Posted on

How to Protect Data Storage from Hacking

How to Protect Data Storage from Hacking

Data protection is more important than ever, but also much harder to achieve. It was fairly simple to previously protect data storage from hacking when it was only saved on-prem and there was limited access. 

Today, data storage and access are more dispersed. Remote employees, cloud storage solutions, BYOD policies, and access via multiple devices from anywhere make data protection seem like an impossible goal.

It’s important to understand that a data breach is a business issue, not just an IT issue. 

To make sure your company and customer data are safe, you will have to protect data storage from hacking attempts. The following data storage safety practices will help you achieve a high level of data security and compliance. 

1. Use strong passwords 

The most common way data storage is hacked are weak or shared passwords. You would ever store thousands of dollars behind a simple “0000” or “12345” password? No.

The data you are trying to protect is worth even more than that, so make sure that anyone with access to it has a strong, complex, and unique password. 

Weak passwords are present in almost every organisation and can cost corporations millions in damages because of data breaches. 

  • To avoid hacking attempts, have a proper password protocol in place. All passwords that provide access to data should have a minimum of 12 characters and shouldn’t be complete words. 
  • Use a combination of upper- and lowercase letters, numbers, and symbols. The password should not have personal meaning – no names, addresses, dates, or anything that can be unearthed on social media.
  • Passwords should also be changed every 6 months.

2. Add Two-Factor Authentication 

Additional authentication protocols should be a standard practice to protect data storage from hacking

In case your first authentication layer – the usernames and passwords – end up in the wrong hands due to a successful phishing attack, the second layer of protection in the form of two-factor authentication (or multi-factor) will keep data safe from outside access. 

The authentication server will prompt the user to input another security code after authenticating their credentials. The code is usually delivered via SMS, or via a phone authenticator app. Some services will also offer the code via phone call if supported. 

3. Include Session Timeouts / Auto Disconnects 

To battle forgotten login sessions that could potentially lead to a data breach because somebody else used the device, incorporate session timeout routines onto your data storage servers. 

These routines will automatically disconnect the user from all inactive sessions. 

For example, if the user accessed your data storage but has been idle for the last 15 minutes, they will be logged out. When they come back, they will be prompted to log back in again. 

This security measure is especially valuable if your staff has access to data storage from shared, remote (and potentially unsafe) locations.   

4. Use encryption for all documents and emails 

Encryption helps protect data storage from hacking because in the event it ever falls into the wrong hands, they won’t be able to read it. 

When you encrypt data, the data is translated into ciphertext that is just a string of random characters. The only way to make it readable again is to turn it back to its original form with the right encryption key. 

The larger the key size, the more computational power is needed to crack it. The rule of thumb is to use encryption services that offer at least 256-bit encryption protocols.  

In order to ensure you have encrypted all sensitive documents, you should use a data protection solution that covers data discovery and sharing. Microsoft’s Azure Information Protection is such a system, and can be used to discover all your data, apply labels that determine how sensitive data is, and then apply rules on data access. The system will find all locations where data is stored and help you migrate it to a safer, centralised location. 

Because such systems also include email encryption, it also helps you keep data safe in case of mishaps. For example, if somebody accidentally sends an email with sensitive data to the wrong recipient, the recipient won’t be able to read the data without first having proper authorisation. 

5. Limit Access to Data Storage

In order to protect data storage from hacking, you have to limit access to data to inside actors too. 

The more people have access to sensitive and classified data, the higher the risk of data falling into the wrong hands. 

Your employees should have access only to data that’s essential to their role in the company. 

In case employees would need to access data occasionally, it’s better to have procedures in place that would authorise access to them temporarily rather than giving them unlimited access. 

6. Use Safe Cloud Storage Solutions 

Cloud storage solutions help you keep your data accessible at all times and is becoming the standard today. With so many employees working from remote locations and accessing data from multiple devices, it’s safe to say that there are many more vectors of attack.  

To protect data storage from hacking but keep it accessible and online, try using a decentralised cloud

It uses blockchain technology to keep data safe and such cloud storage is not controlled by a single entity and data is not stored on a centralised location. Instead, data is spread in tiny fragments across a large global network. When you need to access it, it will be assembled and decrypted as soon as you are authorised (either with an encryption key or password). 

7. Educate Employees

You can invest in the best firewall, anti-spam, and antivirus software, but if your employees don’t know how to spot a potential threat, your attempt to protect data storage from hacking will ultimately fail.  

Everyone in your company, be it the newest members of the team or senior executives, should go through regular education training. Ideally, they should learn about: 

  • The latest threats and risks, and vectors of attack – Suspicious email attachments, phishing attempts, how to stop a spoofed email address, and more. 
  • Best practices when it comes to data security – Teach them about BYOD policies, unsafe public networks, being safe while accessing data from remote locations, etc.
  • How to use new security software you implement – Get them on board with new software solutions and teach them how to use them to avoid slowdowns and disruptions.   

