5 min read

Security New Year’s Resolutions (Infographic)

Security New Year’s Resolutions (Infographic)

For many of us, the New Year means setting resolutions. Some of us hope to shed a few pounds, make a bit more money, or spend more time with our loved ones. Well, I have an important one to add to your list: security. Our world is dominated by our constant connection to each other through devices and the web. This can make day-to-day life much simpler, but it also significantly increases the risk of your personal information being stolen. Below are four easy, security-related New Year’s resolutions everyone should set (and stick to) in the new year.

1. Use (and update) complex passwords

The passwords you use should be obscure, almost unexplainable phrases. You may want to think of personally-significant patterns or numbers you can commit to memory, but that are also nearly impossible for an automated system to make sense of.  It’s easy to use your kids’ names or your street address to create a password but those basic passwords are also easy for hackers to figure out with a quick internet search. More complex passwords don’t have to be impossible to remember. They should be significant to you, but to others, they will look like a mess of numbers, symbols, and letters. I recommend a minimum of 12-15 characters. For example, the password @1ldEdt$R&s# could translate to the following phrase: “All day every day the sunrises and sets.”

But in our world, having complex passwords isn’t enough. There are many ways even a complex password can become compromised. For example, maybe you shared it with a friend or family member or someone saw you entering it. Even if you have created very complex passwords, regularly updating them is a good practice to maintain online security. When you do update passwords, ensure you are using a password unrelated to your previous one. And, if you update a password on one site, you should update it on all other sites as well.

2. Safely keep track of your passwords

Resolution #1 leads nicely into resolution #2: use a safe password management service to keep track of your online passwords. If you’re updating your complex passwords regularly, it is tempting to write them down or keep them stored in your phone. Saving your secure passwords this way negates all the hard work you put into creating them in the first place!

I recommend using an online password-storing software. There are many options out there, so do some research of your own, but my Security Team at Bankers Trust uses Last Pass. This website can track all your online passwords and even help you generate new ones. Last Pass also understands how important your security is, so the company ensures your password database is encrypted by your device (meaning, Last Pass can’t even view your passwords) so that no one can hack in and steal all of that information. And, the best part, it’s free!

3. Enable two-factor authentication

Most devices or websites now allow users to enable two-factor authentication. Even if you have created the secure passwords I am recommending, using two-factor authentication is the next step to ensuring your personal information stays protected.

Two-factor authentication usually uses two of the following forms of authentication: information you know (like a password or answer to a question), something you have (like a cell phone), and who you are (like a fingerprint). It is then called “two-factor” because you use two of these options to log in to your account. While two-factor authentication might sound like an intimidating and “techy” term, you have probably already used it in your daily life. If you have ever tried to log into a website with a password and then been prompted to enter a PIN or code that was texted to your phone or emailed to you, that was two-factor authentication. Many hackers cannot fight their way through this two-factor wall of authentication because they either need to be you or have your device to correctly go through the process.

4. Discover if you have been involved in a data breach

Unfortunately, data breaches are becoming more and more common. When someone is involved in a data breach, usernames, passwords, and any connected personal information can be stolen and distributed throughout the internet. Ever worry that involves you?

A great way to identify if your email address has been involved in a data breach is to go to Have I Been Pwned? and enter your email into their database. The site tells you other sites that have accessed your information and when. This is also a great reminder on the importance of regularly updating your passwords. If you have been hacked, your email and password combinations are probably floating around in some hacker database somewhere, waiting to be used. It is important you identify if your email has been compromised so you can take steps to secure it for the future.

Make this a year of protecting your personal information. Set, and follow, these four, simple New Year’s resolutions and you will have a safer and more secure year.

Next steps:

  1. Learn more about strong passwords.
  2. Subscribe to receive email updates every week.
  3. Contact me if you have questions.
Edin Hadzic, CBAO, CBSM, CAMS

Edin Hadzic, CBAO, CBSM, CAMS

Financial Intelligence Officer (515) 222-2016 Email Edin

Edin Hadzic is a Compliance and Information Security Officer at Bankers Trust. In previous roles with the bank, Edin has worked in the retail space as a Teller at the North Branch and as an Electronic Banking Analyst in the Electronic Banking Department. His responsibilities include Bank Secrecy Act (BSA)/Anti-Money Laundering Compliance and fraud monitoring. Edin is a Certified Bank Security Manager (CBSM), Certified BSA-AML Officer, holds a CAMS certification (Certified Anti-Money Laundering Specialist), and was designated as the Bank’s OFAC Officer in the summer of 2017. Edin is a graduate of Grand View University where he earned a Bachelor of Science degree in Management Information Systems and Business Administration. In his spare time, Edin enjoys watching football (Go Hawks!, Go Eagles!) and fishing during the summer time.   CBSM certification is specially designed to benefit any professional working with Information Technology and Information Security who has a direct responsibility for information.    CBAO certification signifies being a BSA AML Officer. This certification is put on by Lexis Nexis and it covers the following: Bank Secrecy Act, USA Patriot Act, Anti-Money Laundering Requirements, OFAC Requirements.   The CAMS credential is the gold standard in anti-money laundering certifications and recognized internationally by financial institutions, governments and regulators.

Have the Education Center delivered right to your inbox

Subscribe to the Education Center to stay up-to-date with the latest Education Center posts on the topics that matter to you.

Form Illustration

    Select which topics you are interested in, and we’ll send new posts directly to your email inbox: *