Whenever I visit my relatives, I’m often not shocked to take a look at their smartphone or tablet and find the little “update” notification number on their apps light up – and it isn’t just usually one update, it’s like 99! Because of my experience and career path, we spend part of our visit going through and updating phones, tablets and computers. Sound familiar to anyone else? I have the great fortune and responsibility to serve as U.S. Bank’s Chief Information Security Officer and your U.S. Bank Coach, focused on helping consumers navigate topics that are important to them – like cybersecurity.
After working in this field for more than 20 years, people often will ask me – how do you sleep at night? I tell them I sleep just like a baby - meaning I sleep for 4 hours and I’m up every half hour screaming (not my quote, but I love that one....) Truthfully though, I love what I do and I’m excited to provide some thoughts and advice to consumers on how to protect themselves from a range of cyberthreats from common hacking attacks to sophisticated newer techniques like ransomware. One of the things consumers need to focus on is personal "computer hygiene." If consumers and businesses kept up basic computer hygiene, it would stop approximately 80-90 percent of attacks.
Here are a few key and simple things you can do to protect yourself from hackers and fraudsters alike:
- Yes, you need anti-malware software on your PC or Mac. But equally if not more important is that you need to keep all device software updated. Many computers are hacked because they are running on an outdated operating system or outdated version of Adobe or Java or other office software. Old software is vulnerable software. Keep it up to date.
- Don’t use the same password on different sites. Use a different password for financial sites, vs. other consumer/retail sites. Once a hacker has access to one password, they will usually try the same password on other major websites.
- Use the strongest authentication options available to you. For example, when a site allows you to enroll via a mobile device, which triggers a code sent to you for verification, enroll for that. You'll thank me later.
- Remove your own “administrative rights” on your home computer. Many companies remove general user's ability to add new users, install software, etc. This greatly limits what malware can do if it is accidentially downloaded by a user. At home, most people don't think to do this. So, consider creating a "normal user" account for yourself, removing that "admin" access from it, and only use the default "Administrator" account or right when you need to install software, add new users, apply updates, etc.
- - -
Jason Witty is a Chicago-based executive vice president and the chief information security officer of U.S. Bank. He's the U.S. Bank Coach for cybersecurity.
Posted: April 15, 2016