Milepost 42 is honored to join an initiative to promote awareness of online safety and privacy, by signing up as a Champion of National Cybersecurity Awareness Month (NCSAM) 2019.
NCSAM is a collaborative effort among businesses, government agencies, colleges and universities, associations, nonprofit organizations and individuals committed to this year’s NCSAM theme of “Own IT. Secure IT. Protect IT”, and this year’s initiative will encourage everyone to #BeCyberSmart through cybersecurity best practices.
30 years ago, the world wide web was just getting started. Today, we can access information almost instantly, from a device that fits in a pocket. We have technology in almost every aspect of our lives. And just like in all the other parts of our lives, we need to protect and secure the things we own.
~ Stacy Clements, Owner of Milepost 42
Now in its 16th year, NCSAM continues to build momentum and impact with the ultimate goal of providing all Americans with the information they need to stay safer and more secure online. [Organization name] is proud to support this far-reaching online safety awareness and education initiative which is co-led by the National Cyber Security Alliance (NCSA) and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security.
“Cybersecurity is important to the success of all businesses and organizations. NCSA is proud to have such a strong and active community helping to encourage proactive behavior and prioritize cybersecurity in their organizations,” said Kelvin Coleman, executive director, NCSA.
For more information about NCSAM 2019 and how to participate in a wide variety of activities, visit staysafeonline.org/ncsam. You can also follow and use the official NCSAM hashtag #BeCyberSmart on social media throughout the month.
About Milepost 42
Milepost 42 is a technology partner for small business owners who want to focus on their passion and not the “techie stuff” needed to support it. Small businesses need technology –websites, email, automation – to run and grow, and they also need to be aware of the need for cybersecurity to ensure business continuity. Milepost 42 provides those services and planning assistance for small business owners who are ready to have someone else handle the “web stuff”.
About National Cybersecurity Awareness Month
NCSAM is designed to engage and educate public- and private-sector partners through events and initiatives with the goal of raising awareness about cybersecurity to increase the resiliency of the nation in the event of a cyber incident. Since the Presidential proclamation establishing NCSAM in 2004, the initiative has been formally recognized by Congress, federal, state and local governments and leaders from industry and academia. This united effort is necessary to maintain a cyberspace that is safer and more resilient and remains a source of tremendous opportunity and growth for years to come. For more information, visit staysafeonline.org/ncsam or niccs.us-cert.gov/national-cybersecurity-awareness-month-2019.
NCSA is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with a broad array of stakeholders in government, industry and civil society. NCSA’s primary partners are the Cybersecurity and Infrastructure Security Agency and NCSA’s Board of Directors, which includes representatives from ADP; American Express; Bank of America; CDK Global, LLC; CertNexus; Cisco; Cofense; Comcast Corporation; Eli Lilly and Company; ESET North America; Facebook; Google; Infosec; Intel Corporation; Marriott International; Mastercard; Microsoft Corporation; Mimecast; NXP Semiconductors; Proofpoint; Raytheon; Symantec Corporation; Trend Micro, Inc.; Uber: U.S. Bank; Visa and Wells Fargo. NCSA’s core efforts include National Cybersecurity Awareness Month (October); Data Privacy Day (Jan. 28); STOP. THINK. CONNECT.™, the global online safety awareness and education campaign co-founded by NCSA and the Anti-Phishing Working Group with federal government leadership from the Department of Homeland Security; and CyberSecure My Business™, which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information on NCSA, please visit https://staysafeonline.org/about/.
Summer is here! Kids are out of school, and maybe you have a vacation planned – but cybercriminals never take a holiday. Whether you’re booking a hotel room, buying concert tickets, picking up stuff for your garden, or taking advantage of summer clothing sales, stay vigilant when making online purchases.
Several years ago, most people made very few online purchases. Now, Amazon Prime Day(s) are touted almost as much as holidays, and some people buy almost everything online. You can make purchases, and even pay, with your mobile phone. The downside of this convenience is that it gives cyber thieves more ways to get into your wallet.
But just like there are ways to protect yourself when in a crowded place that may harbor pickpockets, there are ways to protect yourself from the cyber bag snatchers. CouponChief has put together an Online Shopping Safety Guide to educate consumers on security concerns and provide some tips on what you can do to protect yourself. Give it a read, and enjoy your summer shopping, safely!
