Published on August 30th, 2021 | by Sunit Nandi0
What Can Tech Do To Be More Trustworthy?
Ransomware attacks are on the rise. Each day Americans read about companies from the local to the national that are held at virtual gunpoint to hand over millions of dollars. What those stories seem to gloss over is that the information that’s held for ransom is often the banking and personal information of everyday customers like you.
Sometimes it’s not every ransomware or malware, but a mistake. In January 2020 over 280 million Microsoft account records were left unprotected in a customer support database and in August of the same year 235 million user details for Instagram, YouTube and TikTok were left in an unsecured database by a social media data company that had gone out of business. Chances are, your information is somewhere out there, being sold on the dark web. It’s not a good feeling. So what can tech companies and companies that rely on technology for their services do to make you feel more secure? Here are three steps that every company should be taking to secure your data.
Use Two-Factor Authentication Log-Ins
When you’re building your financial future trust has to come from both sides. The bank may start you off with a secured credit card to prove you are responsible with credit. To build trust with you, make sure that their banking website and app all use two-factor authentication. This authentication method uses two discrete methods of verification to establish your identity. Usually, the first factor is knowledge, asking you to enter a password you know. The next factor could be a physical verification, like a thumbprint or face scan. If you don’t have set up physical verification it could be ownership verification, asking you to enter a code that is sent to your phone or email. Any time you can work with two-factor authentication for log-ins you should take the opportunity. It helps prevent identity theft on your end.
Encrypt Your Data
Another step that tech companies need to take more often is encrypting your data. Obviously, it’s important for sales to be encrypted but some things you assume are encrypted may not be. For example, Amazon does not protect your data through any Kindle device. Where previously you were able to scramble data with a password, that option is no longer available. Companies that are doing it right include cell phone service providers that automatically encrypt your data and protect your identity over the cellular networks and offer encryption for data stored on the device.
Use Better Training
The fact is, you’re more likely to put yourself at risk through turning off two-factor authentication or using unsecured networks than a business is likely to expose your information in the above situations. On the other hand, breaches do occur every day, and the majority occur because of human error. The unsecured Microsoft data and the social media information breach were both due to human error. Companies need to have steps in place to protect the physical repositories of information from vandalism and theft. They also need to have procedures in place for closing down or getting rid of equipment.
Here’s an example of how easy it is to overlook small things that turn out to be very important. If you have a copier at your office it is full of confidential data in the form of scans of documents and contact information that’s been used for scans including email addresses and fax numbers; yet most businesses have no procedure in place for removing that data. Only when everyone is trained to think of machines as repositories of data will that information be truly secured. Training also needs to address dealing with phishing attempts and other social engineering emails that request data under the guise of legitimate use.
Tech security is improving all the time. To have more trust in the companies with which you do business, do some research on their practices but be forgiving. There is no way to remove the element of human error from the system.