Shields Up: Take the Five-Day Security Challenge
Cybersecurtiy is always a concern for the online age, but due to the war in Ukraine, world governments have issued warnings about data security to protect against hacking. Take this five-day security challenge to make your information safer.
Here in the US, the Cybersecurity & Infrastructure Security Agency (CISA) recently issued a “Shields Up” notice. Ironically, their warnings and advice are posted on the internet. But here is the main point:
“While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region. Every organization—large and small—must be prepared to respond to disruptive cyber activity.”https://www.cisa.gov/shields-up
The warning makes sense. Many countries have issued sanctions against Russia, like cutting them off from world markets, so it only makes sense that cyber warfare will go into overdrive against vulnerable systems around the world, especially against systems in the US.
Your tiny corner of the cyber world is in danger, too.
For example, my eighty-something mom told me about a phishing email she received last week, supposedly from PayPal. Let’s take a moment to appreciate that my elderly parents are using email and PayPal without daily intervention from me and my sister. But their “independence” is scary too because phishers are good at what they do. Fortunately, my parents are the suspicious type.
In the CISA notice, there is a section entitled, “Steps Americans Can Take to Protect Themselves”:
1. Implement multi-factor authentication on your accounts.
2. Update your software. In fact, turn on automatic updates.
3. Think before you click.
4. Use strong passwords.
Let’s adapt those guidelines for authors.
My guys, take the Five-Day Security Challenge. No need to sign in to Google Docs; simply follow the link, click File>Download, and choose your preferred output format.
There are literally hundreds of ways to heighten your data security, but let’s concentrate on these five, relatively easy steps. I estimate it will take an hour for each day of the challenge.
Day One – Find all of your manuscript “master copies” and your latest WIP files and email them to yourself.
Emailing manuscripts to yourself is a “terrible, horrible, no good, very bad” backup system, but it is way better than doing nothing at all. Many thanks to author Judith Viorst for the description of this method. Before you email your manuscript files, do the following:
1. Get LastPass. Or get another password manager. LastPass has a free option, a premium option for $36/yearly, and a family option for $48/year. This is the best money I have ever spent. Download LastPass to your mobile phone too; you’re going to need it.
2. Implement two-factor authentication on all of your email accounts. Strong passwords are not enough. Search for “how to implement two-factor authentication for your email account” and follow the directions. Here are the directions for gmail because it’s one of the biggest providers.
3. First thing, change your email passwords; LastPass has a password generator built in. Repeat after me, “I do not need to memorize or write down my passwords.” If you have more than one email account, protect all of them.
4. Now, email your manuscript files, one at a time, to yourself and use clear subject lines.
Day Two – Clean up your phone and tablet apps.
What do your mobile devices have to do with being an author? Everything. Our mobile devices are business tools. We access our social media accounts from our mobile devices more often than we access them from our computer.
1. Get rid of apps you no longer use on your mobile devices. First, delete the associated online account and then delete the apps.
2. Update the apps on your mobile devices. Updates are the only way vendors have to patch security holes in their app software, but you need to do your part. If there is an option to enable automatic updates, do that too.
Day Three – Secure your social media accounts.
How many times has Aunt Mary’s Facebook account been hacked? Hacked accounts are an embarrassing, potentially disastrous hazards of being present on social media. Unfortunately, dear author, you need to be present on at least one or two social media platforms, so suck it up, Buttercup.
1. For EVERY social media platform you use, change the password and store it in LastPass. (Here we go again!)
2. For EVERY social media platform, enable two-factor authentication.
3. On Facebook, go through their security checkup.
4. Use Twitter’s recommendations.
5. Follow Instagram’s guidelines.
6. Don’t forget less obvious applications like LinkedIn, WhatsApp, Pinterest, and Facebook Manager.
7. Read this article from Wired about TikTok. TikTok is alluring. It is fun. It is huge. And it is owned by a Chinese firm. Take care, my friends. At the very least, don’t link it to Facebook or Google. Do everything you can to lock your account down, but in the end, realize the company is mainly interested in collecting your data.
8. Be choosy about which apps get your information and which ones you link other accounts to. Generally, proven social platforms are better equipped to handle security issues than newer ones.
Day Four – Secure your financial information.
One of the things I have asked my mom to do for her PayPal account is to implement two-factor authentication. And I have begged her repeatedly to change her password storage system. You know, she uses the sticky note system. But at least I know her passwords are unique for each site and terribly long and complicated.
1. You know the drill. Log in to EVERY financial account, change the password, and store the password in LastPass. You can also store the questions to the security questions in the NOTES for every login in your vault.
2. Check your banks, stores, or subscriptions you pay online, either manually or automatically. Remember your utility companies and your premium accounts like Peacock, Netflix, your newspaper, Amazon, Target, Etsy, Woot, and Walmart. Doctors’ offices, healthcare accounts, and pharmacies.
3. Go to each account and—say it with me—change the password, store it in LastPass, and lock it down with two-factor authentication.
4. Did you know you can store your credit and debit card information in LastPass? That means you don’t have to trust your pizza place to keep your card information safe.
Day Five – If you have a website, lock it down.
1. Change the password to your website and store it in LastPass.
2. Purchase antivirus software for your local computer and use it; surprisingly, your local computer is a key part of your website’s security.
3. Back up your computer; I use CrashPlan. There are several great services out there. Just do it. The email-it-to-yourself is a bad solution; back up your files to the cloud too. Can you ever have enough backups of your manuscripts? Is that possible?
4. Keep the base operating system on your local computer up to date. If your operating system is no longer supported, like Windows XP, your machine is open to viruses and malware.
5. Make sure your browsers are up to date.
6. Back up your website always; usually, you can do this through your host. Websites are expensive to build, so find a reputable website backup service.
7. Go to your website host, and implement every security measure they recommend.
If you are deeply embedded in online commerce and have many online accounts, this process will likely take a few months to complete, especially Day 4. Soon, however, you will find you have your act much more together. Get your spouse or significant other involved because a chain is only as strong as its weakest link.
Take a few moments every time you log in to a new site to make your access secure. If you own a small business or you are a corporate leader, check out the Shields Up notice because there are more steps for you to take to protect your business from cyber attacks.
Take the Five-Day Security Challenge and rest easier at night, knowing you have been proactive about protecting your data. As I stated, there are hundreds of ways to heighten your digital safety, and I simply don’t have the bandwidth here to cover them all.
Share your favorite solutions in the comments.