Protecting your digital footprint (especially your passwords) is an important part of being an online business owner these days. With the pandemic, I now a lot of my clients are doing Zoom virtual workouts and they’re meeting with clients virtually cause everyone’s quarantined. As businesses move from brick and mortar style to more of a remote workforce, there’s been a huge change in the number of people that are using technologies like Zoom and WebEx.
But the uptick in this usage has shown a spotlight onto that type of technology. This is called a zero day vulnerability. And for those of you that aren’t aware of what that means. It’s when there is a vulnerability, meaning something that a cyber criminal could exploit. In Zoom’s instance, there were two different vulnerabilities, one of which allowed a cyber attacker to come in and take over your webcam and your microphone.
Don’t want to read? You can also listen to this interview:
Learning some Zoom security best practices
- Your login to zoom should be different than anything else, and not logging in through Google on a Zoom account. Because, for example, let’s say you have an account with McDonald’s burger King and Sonic. If you’re using the same login and the same password for all three of those, once a cyber criminal compromises your password on Sonic on their app, they’re going to take that information and sell it on the dark web. Or they’re going to keep it for themselves and try to exploit it on different platforms. So what they’ll do is say, if this person has an account on Sonic, they might also have an account on McDonald’s. So let me see if I can explode it by using the same login credentials, and guess what? Most of the time it works.
- Cyber attackers can compromise your webcam, so it’s best to not have any identifiable information on your walls. This includes your credentials, your diplomas, pictures of your family, indications like trinkets that would give them something about you, like your Alma mater. One of the things that they could do is send me a phishing email thats for an alumni support event that you’d be more apt to open and click around.
- Don’t post your Zoom link on a public website or social media. Use your email list to send those out. If you do post it in a Facebook group, you can require that the host has to be there first, that will prevent people from being in the meeting without you.
- Interestingly enough, with everything that’s going on right now, the department of health and human services for the United States actually relaxed on some of their HIPAA requirements, the intention behind it is for health professionals to be able to connect with their patients in a time when we can’t really connect face to face.
With these web conferencing apps, don’t think of it as preventing someone from listening in assume someone’s listening in and be careful what you talk about. Be aware of your digital hygiene and being aware that there are things online about us, anyone can see it, anyone can use for whatever purpose they see, whether it be malicious or for good.
How to get a digital PO Box to protect your address
A lot of people just use their home address instead of getting a virtual mailbox or even a local mailbox to list in their email footer. You can go to UPS or whatever, but you can also get what’s called a virtual mailbox, which is a little bit cheaper than going to UPS. And then you’re just given an address, and then you don’t have to use your actual address in the footer of your email newsletter.
And you might think, well, I only have like 12 subscribers right now. It doesn’t really matter. It only takes one. Some of the most successful cyber attacks go undetected. What happens is if they take a little bit here, take a little bit, there, people don’t pay attention, they don’t pay close enough attention. That becomes very lucrative for the cyber attacker because it’s all under the radar. And they can harvest details about you and create a profile of you selling stuff on the dark web.
Is Last Pass safe for protecting passwords?
There are some good tools out there. I don’t have as much confidence in free tools. Look at security reviews of password management. I do like password management software when it comes to the fact that you can change your passwords often and you won’t have a problem remembering them because we do need to be updating those passwords often. Complex passwords are not as secure as a super long password. So the longer the password is the more secure it is because, the password breakers run sequences. You know, there’s only so many options for the first letter. Once it’s identified, they go to the second letter. Once it’s identified, they go to the third or character rather. And if they have to do that 16 times, it takes much longer than an eight word or an eight character password that has upper case, lower case, and a number.
Protecting your website from getting hacked
No one wants to deal with their website getting hacked or filled with malware, so let’s talk about how to prevent your website from getting hacked. There are a few simple steps you can take to protect your content.
First, make sure you are using a good website host (if you’re on WordPress). This is super important, especially because some website hosts will help resolve your hacking issues for you. I use Flywheel: https://www.jesscreatives.com/flywheel (aff link) and most of my clients use Siteground: https://www.jesscreatives.com/siteground (aff link)
Another thing to be aware of is your username and password. Do NOT just use “admin” as your username, and make sure you password is on the longer end – that will help a lot. If you do get hacked, I suggest using Sucuri to resolve the issue. Or, if your host can do it, then contact them immediately.