Happy #WorldPasswordDay! The first Thursday of May is designated World Password Day, and it’s intended to promote better password habits to help safeguard our digital identities. With cybercrime on the rise and data breaches becoming almost commonplace, it’s more important than ever to protect these keys to our kingdoms. Take a moment today to review these tips to secure access to your accounts.
Use Strong Passwords
You know this…but do you follow this advice? A recent study of hacked accounts showed that 23.2 million victim accounts used 123456 as the password. Make your passwords strong – a combination of upper and lower case letters, numbers, and special characters is best.
Use a minimum of 12–15 characters – longer is better! Length is even more important than complexity, and long “pass phrases” can actually be easier to remember. Don’t use easy-to-guess information, such as birthdays, sports teams, or band names, and don’t use dictionary words.
Don’t Use The Same Password On Different Systems
When you’ve picked out a great strong passphrase, it’s tempting to use it everywhere. Don’t do it! Even the strongest password does you no good if it’s been exposed in a data breach. Cyber criminals often take passwords gleaned from a breach, and try the credentials on other systems. If your social media account is compromised, and you use the same password and email address for your bank account…well, that’s a problem you don’t need.
Web security expert Troy Hunt created a great free resource which collects data on known breaches to help people assess whether their information may be at risk. Check out Have I Been Pwned to see if any of your accounts have been compromised in a data breach. (Spoiler: the answer is probably yes!)
LastPass is a great password management tool for you, your family, or for a business team. (Disclosure: This is an affiliate link, which means I may get a small commission if you purchase through this link. There is no extra charge to you and there is no requirement to purchase through this link to get the latest deal.)
Use A Password Manager
So, I’m supposed to use long, strong passwords, and different passwords for everything – how am I supposed to remember all this? If you follow best practices for passwords, it’s impossible to remember and keep track of them all – this is where password managers come in.
A good password manager will securely store unique login credentials for all your different accounts. You only need to remember the master password to the password management tool itself. Features vary depending on the tool you choose, but many password managers allow you to autofill using a browser extension (be cautious!), sync passwords to use on desktop and mobile devices, help you change passwords on your accounts, and generate strong passwords to help keep your accounts secure.
Most password managers are relatively inexpensive, and many have free versions that may work for you. I personally use LastPass, but it doesn’t matter what you use, just use one!
#LayerUp Your Login
Yes, it’s World Password Day, and since passwords are still the most prevalent way of protecting an account, we need to follow good password practices. However, the best password in the world is useless if it’s been exposed in a data breach. The theme for this year’s World Password Day is #LayerUp – further protect your login by using multi-factor authentication (also known as two-factor authentication).
Multi-factor authentication adds another layer of protection to your accounts by requiring an extra step, such as entering a code sent to your phone, a code generated by an authentication app on your mobile device, or authentication with a separate hardware key. This may seem a little inconvenient, but it’s a lot less hassle than trying to get your money back if your bank account is hacked or having to cancel your credit card after a major data breach.
Most major companies now have the option to turn on two-factor authentication to help prevent fraudulent access and add additional protection to your account. You can learn more about multi-factor authentication and how to enable it in this guide from Pixel Privacy.
Your personal information is valuable – protect it! Take a moment to celebrate #WorldPasswordDay by reviewing your accounts for strong passwords, and enabling multi-factor authentication on your most important accounts. #LayerUp and stay safe online!
Disclosure: This post includes affiliate links to the recommended service, which means if you click on the link and make a purchase, I may receive a commission or bonus. All my reviews and recommendations are based on my personal experience with the product or service.
As a technical consultant and service provider for small businesses, I’m often asked to recommend a shared web hosting provider. Although I strongly feel that a business should use cloud-based or VPS (or even dedicated) web hosting, shared hosting can be appropriate for a freelancer, blogger, or a business just starting out and testing the waters.
However, it’s tough to find a quality shared hosting option. Certain large companies with big marketing budgets saturate the advertising space, and they historically have subpar performance and less-than-stellar reputations. From my experience with several of these companies, that poor reputation is deserved. While some deliver adequate performance for small, low-traffic sites, the security measures for these low-cost plans are often horrendous. A “security service” is a common upsell, but I’ve had clients with sites compromised even when they purchased the “security”. I’ve seen sites hacked due to cross-contamination, and I’ve seen overloaded servers running software that is years out of date.
