Security: It’s Time To Tighten Up

I had five emails from Microsoft in the last few days. The emails were sending me the two-factor authentication codes to complete a sign-in to my old Hotmail account ...

It's not an account I use often these days, but I do need to tidy it up as there are many personal documents stored there so I have kept the mailbox open. I also use that particular email address as a user-name for other non-work-related sites that I log in to.

"I noted the time as 4:48am for the multiple attempted log-ins!"

There is no way I was logging in to that account at that time of day so it was an obvious attempt at hacking my account and would have been successful if it was not for the backup security feature that I had switched on many years ago.

There are continual attacks on internal and external systems and oversights can lead to your systems being compromised. I have come across networks that have been shared by a property client with their tenants. Also, without consideration that the tenants may be able to access the main network or that hackers can jump from a tenant's computer to the host's network with ease.

With Internet Protocol (IP) being as forefront of any home or commercial network, then having network separation, secure passwords and 2-factor authentication is a must. With almost every device connected to the network, ensuring that all device names and passwords have been changed from the factory settings is also vital.

With VoIP handsets, IP cameras, fire alarm systems and the myriad of IoT-connected devices (Internet of Things) such as Smart Speakers, TVs, conferencing equipment, Wi-Fi access points that are always connected, there are plenty of in-roads to your network.

It takes just one device that has been left on a factory username and password (e.g. admin/admin, admin/password or admin/1234xxxx etc) to be able to plant sleeper/sniffer viruses that basically lay there collecting information until the hacker/threat actor (as known in the cyber-criminal world) has a way in to capture and encrypt your data and ask for a big sum of money, usually in Bitcoin.

"Don't be fooled if you are using the cloud to do your work!"

If you use a computer that has stored all your passwords on Google Chrome, by accessing the desktop, logging into Azure or AWS (Amazon Web Services) using the stored password on your browser is now as common as hacking into a server.

Remember to stay safe and tighten up all those security risk factors in 2024.

If you feel inspired to find out more then do call me on 07555 807700 or leave a comment below and I'll be in touch as soon as I can.