Just because I’m a security professional doesn’t mean that I haven’t done it at one point in my life. Clicking agree without reading the terms and conditions and installing a real nice piece of malware. Buying something on Amazon while using the airport wifi. Downloading some questionable files that I think are safe from a random website. And of course, creating easy to guess passwords, because “no one wants to hack a veterinary hospital”. Don’t worry you’re not alone but that doesn’t mean you should keep up these bad habits.
While there are countless ways you can put yourself in trouble online, these 10 dangerous Internet habits are too common to be ignored. So let’s roll up our sleeves and fix them one by one.
Using the same password for everything
I feel like I’ve hammered this point home a million times. It still remains true; never do that. If a hacker somehow manages to get that single password you use for every login, they will have no trouble accessing all of your online accounts. So don’t be lazy and think of a strong, unique password each time you create a new account, especially for banking or shopping sites. You can also get a reliable password manager to help you remember all your unique passwords. Like 1Password or LastPass.
2. Using browser extensions
There are tons of extensions that claim to improve your browsing experience. The thing is, the more extensions and plugins you have in your browser, the riskier it gets. If you aren’t careful, you may easily download an extension that is aimed at collecting your data or even worse – infecting your device or your veterinary hospital with malware. So choose your extensions wisely – get only those that can help you with daily tasks and protect your privacy. If you can avoid them all together.
3. Not using Two Form Authentication
While 2FA makes it extremely difficult for hackers to get into your private files and emails, too many people still don’t use this security feature. Two-factor authentication adds an extra layer of security to your account and is available on many account-based services, including Gmail, Google Drive, Apple’s iCloud, Twitter, and Facebook. I personally don’t see any reason not to use it. If any of your applications offer it, enable it. I can speak from personal experience on how 2FA saved my email account from getting hacked.
4. No lock screen protection
Unless you take your computer everywhere you go, leaving it unattended even for a tiny second, you simply must use some sort of lock screen protection: pattern, PIN code, or password. If you don’t lock your screen, anyone can install malware or spyware on your computer without you noticing. I can’t tell you how many veterinary practices leave their practice management system open walk away with the client still in the exam room. Also, enable remote location and wiping if possible, so that if someone nabs your computer or laptop, you can erase all your private information remotely. This also includes your mobile phones, tablets etc. Make sure they auto-lock.
5. Old antivirus and anti-malware
While ignoring antivirus updates is a bad idea, not having any software that protects you from malicious threats is even worse. Any antivirus or anti-malware program you use should protect you from both. It should also be AI and machine learning based. Threats are changing by the minute and you need protection that is constantly updated. Therefore, now it would be a perfect time to do some research and get yourself reliable antivirus\antimalware program. Then make sure it’s installed on all the computers in your veterinary hospital.
6. Uploading sensitive information to the cloud
Most veterinary practice owners think the best way to protect their data is to simply upload all their data to the cloud. If you think that your data is safe while sitting comfy in the cloud… Well, it’s not. Cloud companies can access your files if they want. Also, they are vulnerable to cyber attacks and data breaches, which may put your sensitive data in the wrong hands. If your cloud storage and backup solutions are not setup correctly. You can avoid that by encrypting your files before uploading them to the cloud to keep your secrets private no matter what.
7. Clicking on links in strange emails
A lot of hacking and malware is successful because people open emails they receive from random strangers. This is known as phishing, and it happens to more people than one could expect. The purpose of phishing emails is to lure users into visiting fake websites. From there, hackers can easily install malware on their victim’s device or steal their passwords, credit card details, and other private information. So the lesson here is simple: if you don’t know or trust the source, don’t click the link.
8. Downloading attachments without Scanning them
We see a lot of veterinary hospitals getting hacked through fake resumes. Before you open that resume. Download it and then upload it to VirusTotal.com. This is a free site that will tell you if the file you uploaded contains something malicious. If you see any warning signs immediately delete the file and the email.
9. Checking your bank account on public WIFI
This one is especially painful since we all love free WiFi. However, public wireless networks usually lack proper protection, leaving their users open to man-in-the-middle attacks and other nefarious ways for hackers and snoopers to get your information. When on public WiFi, don’t check any sensitive information, especially if it’s work- or money-related. Or better still – get yourself a VPN and keep your communications safe even on public WiFi. You can easily create your own VPN at your hospital that is private and yours. By connecting to this VPN first, you are create a secure private tunnel that only you can see.
10. Clicking on virus warning pop-ups
When visiting certain websites, you may face threatening pop-ups claiming to have found malware or viruses on your computer. Don’t click on them as they will more often than not try installing malware or adware on your device.
Change these habits to better safer internet browsing!
Clint Latham J.D.
Lucca Veterinary Data Security
Lucca.vet