We’re only three days into 2014, and already two major online service hacks that compromised user data have hit the headlines.
The usernames and passwords for 4.6 million Snapchat users have been compromised and posted online. Skype, the Microsoft-owned VOIP service, was also reportedly breached, though at this point, it’s believed that the attacks are unrelated.
The Syrian Electronic Army, a group of hackers that support the regime of Syrian President Bashar al-Assad, has taken responsibility for the Skype hack.
And just last month, hackers broke into the computer databases of Target, one of the world’s largest retailers, stealing millions of credit card numbers and encrypted PIN numbers during the holiday shopping rush, forcing cardholders to scramble to replace their cards and guard their credit accounts.
Unfortunately, there’s no simple solution for people to protect their identities and credit data on all the online services and with all the retailers they do business with. But there are a number of things people can do to at least limit their chances of getting hit hard by a data breach.
This slide show covers some of the techniques Web users can employ to improve their online security.
Securing Sensitive Personal Data in Cloud Services: 10 Best Practices
By Don Reisinger
Get the Password Manager Going
Nowadays, both mobile and desktop users can use password managers designed to house all-important credentials in one spot and create difficult passwords for sensitive sites.
All a user needs to do is remember the password for actually getting into the application, like 1Password or Password Manager, and he or she has full access to important accounts. Such password managers are important: They act as a repository for credentials, they create strong passwords, and they can populate password fields whenever the user goes to a particular site. Definitely check them out.
Aim for Two-Factor Authentication
Two-factor authentication is a key component in keeping data safe in the event of a breach. Let’s say, for example, that hackers have obtained passwords for a site’s entire user base.
If that site employs two-factor authentication, like sending a code to the user’s mobile phone in addition to requiring a password, the impact might not be as great. It’s an extra step, but it’s an important one. That’s probably why companies like Google and Bank of America use the technology in their online services.
Switch Up Passwords
There’s no reason to keep passwords going for years and years. In fact, critical passwords should be changed on a regular basis. Some security experts say passwords should be changed at least every 90 days on all sites.
If you’re not doing that, you could potentially put your many accounts across the Web at risk once hackers get just one credential. Just ask LivingSocial users who had their passwords stolen last year.
Remember the Beauty of VPNs
Virtual private networks deserve more credit for providing users with a higher level of security. VPNs allow users to find their way to critical sites through a secure connection and hopefully improve their security a bit. VPNs aren’t the panacea to end all security woes, but it’d be nice to see them put into practice a bit more both in the enterprise and in the consumer space.
Don’t Trust Social Networks
Social networks have become a breeding ground for potential security problems. In fact, a study last year from security firm Sophos revealed that social sites are swimming with major threats. So, while surfing through the sites, be sure to not click on unknown links.
And as Snapchat proved, believing that just because a site or service is big and popular it won’t get hacked is pure folly.
Always be on the defensive when using social networks.
Use Only Fraud-Secured Credit Cards
Credit card numbers are being shared across the Web at an increasing rate.
And in many cases, hackers are intentionally going after those services that keep credit card information on file. So those who are going to share credit card information online should only be using plastic that has fraud protection. Those cards allow for any stolen money to be credited back to an account, safeguarding owners from any possible financial issues. It seems obvious, but it’s an important consideration before buying a product online.
Don’t Link Online Accounts
It’s common practice now for Websites and operating systems to ask users to link their accounts with other services. Such a practice is great for the sites, which can get some free promotion, but it can unleash a world of hurt on consumers.
If a site is hacked and user credentials are stolen, it’s possible that the linked accounts on other sites could become compromised as well. Beware.
Stick to a Few Reliable Retail Sites
Hitting the Web with a credit card in hand can be a risky move. That’s why consumers should buy products from as few sites as possible. Granted, saying such a thing could hurt smaller retail sites, but this is about security.
And the best way to be secure on the Internet is to have a small footprint. Saving profiles and credit card information on dozens of retail sites around the Web is a bad idea that only increases the number of places information could be exposed. Stick with a few trustworthy e-commerce sites.
Consider a Site’s Security
Not all sites are created equal when it comes to their devotion to safety and security of your information. Many sites have been overrun with malware and are just waiting for an unsuspecting user to come along and get hit. In other cases, some sites and site categories, especially adult content sites, are naturally dangerous. Staying on safe, reputable sites is always a good idea.
Don’t Be Late on the News
When news breaks and a hack has occurred, the last thing you should want to be is late to the game. To ensure data is kept safe, users must respond quickly to a breach, change passwords across the Web and keep a close eye on the events as they unfold.
There’s no excuse for ignorance anymore—the Internet is a dangerous place, and we must all accept that.
Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis’ Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.