Ephesians 6:12 tells us that there are spiritual forces at work in this world, and we can be certain that the Enemy seeks to wreak havoc by taking advantage of turmoil, much like we are all experiencing now with the Coronavirus. There are several practical steps we can take daily to mitigate tension and anxiety, such as a daily habit of setting aside time for reading and meditation over Scripture and praying. But what can we do to maintain our vigilance against hackers, malware threats and every evil that lurks behind innocent banner ads or links in email? Moreover, what can we do proactively to be aware and alert to prevent ourselves, and our organizations, from becoming another breach statistic? I’ve gathered a few thoughts on how to protect ourselves and operate in a defensive manner on the primary points of infection – email, browsers, and a compromised password.
We all use email, and in fact, most of us have more than two email accounts. We can’t rely on SPAM filters, as innovation of attacks are the way hackers get past the filters. But these few simple tricks can be telltale in sniffing out a mal-intentioned email.
- If you don’t recognize the sender, hover over the Sender’s name and email address. A pop-up of the actual email address will show. If a different email address shows than the displayed email address, simply delete the email and move on.
- If an email from a recognized sender has an attachment, or has links in the body of the email, or has an uncommon request, or even just looks strange, but you weren’t expecting the email, do step 1 above. If the result is good, take a moment to call, text, or send an alternate email to the sender to ask and verify if they indeed sent the email, and ask what the request is for, or what the link or attachment lead to. Do not click on a link simply because it comes from a known sender.
Pausing and taking even 1 minute to verify an email with any of the above can stop a malware attack that can have far-reaching repercussions. A ransomware attack can, and has, taken down cities, multi-national corporations, and churches.
Browsers like Chrome, Firefox, Edge or Internet Explorer (IE) are heavily used and these web browsers have a space where hijackers, malware, trackers live… in a place called Extensions. This is supposed to be a cool place to modify your browser for better results, or themes, but most users don’t know about it. Unfortunately, malware purveyors store their malware here commonly. To become familiar with how to get to Extensions in your browser, look in the upper right corner of your browser. Each has a COG/Gear icon set of three (3) lines or dots that will lead you to “more tools” for Chrome or manage “Add-ons” for Firefox and IE. By default, most browsers have no extensions. If your list has any you have not added or do not look familiar, remove them, or at least disable them to test if they are truly needed. One other quick recommendation on browsers – Never store sensitive payment or personal information on your PC, and certainly disable auto-save options.
With the open Wi-Fi networks available to us in coffee shops and gathering spots, be aware that anyone can be on those networks, scanning for new connections and looking to break into your PC over that free/open wireless network. Use public wireless wisely, if at all. If you have no choice, use a VPN connection while working over an open WiFi network. A VPN (virtual private network) encrypts your data. Use a trusted wireless network that requires a password that you have been given access to whenever possible. Always log off from a network you signed into when done.
Last point on browsing is to enable and use multi-factor authentication (MFA) for mobile browsing. The most commonly used MFA is two-factor authentication (2FA) which is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. 2FA usually appears by a code being sent to a 2nd device, like your phone or a second email account, to verify your identity. Gmail, Twitter, Facebook and banks are just a few online destinations that offer this more secure way of signing into your accounts.
As difficult as it is for the many passwords we use, it is of utmost importance to use strong passwords. A quick tip is to insert your favorite scripture inside a word describing your hobby, like bicyJob28:28cle. The important concept in a secure password is having as much complexity as possible by having all of the following: capital and lower-case letters, symbols and numbers. To be the most secure, you might have to memorize a string of 10+ entirely random digits, the longer the better. A tip to memorizing difficult passwords is to type it in notepad 30 to 50 times to develop muscle memory.
The last essential item I have for you in protecting your data and providing a sense of security is to back up your data to an external hard drive every month, or at least every 90 days. If it’s critical, back up every week. Keep the backup device unplugged from your computer and use it only when performing a backup. This “air-gap” between your computer and the backup device secures your data from being accessed in the event of a malware infection. Keep the backup device in a secure location like a fire safe or a locked desk drawer.
With all of us being in front of computers daily and needing to use email, browsers, and varying accounts, these few tips can provide some sense of security, knowing that you are being vigilant in protecting not only your workplace network and computer, but also your personal accounts and data. Having said that, we must never forget where our true sense of security comes from – our heavenly Father, God. He is in control and able to provide abundantly for all of our needs. Having a personal relationship with Jesus is the best sense of security we can have, as it provides a hope and a future that we rest assured in.