor your IT tools, too. You stick to what you do best, and our experts will focus on your IT. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Why MSP Support Beats a Break-Fix Approach

Computers break at challenging times. Always. And there’s no worse time than the holiday season. Your employees want to spend time with family and friends, relaxing and reminiscing. They do not want to wait around for a fix or to find a replacement. That’s one reason a managed service provider (MSP) is a good choice year-round.

Many businesses have more work at the end of the year. An employee saddled with a laptop that won’t load necessary business applications is not productive. A wider system problem is even more costly. According to Gartner, “the average cost of network downtime is around $5,600 per minute.” Do you want to lose about $300,000 an hour during your busy season?

Even businesses that close the office for the holiday season have employees trying to get work done before the vacation. A broken computer is not going to help them meet their deadlines.

Relying on the break-fix model of computer care isn’t going to serve you well during the holiday season. Even those companies with a dedicated IT person could struggle when something goes wrong if that individual is already away for the holidays.

At many times of year, you’re patient: you can wait for someone to come in and fix that desktop or deal with the printer that’s acting up. But, if you’re calling a company in sporadically, they have no obligation to be available when you need help. If they’re backed up, you’ll need to try the next option for computer repair that came up in your Google search.

Also, computer help hired at short notice won’t know your particular setup or business needs. Their focus is on getting you up and running now. They won’t weigh short- and long-term approaches that fit your specific objectives.

Prepare for the Worst with MSP Support

Partnering with an MSP gives your business a different experience. For one thing, there is always an IT expert on call to assist you. They have also learned your IT setup and may even have installed your computers in the first place. That means there’s no steep learning curve to figure out a unique system configuration. They can quickly identify the problem and get you back up and running.

Additionally, an MSP will understand your business objectives and your unique technology considerations. For example, they’re not going to suggest you replace a broken laptop with a desktop, not when your people move around to meet clients and brainstorm with colleagues.

Contracting with an MSP, you won’t have to worry about exorbitant fees for computer help during holidays. You’ll pay a fixed monthly fee that offers financial and strategic predictability.

Your MSP partner is also invested in your business success. Knowing you are approaching a peak period, they can prepare your setup to be more resilient. They will also know to scale up cloud computing services when you’re bringing in more people to get the job done. Or, recognizing your business is on a break, they could schedule time-consuming upgrades or integrations for the lull.

At any point in the year, an MSP can also help your business reduce costs. By providing the best technology for your tasks and putting disaster protection in place, an MSP doubles operational efficiency, too.

Sign on with an MSP early, and go into every holiday season knowing there are IT elves on call if you need them. Don’t wait until disaster strikes to start looking for help. Learn more by calling us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

That’s So 2010: Why Upgrade Your Office Software

Are you still using Office 2010? It may have served you well over the past decade, but this software reached its end of life in 2020. It’s time to upgrade. Here’s why and what to consider.

Software has a typical life span, after which the manufacturer turns its resources to supporting a more recent release. Support for Office 2010 ended on October 13, 2020. Microsoft no longer provides tech support, or bug or security fixes. That means there’s no protection from harmful viruses, spyware, or other malicious software. The software won’t be updated, and there’s no more phone or chat support if you run into trouble.

Cybercriminals know that Office 2010 users are on their own. They’re on the lookout for businesses relying on this legacy software. Without updates, you risk opening a document designed to leverage an unpatched exploit.

What can you do?

Move your business computers to one of the more modern Microsoft software offerings. You can choose to upgrade to the latest version of Office as a one-time purchase, or buy a Microsoft 365 subscription to the latest features, security updates, and other improvements.

The currently available version of Office, Office 2019, is available for PC or Mac. You can install Office only on one device, and you’ll get support and fixes during its lifecycle period only. New features aren’t offered.

Tip: Know that Office 2019 came out in September 2018 and is due to be succeeded by Office 2022 in the second half of 2021.

Before deciding to wait until 2021 for the next release, consider Microsoft 365 (MS 365). MS 365 gives you access to Office’s cloud-connected features across devices, plus, 1 TB of OneDrive storage, Office mobile apps, Skype minutes, and access to support.

As new MS 365 features become available, all subscribers get access on a monthly basis. With a business account, the administrator can control when you are able to see them.

Is MS 365 for Us?

You may want to keep everything on-premises for compliance or regulatory reasons, or perhaps you feel better with everything where you can see it. You can upgrade to Microsoft 365 and use offline versions of their software.

Still, for many, MS 365 appeals because it’s on the cloud, or both on-premises and in the cloud. Employees can use familiar tools such as Word or Excel installed on desktops, then save files to the cloud. This makes work available anywhere, from mobile phones, tablets, laptops, and other devices.

Microsoft 365 also adds in Teams. Enjoy video conferencing, screen sharing, group chat, calling and Teams collaboration software.

Then, you always have the latest version of Office, Exchange, SharePoint, and Skype. Your subscription sets you up with the latest version without the need for a major migration.

MS 365 comes in several different business packages. The Basic version provides free Web and Mobile only, along with Exchange, OneDrive, SharePoint, and Teams. If you don’t need those four services, save money using the free, web-only Office 365 Online version.

Ignoring Office 2010’s end date could be costly. Don’t risk a disaster. Upgrade your old-school Office software today.

If upgrading seems overwhelming, our IT experts can take it on. A managed service provider can suggest the best software for your business needs and set it up, too. Let us help! Call us now at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Facing the Five Top Cloud Computing Fears

The public cloud service market is growing. Software, infrastructure, desktop, and other service numbers are all on the rise. Yet some businesses are still holding back from migrating to the cloud. This article addresses common resistance to this highly scalable and cost-effective solution.

