The Government of Canada offers the following tips but I wanted to add a few of my own comments on them specifically for independent insurance advisors as studies show there is a growing focus for cyber criminals to target medium-sized businesses in this field.
1. Protect Your Identity
"Use different usernames and passwords for different accounts. Make passwords harder to guess by combining letters and numbers, and change them regularly."
This is a great tip. Remember most passwords are broken by social engineering - “the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.” In addition to the above tips, review your password recovery options as if everyone knows your dog's name is fluffy from Facebook and that is your password reset question. It's going to be easy to break with even basic social engineering tactics. Remember a password that you use for everything is only as strong as the weakest site that has it. Meaning if you use it for your password on a sketchy site and they get hacked, now it’s easy for them to use that same password on secure services like your banking.
2. Turn On Your Firewall
"Firewalls are the first line of defence: they block connections to unknown or phony sites and prevent viruses and hackers from accessing your computer. Your computer operating system has a firewall that can be turned on very easily."
Most operating systems and networking gear have firewalls built in but sometimes they are pesky and we end up turning them off. Instead here is a quick video I found on how to optimize your firewall.
3. Use Anti-virus Software
"Install anti-virus software to prevent viruses from infecting your computer. This software should be updated regularly."
Do some research, not all virus software is created equal and recently some of the companies that build these products have been covertly infiltrated with viruses unknowingly infecting consumers who bought the software to defend against viruses. I recommend Bitdefender or Avast but the best defense is common sense. Don’t open and download files from people you don't know even if the subject line makes you curious (like an invoice sent from someone you don’t recognize but the subject line is compelling). If it’s important, they will call.
4. Block Spyware Attacks
"Install anti-spyware software to prevent spyware from installing itself on your computer. This software should be updated regularly."
I recommend Malwarebytes to get rid of spyware and scan your computer. They offer both free and paid versions but again, the best defence is abstinence. Don’t flirt with risky emails and sites and you will be much safer.
5. Install The Latest Operating System Updates
"Make sure that your applications and operating system (Windows, Macintosh, LINUX) are up to date."
Instead of having to think about this one, I set my computers to auto backup (tip 6) and then auto update (overnight) so that I don’t have to install updates during work hours.
6. Backup Your Files
"Protect important files from viruses and physical damage such as flood and fire by regularly backing up your files on an external drive or removable media. Store it in a safe place."
Some kind of cloud based system is best with the ability to revert files (particularly if you get ransomware that is getting popular). This way you can revert a file back if someone tries to ransom your files. Make sure if you are hosting client information in Canada and that you pick a cloud storage provider that hosts that data in Canada so your clients information is not subject to the Patriot Act.
7. Protect Your Wireless Network
"Wireless (Wi-Fi) networks are vulnerable to intruders if they are not protected once installed. Do this yourself, or ask an expert for assistance when you purchase a wireless router."
If you have no expertise in this area, look for a router that has an app installer to walk you through the steps. Make sure you set the firmware updates to auto and disable guest networks if you don’t anticipate any guests (you can always turn this on for a party but it prevents people from stealing your Wi-Fi).
8. Delete Emails From Unknown Senders
"Never open emails or attachments from people you don’t know, and never follow any links to Web sites included in these emails. They might infect your computer with a virus or spyware. Delete such emails immediately."
Then empty the trash! Many of these emails and viruses are designed to impact a Windows computer (not to say your tablet is not vulnerable). However, because of the nature of its OS, it may be a better place to open an email you're not quite sure about.
9. Surf The Web Safely
"Be careful when sharing personal information such as your name, address, telephone number and financial information online. Check that Websites are secure (such as when making online purchases) and that the privacy settings are turned on (such as when accessing or using social networking sites)."
Chrome is my prefered browser and I find it's quite good at alerting me to sites whose security certificates are up not up to date. How can you tell? Look in the URL:
10. Get Expert Help
"Call local police if you discover suspicious content online (such as child exploitation) or if you suspect computer crime, identity theft or a scam. If you need help maintaining or installing software on your computer, call a computer expert or a local supplier."
When in doubt, get expert help. Some people love to DIY but as my stepfather would always say, “I look at what I make per hour vs. what it would cost to pay someone to do that thing and if their hourly rate is less just pay that person and spend that hour doing what you do best.”
