You may think that you’re not online enough to risk your safety, or that you never visit unsafe sites. However, the world wide web is a vast network where the exchange of information is often difficult to track. Here are some good reasons to “go incognito”.

With the headlines about data breaches and cyberattacks greeting you every time you go online, it seems impossible to have a surefire, foolproof way to keep your information secure. Sometimes cyber predators are relatively harmless, but oftentimes, their goal is to steal identities and financial information. Virus scanners and firewalls can definitely help, but here’s an added layer of protection when you go online.

What is private browsing?

Your web browser — whether it be Chrome, Edge, Firefox, Safari, or Opera — stores the addresses of the sites you visit, cookies that track your activity, passwords you’ve used, and temporary files you’ve downloaded.

This can be convenient if you frequently visit certain pages, can’t remember your login details, or if you’re trying to recall a website you visited a few days ago. But if someone else uses or gains access to your computer, your most private (and embarrassing) internet activities are exposed for anyone to see.

With private browsing — also called Incognito Mode in Chrome and InPrivate Browsing in Edge — all the information listed above does not get recorded. In fact, all the websites and information you accessed during a private browsing session is discarded without a trace as soon as you close the browser. This can come in handy when you’re using a public computer because you’re instantly logged out of all the accounts after closing the window.

Private browsing also prevents cookies from being stored on your computer. In a normal browsing session, sites like Facebook will inundate you with highly targeted ads based on the sites and pages you’ve visited. But in private browsing mode, your internet activity won’t be used against you by marketing companies.

Another benefit of private browsing is you can use it to log in to several accounts on the same site, which is useful if you need to log in to two different Google accounts at the same time.

Limitations of private browsing

Although private browsing does prevent your web browser from storing your data, it doesn’t keep your online activities 100% private. If your computer is connected to the company network, system administrators can still keep track of what you’re browsing, even if you’re in Incognito Mode. Also, if spyware or keylogger malware is installed on your computer, hackers will still be able to see what you’re doing online.

A keylogger malware records every key you punched in and may send this information to a predefined email address without you knowing. This means passwords, answers to verification questions, account numbers, credit card details, or even the words you type in a chat can be emailed to someone spying on your online activities.

Even though private browsing has quite a few benefits, you shouldn’t solely depend on it for online privacy. Your computers and mobile devices must be equipped with Virtual Private Networks that encrypt your internet connection and prevent anyone from intercepting your data. And don’t forget to scan your computer for viruses with a strong anti-malware program to keep spyware and other malicious web monitoring software at bay.

If you want to know where you can get these solutions or learn more about web browser security, call us today. We have the tools and expert advice you need to prevent anyone from snooping on your internet browsing.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

In 2003, a manager at the National Institute of Standards and Technology (NIST) authored a document on password best practices for businesses, federal agencies, and academic institutions. More recently, however, the institute has reversed its stance. Find out why and what great passwords are made of.

The problem

The issue isn’t necessarily that the NIST advised people to create passwords that are easy to crack, but it steered people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone to use passwords that are hard for humans to remember but easy for computers to guess.

Recently, the institution admitted that this scheme can cause more problems than solutions. It has reversed its stance on organizational password management requirements, and is now recommending banishing forced periodic password changes and getting rid of complexity requirements.

The solution

Security consultant Frank Abagnale and Chief hacking officer for KnowBe4 Kevin Mitnick both see a future without passwords. Both security experts advise enterprises to utilize multifactor authentication (MFA) in login policies.

This requires users to present two valid credentials to gain access to their data. For instance, a code texted to an employee’s smartphone can serve as an added security measure to thwart hackers.

Moreover, Mitnick recommended implementing long passphrases of 25 characters or more, such as “correcthorsebatterystaple” or “iknewweretroublewhenwalkedin5623”. These are much more difficult to guess and less prone to hacking. As for the frequency of changing passphrases, it will depend on a company’s risk tolerance.

Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to make sense of.

Even better, you should enforce the following security solutions within your company:

  • Single sign-on– allows users to securely access multiple accounts with one set of credentials
  • Account monitoring tools– recognizes suspicious activity and locks out hackers

 

When it comes to security, ignorance is the biggest threat. If you’d like to learn about what else you can do, just give us a call.

Published with consideration from TechAdvisory.org SOURCE