Allowing employees to use their own mobile devices for work applications has become an increasingly popular way for employers to reduce costs while their staff enjoys the convenience of using one familiar device. If your organization provides a BYOD program, make sure to implement a mobile device management solution that protects your network from threats posed by unsecured devices and isolates word-related data from personal data.
As you download and make use of apps on your mobile device, beware that many apps have the ability to share the background data that your mobile device constantly runs. If you wish to not share this data, then disable mobile background data via the directions provided by your mobile device’s manufacturer.
Consider using mnemonic devices instead of common dictionary words for passwords. An example of a mnemonic password would be: “My best Friend is Cybersecurity in 2017!” This would create the password - MbFiCi2017! - which is clearly not in the dictionary, and does not make sense to anyone other than the creator. One rule of thumb is the longer the password, the stronger it is. The inclusion of multiple character sets - uppercase and lowercase letters, numbers, and special characters (@#!$%&, etc.) will further enhance the strength of your password.
Although it might be difficult for a hacker to access your webcam, it does not mean it cannot be done. While surfing the internet or reading emails, be cautious of clicking on unknown links or downloading unknown files. They may contain malicious executable code that could then activate your webcam and/or disable the webcam activation light so that you would never suspect that you are being watched. A hacker who has access to your webcam can remotely watch you or live-stream footage from your webcam on a website or elsewhere. Click here for more webcam tips.
- All employees should be instructed to immediately unplug the Ethernet network cable or disable Wi-Fi on the system if they suspect a ransomware infection has initiated. This will prevent the ransomware from spreading to other devices on the network or infecting backups that are stored on the network or in a cloud environment. Do not reconnect until the computer or device has been thoroughly scanned and cleaned.
- Alternatively, instruct employees to turn off the power or unplug the power cord from the system. Although doing so inhibits complete forensic analysis of the infected device, it stops the encryption process and may limit data loss.
- Employees should notify the appropriate information security contact within your organization as quickly as possible.