Cybersecurity
By Ellen Lowery, TCV Auditor
My first day as a bank auditor, in 1982, I was handed a wooden ruler, ushered into a large bank vault lined with safe deposit boxes and instructed to measure the boxes and compare to the size and rental rates noted on dog- eared index cards in a battered metal box. It took a long time and was deadly dull. These days, computers can simply correlate rental rates and sizes. It’s an ideal task for a computer.
As time went by I graduated to ATM PIN duty. Once a week a pair of auditors would be ushered into the Bank’s mainframe computer room with our deck of punched cards that was used to generate PIN numbers for new customers’ ATM cards. At the time, it was cutting edge and had a vague James-Bond-like quality. The room was kept cold, with a raised floor and halon gas fire suppres- sion system, quiet as a church save for the discreet whir- ring of row upon row of blinking tape drives. We had to enter the locked room under dual control and sign a logbook in and out. It was all about security.
Today, I carry around more process- ing power and memory storage in the cell phone peeking out of my purse. I simply glance in its direction and its facial recognition software knows it’s me and unlocks the phone. When connected to the internet, it can access vast amounts of data in the “cloud”.
Computers offer us so many useful tools. But some of their best attributes, such as speed, accuracy, and access to vast volumes of data, can unfortunately be put to bad use by those up to no good, and the results are also magnified and multiplied at sobering speed. And so, we have the topic of cybersecurity, a term none of us knew in the 1980s.
What TCV Does
TCV employs an Information Technology support company with an expertise in cybersecurity. They man- age the maintenance of our individual computers, proac- tively manage our firewalls, and have advanced forensic software installed in the event of an incident. They con- tinually test our staff via training emails that entice em- ployees to click, to ingrain proper habits, and illustrate current techniques. Our staff takes ongoing cybersecu- rity courses and is trained in identity theft scenarios.
Our in-house Technology Committee meets regularly with our technology consultant to monitor our systems and determine the best IT policies for our company and our staff. One of the group’s responsibilities is ongoing, in-depth reviews of our various software vendors to en- sure they have appropriate provisions in place as well.
What You Can Do
Think of your email Inbox as your front door……. some of the people knocking want to scam you, break into your house, or hold all the files on your computer subject to
ransom. Don’t open the door to everybody. Develop a 5 second delay before you click on hyperlinks. Gently hover your cursor over a link and a pop-up will show you where it would go if you click. You will find sur- prises! Beware attached files, especially those you were not expecting. Be especially wary of any file with a .exe file extension. Never respond to an email asking you to confirm your user name and password. Be aware of “spoofed” email that appears to come from someone you know, or regularly do business with, where their email account has been compromised and you are then sent a malicious email from their account.
Maintain a clean machine. Keep your devices, apps, browsers, and anti-virus/anti-malware software patched and up to date.
Know that “free” wi-fi at hotels, air- ports or cafes can wind up having a big price tag. Your activity on such networks is easily hacked. Use a Vir- tual Private Network (VPN) soft- ware to connect to public wi-fis. Here at TCV we use EncryptMe® apps and software.
Have reasonably complex passwords, change them now and again and don’t use the same password for every site. Consider a password manager program.
Frustrated by Dq7$v96Q? Try a mnemonic approach based on the first letters
of a song or quote that is easy to remember. To Kill a Mockingbird becomes 2kll@mbird. Or, where space allows, create a passphrase, linking unrelated words with a memorable image, such as turkey parachute tiaras.
Back up your files with some regularity. Remember that anyone with access to your computer may obtain private information about you or initiate activity that appears to come from you. For mobile devices, such as laptops, tablets or smartphones, enable encryption and remote wipe capability in the event your device is lost or stolen.
With good regular habits you can enjoy the many benefits our devices and the internet offer, along with more peace of mind. Here at TCV, this enables us to work remotely, connect with each other or clients whenever the need arises and to pursue our heated contests of Words with Friends!