By Shane Cummings, CFP®, AIF®, Wealth Advisor & Director of Technology/Cybersecurity at Halbert Hargrove
Cybersecurity has been a growing concern for a long time. But since the outbreak of COVID-19 and the disruption to working environments and daily life, cyber threats have become even more serious. Hackers and identify thieves have shifted their tactics to target people working from home.
The vulnerability: Home offices may not have as many safeguards in place – and in general, many people are overwhelmed with juggling issues and may not be as watchful for possible scams. I’m writing to remind you about critical best practices you should be observing to keep yourself, your family and your workplace safe throughout the COVID crisis – and of course, beyond.
Here’s my shortlist of six key practices that are must-have safeguards:
1.) Multifactor authentication: If you haven’t made this a part of all your digital accounts, don’t put it off!
Your digital accounts must be adequately safeguarded. Whenever available, you should be implementing dual factor or multifactor authentication (2FA). 2FA requires a second form of authentication beyond just your user name and password. This may be a temporary text message code or a code from an authenticator application. Using 2FA vastly decreases the odds of your account being hacked; it goes a long way in hardening your accounts from being highjacked.
If your accounts are compromised, hackers might be able to withdraw funds from your bank account(s), or compromise security through a work account. Some financial institutions like Fidelity and Schwab are beginning to offer voice based security authentication as well upon request.
2.) Password manager: Sorry, your dog’s name just doesn’t cut it
Using a password management system (like LastPass, Dashlane or iCloud Keychain) allows you to create unique and complex passwords for each web account you have. These systems make it easy to retrieve them to login on your computer or mobile devices. They’ll also create random and complex passwords for you so you don’t have to come up with them on your own. Some password managers will also inform you if they detect that one of your accounts has been compromised and requires immediate attention. When combined with multifactor authentication, this makes your accounts very difficult to crack.
3.) Protect your mobile devices: Keep those security updates current
Mobile devices like iPhones and iPads are pretty secure – but you still need to keep them up to date by applying the most recent security updates. If these are not downloaded and installed, your device could be vulnerable to newer security issues. If possible, the easiest method is to let your device install new updates automatically when they become available, so you don’t need to think about it.
If your mobile device is older, the manufacturers may stop creating security updates for it – in that event, it may be time to consider upgrading your phone or tablet. Hackers will be targeting old devices that are no longer protected.
Also, take a moment to familiarize yourself with your device’s privacy features. For an Android device or iPhone, use privacy settings to reduce data that’s made available to applications that you don’t need to share. For example, your phone might be sharing your location with applications that don’t need it – this can be turned off by locating the appropriate settings.
4.) Social media privacy: Review and reconsider who needs to know and see your private information
Identity thieves are increasingly using social media to find sensitive info they can use against potential victims. It’s important to take charge of your security settings on any social media accounts to prevent information from being shared that could be used to impersonate you.
For example, on Facebook, if your posts and information are shared publicly, you should strongly consider limiting access to friends only. If you’ve posted on Facebook about an upcoming vacation, identity thieves can know when you’re out of town and use that opportunity to their advantage. Your smartphone might stamp your location data onto photos you take, and that data may inadvertently be shared on social media if you don’t take action to prevent it. Also, pay attention to what types of photos you post publicly to social media. Someone could use that to determine where you live – or if you have valuable possessions.
5.) Antivirus software: Take a moment to make sure adequate protections are in place
Make sure you have antivirus and spam filtering software for your computer and devices. Windows computers using Windows 10 offer free built-in antivirus tools. Premium antivirus software add-ons typically also include email filtering, cloud-based protection, and anti-malware and anti-spam tools. Also, you should confirm that the antivirus tools are configured to download and apply updates automatically so they’re able to catch the most recent threats.
6.) Managing Wi-Fi security at home: How old is your router?
If your wireless router is more than four or five years old, chances are it’s an older system that doesn’t have modern security features. Newer Wi-Fi systems offer intuitive smartphone apps to manage them and apply security updates. Many also include built-in spam and malware filtering that will help protect all the devices at home that connect to it (smart TVs, computers, tablets, phones, etc.).
Your system should also enable you to set up guest Wi-Fi networks. That way, you don’t have to share your password with guests – and prevent unwanted devices from getting onto your network. Additionally, when working from home, keeping work devices on a different Wi-Fi network than other devices can add to security. Consider investing in and setting up a new system to better manage who is accessing your home network and keeping it safe.
How do you balance having the life you want to enjoy today with what you’re going to need in the future? Are you doing what it takes to enter your dream retirement? TAKE OUR QUIZ to find out.
