Keeping a lock on your computer system

Managing passwords and IT policies are needed

Posted

Cyber attacks, when computer systems of companies, institutions, organization and governments and individually-owned devices are broken into or “hacked” are going to occur, according to technology experts, how these attacks are defended could be the difference between limiting the them or being a constant victim.

Such attacks are huge such as the recent one of Anthem. Inc., the nation’s second largest health insurer, where millions of members personal information ranging from home addresses to Social Security numbers were accessed by the hackers. “Anthem immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation,” Anthem President and CEO Joseph Swedish wrote in a letter published on the company’s website. 

Whether the “hack” is as large as Anthem, infamous as SONY or as small as one’s laptop being hit by a computer virus, technology security needs to be taken seriously, experts said. 

Lawrence resident Jeffrey Hirth, the owner of his own Full City Tech firm, said one of the primary vulnerabilities of a system that hackers probe and use to get in is a weak password. Hirth’s suggestions include either creating a more secure password than 1234 or using a password manager.

In creating a more secure password, Hirth recommends a combination of letters, numbers and symbols, and using a memory device such as the refrain from a favorite song to remember the password.

Password managers such as Last Pass, 1Password or Keeper that store and secure passwords, generate totally different random passwords that are complex and help with filling out forms.   

“Hacking in general is going happen,” Hirth said. “You have to be careful what you let in and protect yourself. If there is anything you don’t want people to know, then don’t put it out there.”

In addition to worrying about external attacks, Matt Seif, the director of professional services for Inwood-based Curvature said, company employees need to be trained in the smart use of Information Technology resources and companies need to create an IT policy.  

Seif said that training staff not to log onto an unsecured Wi-Fi sites, rules against plugging in unsanctioned USB devices and learning how to keep data secure should be part of a company’s training. 

“Companies spend a lot of money for technology security, but won’t write an IT policy,” Seif said. “In such an environment you have untrained employees who leave the back door open.”