12345, qwerty, password.
Use passwords like these and you’re making your data an easy target for hackers. As it turns out, 65 percent of us are using the same vulnerable password for all our accounts. But choosing an insecure password isn’t the only gateway to online security issues, especially during the holidays.
These days, more and more companies are falling victim to online security breaches. And even when we are warned of possible threats, we typically ignore them, especially while typing an email or during a Netflix binge. During the heavily-trafficked holiday season, this could mean the loss of your bottom line; the estimated cost for a small business to fix security breach issues is $200,000.
As more people are exchanging long lines on Black Friday for online discounts, web safety becomes even more crucial. To keep your website safe during the holidays, we consulted with two online security experts. Remember: you won’t have a humbug holiday season if you take web security seriously.
Why is online safety especially important during the holidays?
“The holidays are one of the highest risk times of the year for online safety,” says Nick Santora, CEO of Curricula, an education-based web security company. “People are generally very trusting during these times and often overlook some common pitfalls of scams or hackers. Letting your guard down can open you up to financial risks as well as other information losses that a hacker can take advantage of.”
What are the biggest mistakes people make online?
“Not realizing that they are targets,” says Joseph Steinberg, a cybersecurity expert, SecureMySocial CEO, and Forbes and Inc. columnist. “People who believe that criminals want to breach their computers, phones, and websites act differently than people who don’t understand this reality. Sometimes people suffer from ‘cybersecurity fatigue’ — having heard or read about too many breaches and cybersecurity failures — that they do little and just hope for the best.”
Santora agrees. “One of the biggest mistakes I see is that too many people believe they could never get hacked. That is like thinking you could never get into a car accident if you drive a car every day,” he says. “As long as you have a computer and an internet connection, you are at risk of being hacked. Cyber threats live all around us. It is not a matter of if you will be hacked anymore, it is when.”
What tools are available to help online users stay safe?
“Your online presence is dependent on your passwords,” Santora says. “Did you know the average user has almost 30 online accounts? It is difficult to not use passwords that are shared across at least one of your multiple accounts. Use a password manager tool that can help you store difficult passwords for all of your websites and protect the vault with a single, strong password. This will make your online security presence much stronger and help you maintain secure online accounts.” If you’re guilty of weak passwords, consult these tips and be sure to check out this list of password storage apps for your mobile device.
Along with passwords, Santora says keeping an eye on online holiday deals is a way to stay safe. “One way to identify an online scam is when pricing seems too good to be true, because it probably is. Fraud companies use this tactic to engage their victims during times such as the holidays when people are looking for the best deals. Only shop on legitimate websites and be wary of offers that seem unrealistic.”
In what ways can people protect their websites from threats?
The web itself is responding to online security threats: Google will soon start calling out unsecure websites, and it also offers a security check-up for your account. But this might not be enough, experts say. You need your own personal plan of attack.
“Hire a security professional to analyze the risks and create a proper plan,” Steinberg says. “Attempting to secure a website yourself is like trying to defend yourself in court without a lawyer or perform surgery on yourself without a doctor.”
In addition to consulting a web professional, it’s crucial that devices be in prime, threat-fighting condition. “Software needs to be updated regularly to protect from online threats and vulnerabilities,” Santora says. “If you are running WordPress, ensure your plugins are up to date as well as your main installation. Use security plugins to block malicious traffic and protect your website. If you don’t have a way to monitor your website, use web-based tools to check for configuration changes or unknown logins.”
On a tight budget? Cyber security doesn’t have to break the bank. Here are Steinberg’s tips for security measures you can implement without spending a lot of money.
Kasee Bailey is a freelance writer who draws on her experience working at one of the nation’s top b-schools to report on education, savvy startups, and the latest business trends.