Security Myths

Debunking a few common security myths.

Myth 1: My company is too small to be the target of an attack.

According to a 2013 report issued by Verizon, 75% of attacks were opportunistic and not targeted at a specific individual or company.  The report further details that of the data breach incidents:

  • 78% required no specials skills or resources
  • 76% exploited weak or stolen credentials
  • 40% involved malware
  • 29% used social tactics to gain information

In short, you are putting yourself at risk if you aren't putting in place at least the most basic security measures.

 

Myth 2: We don't have any information of value.

Even casual computer users typically have some information of value on their systems.  Does your browser remember your login credentials?  Any banking information or personal information that could be used for identity theft or fraud is valuable.

According to CareerBuilder’s latest nationwide study, a significant number of workers may be putting their company or themselves at risk by failing to secure their laptop, sharing passwords or clicking on links from unknown sources. Of the 26 percent of workers who reported having office laptops, 61 percent said they have critical, sensitive information stored on them. 

 

Myth 3: We use Apple/Mac so we don't have to worry about viruses and malware

Threefold: 1) most new threats are targetted towards applications, not operating systems.  So, both Windows and Mac systems are equally as susceptible.  2) a larger percentage of total vulnerabilities are discovered for Mac vs Windows. 3) There are just as many incidents of Macs systems get hacked as Windows systems when market share is taken into account.

 

Myth 4:  We do regular backups of our data, so it doesn't matter if the information is corrupted/lost.

Silent corruption can go unnoticed beyond the backup retention policy.  Identity theft and data leaks are not recoverable through backups.

 

Myth 5: We are safe because we have a firewall, use anti-malware, and update regularly.

These are excellent practices for establishing security; but, they are insufficient if they are the only security measures you are using. 

As malware and other types of fraudulent activity become more pervasive, a seemingly benign interaction can have serious consequences.

Some risky behaviors include browsing unsecured websites, opening email attachments or links from unknown senders, and downloading email attachments from unknown senders. 

According to CareerBuilder’s latest nationwide study, 9 percent of workers have accidentally downloaded a virus on their computer at work, 18 percent of workers have opened an email attachment or clicked on a link from a sender they didn’t know, & 18 percent have looked at a website that they knew wasn’t secure while at work.

 

Myth 6: We change our passwords every XX days so we are safe.

It has been shown that unless these are complex passwords, frequent changes are often less safe.  Complex passwords are harder to remember and frequent changes encourage individuals to come up with creative ways to placate the password requirements. Users will begin to write them down or make incremental changes in numbers such as MyPa$$word1, MyPa$$word2, MyPa$$word3. 

Ultimately, all password-protected systems are susceptible to hacking, but there are steps you can take to help thwart password cracking. To learn more, check out our article on Best Practices for Securing Your Passwords. 

 

Myth 7: Advanced hacking techniques render security worthless.

Looping back to Myth 1, most attacks happen to non-secured or weekly secured systems.  This is the "low hanging fruit" for hackers.  While a higher level of security will never guarantee 100% protection, it can certainly motivate hackers to seek easier targets.

 

Take Aways

Its easy for most people to take cybersecurity for granted, especially if they've never experienced data loss or theft before. The first step to securing your information and online accounts is by becoming more informed about potential threats and how to protect against them. 

The Wildcard Corp. blog archive is full of useful informational material covering may topics including cybersecurity, web development and IT solutions. Many of our cybersecurity articles are created for the purpose of educating the general public about cybersecurity best practices and how they help prevent data loss/theft.

 

Remember that Wildcard offers cybersecurity services including various means of encryption to protect against attacks from malware, viruses, or ransomware. We offer website and security reviews to businesses and organizations of any size that are curious about their level of security.

If you have any questions or would like to know more about Wildcard security services contact us today!
Contact Form
(715) 869-3440 
info@wildcardcorp.com