Security is a top priority at Rabbet. In a world where fraud is rampant and becoming an increasingly larger concern with the rise of deepfakes and AI, we must constantly think about ways to keep ourselves, the companies we work for, and the customers we work with safe against criminal activity. These are some best practices that we should all follow to avoid becoming victims.
Set Strong Passwords
A weak password may result in a security breach or data leakage, so it’s imperative to select long (16 characters or more) passwords that contain a combination of letters, digits and special symbols. Do this for all of your accounts—email, the Rabbet app, your office network, and any other program that you use that requires login credentials to gain access.
Don’t use the same password for multiple accounts. Consider using a password manager, such as 1Password, to generate and store secure passwords for all of your logins. Click here to learn more.
Use Two-Factor Authentication (2FA)
To fend off hackers, turn on Two-Factor Authentication for your email and any other accounts that offer it. Two Factor Authentication, aka 2FA or Multi-Factor Authentication, is an extra layer of security that requires not only a password and username but also something that only that user has on them. (i.e. a piece of information only they should know or have immediately at hand). Providers like Google, Microsoft, and others offer free apps that facilitate 2FA.
For Gmail users, click here for instructions. For Microsoft Outlook users, click here for instructions. If you need additional help, contact your IT department.
Handle Sensitive Info with Care
You should never share sensitive information via chat or email, and someone requesting that you do so should be a red flag for criminal activity. This includes social security numbers, bank account information, and other confidential data that could be used maliciously by hackers.
If you need to provide sensitive data for the sake of using a service or product, pick up the phone and use a side channel. Don’t forget to get the full name of the person that you speak with, the location of the branch they work at, and any other identifying information that you can collect (such as the person’s direct extension.) This info will be useful if you need to reference the conversation in the future.
Regularly Update Security Software and Patches
To make certain that you are protected against the latest threats, be sure to regularly update your security software. Hackers continue to find new ways to spread viruses and steal information. So, even if you installed your security software just a month ago, you could already be susceptible. Ask your IT department for help, if needed.
Keep Browsers Up-to-Date
Popular browsers such as Google Chrome and Internet Explorer regularly release security patches. This is often done to respond to security loopholes that hackers and phishers inevitably uncover and exploit. The periodic messages about updating your browser are easy to ignore, but don’t do it! As soon as you see the update notice, download and install it.
Stay Informed About Phishing Techniques, Deepfakes, and AI-Generated Scams
Criminals are constantly developing new ways to scam unsuspecting users. And the deluge of AI tools that can mimic a person’s voice or face has exponentially changed the landscape. One of the best methods to avoid being a victim is to stay on top of the latest phishing and scam alert news. The Federal Trade Commission provides information about the latest scams and how to recognize the warning signs, as well as the option to sign up for free scam alerts. Check out their scam alerts page here.
Follow Security Guidelines
Data breaches can result in the loss of millions of dollars. To avoid this dreadful scenario, we encourage you to educate all of your employees on how to follow good practices and provide them with a clear set of security guidelines to be followed. In addition to the best practices we’ve covered above, some other suggested points include:
- Reporting suspicious behavior
- Being skeptical about “free” offers
- Validate, using a side channel, that a phone call/text/direct message is actually from who it claims to be
- Don’t click on links or opening attachments in unsolicited emails
- Using secure and traceable methods when making payments for goods or services
- Work with local businesses that have proper identification, licensing, and insurance
We are all vulnerable targets to the world of crime, so it is important to reduce the risk by any means possible. Start with the checklist above to protect yourself and your company.