#1 Fear of Losing Control

“I want full responsibility for my IT.” Moving to the public cloud means partnering with a vendor. Some of your existing technology can move as is, whereas other tools your people rely on may need replacement or redesign.

One solution is to migrate to a private cloud. This allows you to continue to control the data environment but will be a more costly solution than a public alternative. When partnering with a public cloud service provider, establish clear responsibilities. Ensure you’re both on the same page about who is accountable for what.

#2 Fear of Change

“If it ain’t broke, why fix it,” especially when it comes to business computing, right? Transitioning from one datacenter to another requires preparation and effort.

Yet the resulting greater flexibility makes the work worthwhile. Cloud migration is appealing because the technology offers, among other things:

  • scalability;
  • increased effectiveness;
  • faster implementation;
  • mobility;
  • disaster recovery.

The cloud allows you to store data, run applications, deliver content, and more – all online. Your business doesn’t have to invest in the hardware or networking tech on-site.

#3 Fear for Data Security

Any downtime for a data breach can cost business revenue and brand reputation, and productivity can suffer, too. And that’s only the beginning. So, you don’t want to move to a solution that expands your vulnerability to attack.

There are two ways to get attacked: digital or physical. Working with a cloud provider, you gain a partner focused on security. They know the mitigations and countermeasures for cloud-computing-specific capabilities. They know the frameworks, architectures, and approaches to best protect against digital attack. Microsoft spends $1 billion annually safeguarding Azure, its cloud offering, from cyberattack. Can your IT budget compete?

As for physical security, cloud datacenters are secure facilities: we’re talking guards with keycards, fenced perimeters, power backups, and server redundancy. They have the works. Your office is probably less secure.

#4 Fear for Interoperability Challenges

We’re always told to play nicely with others, but what if existing business technology doesn’t play well with the cloud? Business leaders may fear they’ll be stuck having to reinvent the wheel.

The good news? There have been great strides in interoperability. Many application programming interfaces are available to help. Cloud providers want your business systems to exchange and use information seamlessly.

#5 Fear of Cost Increases

Before giving in to cost concerns, take stock of your current IT operating budget. The time and money you could save may surprise you. For example, the software provider takes charge of updates, patching, and new capabilities, which alone can increase IT’s productivity in other areas.

The scalability of cloud solutions also counterbalances cost concerns. With cloud technology, you know your tools are always evolving. Plus, you can quickly add or reduce licenses or data storage size as needed, because there’s no waiting for hardware to arrive and be provisioned by an overworked IT team.

Conclusion

With cloud migration you also avoid training employees to support the technology. Plus, you’re not paying to use office space, power, and cooling to house the equipment. The cloud also provides end users with immediate access from almost any device.

The one challenge is migrating to the cloud securely. 

Give us a call us today at (416) 645-2469 or (905) 667-0441 or email us to get you migrated swiftly and ensure you’re using cloud computing safely.

Want to be notified when our next blog is posted, sign up here.

by

Disk Encryption Protects Your Personal Computers

Always wanted to feel like a secret agent? Well, here’s your chance! Did you know you can encrypt your hard drive to protect the data on your computer? This is a good way to secure your information, whether at home or on the move with a laptop.

Setting up encryption scrambles your data so that only authorized parties can understand the information. Without the encryption key, anyone trying to read your information would see gibberish.

You’re already using encryption when you visit any “https” website. The lock symbol beside the URL shows that encryption is protecting your connection with the site. You’ll see it when shopping or banking online, and it’s protecting the data in transit.

You can also encrypt the data on your computers.

Password Protection Is Not Enough

Many people at this point have a password for their user account on a home computer or laptop. Some of these passwords are even complicated, although the number-one password people use continues to be “123456” – seriously – followed by “123456789” and “qwerty.”

Regardless of its strength, the logon password doesn’t stop anyone with physical access. You might have your browser remembering usernames and passwords (it’s not a shared computer, right?), and anyone with access can use those pre-populated credentials to access your accounts.

If someone really wants to get to password-protected files on a physical device, they can do so. The attacker might bypass your password by booting your computer up to a new operating system. Or the bad guy might even remove your hard drive and put it into a new computer. All they need is a second computer and a screwdriver!

Full disk encryption protects those files, even if the attacker has physical access and even if your laptop is lost or stolen, your home is burglarized, someone seizes your computers.

Encryption Is Not a Silver Bullet Of course, we need to be clear. Encrypting your hard disk doesn’t make your computer invincible to cyberattackers, although does force them to work a lot harder.

Attackers can also still exploit services running on your computer, such as network file sharing. Plus, encryption doesn’t stop a nefarious agency from spying on your online activity in transit.

Nevertheless, it does beef up your physical security. You can encrypt an external hard drive or your system’s entire hard drive. Then, when you turn the computer on, you’ll need to unlock the disk to boot up your operating system. The computer won’t work until the user supplies the encryption key or passphrase. You can also create multiple unlocking keys if you have several user accounts for that device.

Again, you’re going to want to come up with a strong password. If your key phrase is “password,” (the fourth most common choice in 2019), there’s little point in encryption.

You also don’t want to walk away from your laptop, leaving it open and accessible. You’ll want to set your encryption program to lock again after a certain amount of idle time. Otherwise, you’ll find encryption doesn’t impact your computer’s performance.

Make sure your computers and laptops are always physically secure. With disk encryption, only people you trust can access your data and files.

Ready to set up disk encryption on your home devices? We can help. 

Call us today at (416) 645-2469 or (905) 667-0441 or email us to talk about implementing disk encryption.

Want to be notified when our next blog is posted, sign up here.