The news is filled with stories about hackers and data theft. Although they are not to be ignored, hackers can be avoided or thwarted with some common sense. Let’s look at a few of these common-sense steps and some additional ways you can protect your self and site.
Secure Passwords
This is a common warning. Nevertheless, the vast majority of passwords are anything but secure. Studies have found that there are a large number of “default” passwords used. These include tough to guess ones like “password”, “123456”, and “qwerty.”
This password laziness is being combatted by rules applied to a lot of sites. This is where your password is required to include things like upper and lower case letters, a number, and maybe special characters. This is a great way to define all of your passwords. I find converting sentences to be great. For example, you can start with, “My three kids are Billy, Sara, and Michael” becomes “m3kaBSaM.” Note that I just took the first character of each word in the sentence and adjusted case while throwing in a number rather than word.
Avoid Phishing Attacks
These attacks are prevalent, but also easy to avoid. They typically take the form of an “important” email from a co-worker or financial institution. Some emails ask you to call a number and then that call will be a way for the scammer to get your information. This is solved by not calling or at least not providing private information on a phone call to someone you are not sure of. The other approach is to include an attached file that runs a program when opened. Do not open attached files unless you are sure of the sender. Even in those cases, make sure you have anti-virus software installed that will scan emails.
These attacks are more effective than one would expect. However, they prey on our lack of patience with email and our tendency to open and click on any attachment. If you are more intentional in how you process your inbox you will see these attacks for what they are.
Going Deeper
When you have a website or application to secure it requires more than avoiding hackers. In these instances, the hackers are likely to come to you. Thus, steps need to be taken to secure or harden your server.
The good news is that there are a number of step-by-step guides freely available on the Internet. There are even some great security portals like the Open Software Security Community. While most of these tutorials are well-intentioned, take a close look at the site before embracing any of the suggestions. The best sources are from security companies and vendor sites. When in doubt, do some checking to make sure the site is legitimate.
There are some general steps that all of these sites will recommend.
- Remove identification data to make it harder for hackers to learn about your system
- Limit ways that the site or application can be accessed
- Use strong passwords and accounts
- Configure security measures like firewalls and anti-virus to the recommended settings
- Keep all software up-to-date
These steps alone can make your site less a target. This is important as no site is 100% secure, there are always holes. When you make yourself less a target either by being hard for hackers to find or difficult to attack then they often will move on to easier targets. This is the old idea of not being able to outrun a bear, just being able to outrun the other people the bear is chasing.
Be Safe
As we said at the top, common sense is the best approach to Internet security. Hackers are not near as scary when you take these steps to reduce your risk. If we all follow the steps above we would make life a lot more difficult for the typical hacker.
