Have you ever had your personal data compromised?
Maybe you’ve lost your credit card and had it frozen as a precautionary measure. Or maybe it was something a little more serious, like having your SIN or other sensitive information put at risk of theft due to poor security on a public WiFi connection. Time to rethink those online shopping sessions on the coffee shop’s WiFi…
Whether you have or haven’t, your chances of facing a threat to your personal information have increased. In fact, according to a security report, Canada had the third most cyber incidents in the world in 2018. Yikes.
We sat down with resident security experts Hardeep and Stephen to get their tips for best protecting yourself (and your data) online.
First, a bit about the team.
Hardeep is the Manager of IT Security Operations at Coast Capital. He brings years of experience and education in all things security, including an honours degree in Computer Crime, a number of IT & security designations, plus a position as a Cyber Officer with the Canadian Forces Reserves.
Stephen is the Director of Information Security at Coast Capital. He has a degree in Electrical Engineering, in addition to multiple Information Security designations. Outside of work hours, Stephen enjoys back country camping & dirt biking with his family, and chipping away at his Master’s Degree in Business Administration.
Tips to protect yourself.
What can you tell us about email security?
Stephen: It’s really important to be vigilant when opening up emails that have the potential to compromise your personal information. This includes emails from people or business you don’t recognize, and paying special attention to the links or documents you click or download.
That link you clicked could re-direct you to a malicious website that could capture your personal information or install malware (things like viruses, Trojan horses, or ransomware) on your computer.
Hardeep: Unfortunately, a lot of emails that seem to be legitimate (i.e.emails that look like they come from your Financial Institution) could also be malicious. These phishing emails – emails that attempt to obtain sensitive information like usernames, passwords, and credit card details – will have a similar or near-identical look and feel to one you’d receive from your financial institution, but could have some subtle clues that indicate an impostor. Things like a mismatched URL, poor spelling and grammar, or requests for personal information are all things to keep an eye out for. If you’re in doubt, don’t click.
How can you protect yourself online or over the phone?
Hardeep: It’s smart to limit the amount of personal information you share online. Privacy settings not enabled on social networking websites, like Facebook, could allow anyone access to sensitive information. This includes things like your birthday, address, or phone number.
The same goes for giving sensitive information over the phone. A financial institution will never ask you for your PIN number or password over the phone.
Stephen: While it’s great to have your friends wish you a happy birthday on social media, dates like your birthday, or even publicly listing out your family members, can give a cyber crook access to valuable data (like your mother’s maiden name) that could be used to answer security questions. If you really want to get birthday wishes from friends, use a fictitious year so only the month and day are available.
Passwords are one of the first lines of defence in protecting your personal data and other confidential information. What are some tips for making a top notch password?
Hardeep: Create passwords and PINs that are complex, and change them regularly. We recommend that you use separate passwords for different websites and online services. If you have multiple passwords and need to keep track of them all, use a password vault.
We often forget that our own personal networks should be protected too. How can you protect your home network?
Stephen: To start, you should enable encryption and password protection on your WiFi devices. You never know who is using your WiFi connection, regardless of how much trust you have in your neighbors.
Secondly, you should be cautious when you’re connecting electronics and wireless devices to the internet. This includes things like baby monitors, puppy cams, or video doorbells. Some cyber criminals will hack into these devices and use the information they see and hear to commit crimes like identity theft or blackmail.
Most people nowadays have smart phones and laptops. How can we protect our computers and mobile devices?
Hardeep: I recommend that you regularly apply all operating system & application patches, and upgrade programs when they become available. If you don’t need Bluetooth on, disable it. Same goes for GPS or location tags when they’re not in use.
If you’re out in public and need to connect to WiFi, do so sparingly. And while this last tip might be obvious, never leave your device unattended. It’s using the same principle as leaving your luggage unattended at the airport. You never know what people could take – or put on – your device to cause a major security breach.
Why we care.
We are dedicated to improving the financial well-being of our members and their communities. With this dedication comes the responsibility of protecting the sensitive personal information of our members in our systems and databases.
We encourage you all to take a minute to think about how you can do your part in securing your devices, networks and databases.