I was lucky enough to run into Trey Gardner of GreenGeeks at a WordCamp, and after a short conversation, he invited me to check out GreenGeeks hosting. I’m pleased to say that I now have a solid recommendation for shared hosting – if you are in the market for shared web hosting, I invite you to check out one of the GreenGeeks plans.
(Note: GreenGeeks does offer VPS hosting and dedicated server hosting as well, and while I have no doubt those plans are also excellent, I have not personally tried them.)
For a shared hosting plan, GreenGeeks has comparatively good performance. They offer all the basic items you’ll find in most shared plans (unlimited web space, data transfer, MySQL databases, the underlying software needed to host popular platforms such as WordPress or Drupal). With three levels (Starter, Pro, and Premium), you can find an inexpensive plan to help get that blog started, or a little more robust plan if you want to test out your business idea without a large upfront outlay of cash. My recommendation even for small sites is to start with the “Ecosite Pro” plan, but if you just need something for a low-traffic personal site and are really cash-strapped, the “Ecosite Starter” can get you going. GreenGeeks has implemented a scalable hosting platform, so if you find the standard resources don’t quite meet your needs, you can purchase a memory upgrade to help boost your site performance.
When you sign up, you can choose from 5 data centers – if you’re located in the US, Canada, or Europe, you’ll be able to choose a location near you for faster loading times. They also offer integration with the CloudFlare Content Delivery Network, which can help with page loading speeds by caching content and serving it from a location close to your site visitors. And their proprietary PowerCacher service (on Pro and Premium plans) can help speed your site up even more.
GreenGeeks uses state-of-the-art hardware, with solid state drives and name brand server and network gear. In addition, they stay current with the latest web software and protocols, using both HTTP/2 and PHP 7. This is important not only for performance, but also for security.
As mentioned, GreenGeeks is up to date with the software running on their servers – something not all inexpensive shared hosts do (I recently helped someone with a web issue and discovered their web server was running PHP 5.2 (as of the original date of this post, end-of-life for PHP 5.2 was over 8 years ago, so it’s not at all surprising the individual had website troubles). GreenGeeks also offers secure FTP, giving you a secure connection to transfer and access your files.
GreenGeeks uses a container based approach, provisioning each account with a secure virtual file system. This helps to keep accounts private; although you share space on the server with many other accounts, users can only see and access their own accounts. Along with security scanning and server monitoring, this approach helps to protect against malware, and reduces the concern of cross-site contamination if there happens to be a “bad actor” on your shared server.
Finally, GreenGeeks offers a free Let’s Encrypt SSL certificate with all hosting plans – a must to ensure your site uses the important https and doesn’t get marked as “non-secure” by the Chrome web browser. While most reputable web hosts will offer the Let’s Encrypt SSL certificate, many of the low-cost shared hosting plans charge to set up and install the certificate for your site.
Other than the free website transfer offered by GreenGeeks, I have not had the need to use their support. My support request for the website transfer was handled quickly and I had no issues. If you do have occasion to need support, GreenGeeks offers email support through your Account Manager area, 24/7 live chat, and phone support from 9 AM to midnight Monday through Friday, and 9 AM to 8 PM EST on weekends. If, like me, you prefer to try to figure things out yourself first, they do have a robust knowledge base as well as a number of tutorials on common topics.
GreenGeeks’ claim to fame is, as evidenced by their name, being an award-winning “green” web host. They are proud of being an environmentally friendly web host, by not only making the maximum effort to be energy efficient, but also investing in renewable energy to reduce the inevitable environmental footprint created by technology. And when you host with GreenGeeks, you can use one of their cute little “Green Badges” to show that your website is eco-friendly!
Although personally I’m more interested in the security aspects of the hosting I use, I can’t deny that being as energy-efficient as possible is good for all of us. Oh, and Trey is a really nice guy!
Not Easy Being Green
If you need an inexpensive shared hosting plan that still offers good performance and security features, as well as giving you the satisfaction of “being green”, then check out one of GreenGeeks hosting plans.
Milepost 42 is proud to be a champion of Data Privacy Day 2019. The new year is well underway (already!?), and there’s no better time to review the personal information you share and collect, and take steps to ensure it’s protected.
It’s Week 3 of #CyberAware Month, and this week is all about tips and advice to ensure online safety at work. No matter where you work – government, industry, academia – we all have a role in ensuring online safety and security. While your organization may have an Information Technology (IT) department to oversee company infrastructure and computers, following cybersecurity practices to protect the organization from cyber attacks is a responsibility everyone shares.