Regardless of the sector, a company’s digital assets and patented technology are vulnerable to data theft and cyberattacks without proper protection. Just recently, hospitals have been endangered due to cyberattacks and the Covid-19 vaccine supply chain has also been targeted.
The nature of the staffing industry means the data at risk is personal data of your company’s thousands of employees. Staffing firms have reported cyberattacks this week and last week. And multiple staffing firms this year have experienced a form of attack called ransomware, where attackers threaten release of data if a sizable sum is not paid.
Employee email is a common point of weakness. Not only do they contain professional emails and confidential information, but it also has records of the company’s financial records and even bank credentials.
Additionally, somebody with access to an email account could use it to:
- Reset passwords with other platforms and gain access to more accounts
- Impersonate a company official in correspondence with employees and cause irreparable financial or reputational damage to the sender and the company
The email account should receive the most care of all digital accounts. Without a secure email account, no other accounts are secure. Here’s how you can make sure your email is safe.
#1 Set a strong password for your device. Your email may be stored on your computer, alongside the credentials to log in, meaning that anyone with access to your computer may have the ability to access your email.
Luckily, this is limited to those with physical access to the computer (and not hackers on the internet), but in case you lose your phone or computer or have it stolen, you should spare yourself the additional headache of losing control of your email.
Any computer or phone will make it easy for you to set a password. Go to your device’s settings and set a strong yet memorable password. You’ll enter it every time you start up your device or install software, so you’ll remember it easily.
This password is supposed to protect against physical intruders, so don’t write it down on the bottom on your device, or on a note in your drawer.
If you are afraid you might forget the password, possibly because you use the device rarely:
- Store a note with the password in a different, secure location
- Use a password manager on a device you regularly use
- Test the strength of the password as an attacker may use machines to guess millions of common passwords at a time
#2 Encrypt your hard drive. Your password gives access to your computer, but unless your hard drive is encrypted, anybody with access to your machine could copy your hard drive or remove it from the computer and read your emails.
Most modern laptops will encrypt the drive automatically. You can check Bitlocker on Windows or FileVault on Mac OS whether this feature is enabled on your machine. iOS will have this feature always enabled by default, and on Android, you will be able to check in the phone settings. On Linux, such features can be enabled, too.
#3 Use a password manager. Remembering passwords can be a difficult task, especially given the dozens (or even hundreds) of online shopping, social media, or forums we may have signed up for. Reusing passwords across different services is an absolute taboo, as this makes it easy to phish (fraudulently obtain) your password, and if any of the services you use is exposed or run by an evil administrator, all your other accounts are instantly compromised.
A password manager is one of these gadgets that not only improve your security but also make your life more convenient. With a password manager, you will no longer:
- Have to think of new passwords for your accounts
- Remember which email you used for which account
Even extra information such as encryption keys or recovery phrases can be stored in there.
Some password managers can autofill your login pages so you’ll only ever have to click the login field, and they will automatically create a save password and store it for you when you sign up for a new service.
The only passwords you’ll ever have to remember are the password to your computer and the password to your password manager.
In my next post, I will discuss three other steps to take to secure your data, such as two-factor authentication.