Your data security is only as strong as the weakest link. What’s your weakest link? 

Posted on

How To Create A Secure Password in 2019

You’d be amazed at how easy it is to create a secure password in 2019 and yet so many people don’t! 

Despite the increasing efforts that many websites put into security precautions, it’s a two-way street and users need to catch up and take responsibility too. Weak passwords are still a common way to hack someone, even in 2019.

The National Cyber Security Centre released a list of the most common weak passwords found by analyzing data from 100 million passwords leaked in data breaches. 

The top ten weakest passwords are the following: 

  • 123456
  • 123456789
  • qwerty
  • password
  • 1111111
  • 12345678
  • abc123
  • 1234567
  • password1
  • 12345

Other noteworthy entries near the very top include things like “000000” and “Iloveyou.” The primary spot has been held by “123456” for years now, however. 

A Secure Password in 2019 Should Be Complex, Unique, and Random

The above-mentioned passwords don’t even meet the minimum requirements of what’s considered a safe password nowadays. Today, truly secure passwords will have: 

  • A mix of upper and lowercase letters
  • Numbers
  • Special characters

Don’t think for a second that such passwords are bulletproof. They can also be cracked if you aren’t careful with how you create them. 

Creating a Secure Password in 2019

The following ten tips will help you create a truly secure password in 2019 and avoid the most common mistakes that lead to breaches. 

Avoid simple passwords like the ones on the list above

The fastest way your account will be compromised is by setting a weak password. While it’s bothersome to use all these safety measures like mixing cases and special characters, it’s more irritating to try to cancel credit card payments you never made. 

Don’t use simple to guess data

Avoid putting your name, the names of family members, or even the names of your pets because this is a sure fire way to become compromised in record time. Also, never use your username as a password too. That’s another easy guess. 

Use patterns 

An easy way to recycle a password safely is to switch for a designated number of spaces on the keyboard. For example, if your password was “ThiSisS3cuRe” (This is secure), you can instead use the keys that are one space to the left. Instead of “T” you would use “R” and so on. This will get you what seems like a completely random sequence: “RguSuaA2xzEw.” And yet, you will know how you got it. 

Change passwords regularly

Many people experience a breach because they never change their passwords. Passwords get outdated quickly, and as time goes by, what was once considered complex can now easily be cracked and guessed. 

Some services prompt you to change your password regularly, which is not a bad idea, but many users then choose a simple password to get it over with. That’s a bad practice, and however annoying you might find it, every password change should have a complex password. 

Top Tip: Change your passwords every 6 months and set a reminder on your phone to do it so you don’t forget! 

Use a different password for each account

Never use a master password for all your accounts. That increases risk in case of a breach. Imagine your business email or banking information is suddenly jeopardised because you used the same password as on some random and less secure site. Each account should have its own password. 

Use randomly generated passwords

Google Lock has a password suggestion mode that offers you to create a randomly generated password instead of thinking of one yourself. This is a convenient service, but it can be hard to remember all such passwords without a system behind them.

Don’t write down passwords 

You might find it convenient to write all your passwords on a piece of paper, or in a notepad. Be aware that any type of data that’s not encrypted is not safe. Usually, it’s considered okay for home users to write down passwords on a piece of paper so long as they are kept out of sight (and not taped to the computer!), but never do that at work, or you risk someone using your workstation for malicious intent. 

Find a password manager that suits your needs

If you find it hard to remember all passwords, use a password manager. These are pieces of software that remembers all your passwords so you don’t have to. There are free and paid options available, and some are online, others are offline. Go through reviews to find the best deal for you. 

The point to note here is that you’re storing all of your passwords in one place, so make sure you pick an encrypted system that is extra secure! if you don’t have enough passwords to use a system like this, it’s best to avoid!. 

Use cryptography 

Develop your very own system to encrypt your passwords. One good way to do this is to have a sentence that will remind you of a password. For example, you have a pet cat and wish to base your password off of it. Instead of using your cat’s name mixed with a few numbers, use a sentence such as: 

  • “My cat Garfield loves lasagna.” and then encrypt each part: 
    • My cat Garfield = McG
    • Loves = <3
    • Lasagna = LsgnA
  • So your password will be “McG<3LsgnA”

Use two-factor authentication

Reduce the risk even more and use two-factor authentication in addition to having a strong password. On the off chance that somebody manages to crack your super complex password, two-factor authentication will keep them from doing anything else. 

Such authentication is bound to a token or a phone app that generates a random string of (usually) six numbers that rotate every 60 seconds, which are unique to your account. Without this second step to prove it’s really you, hackers won’t be able to access your account at all. 

Cybersecurity Rests on You Choosing a Secure Password in 2019 

Hackers are finding new ways to get to your data every day. Don’t let your password be the weak link that will give them access to everything else. Want to learn other ways to protect your computer? Check out our latest course here >>> PROTECT YOUR COMPUTER FROM GETTING HACKED COURSE <<<