Super Bowl LII will be held this weekend in Minneapolis, and far more than the game itself has come to town. Additional activities include concerts, zip lines, fashion shows, ice mazes, fat bike races and much, much more. Unfortunately, all this entertainment and excitement brings a shadowy downside: an incredible risk of cybercrime. All around the Twin Cities region, thousands of fans will be using personal and company-owned laptops on public Wi-Fi at local hotels and coffee shops to make online purchases, respond to event promotions, take care of transactions with business partners, reply to company emails and more. With so much online activity, events like the Super Bowl create a prime opportunity for hackers.
To remind Super Bowl visitors to be aware of data security during Super Bowl week, we’re lighting up the top floors of our headquarters office building in orange and offering these cybercrime security tips. When you see the orange glow at 100 Washington Square, think about your own cybersecurity habits.
Studies have shown that online data privacy is very important to 87 percent of Americans, but few actually take steps to protect themselves. This should be of concern to every employer, because poor data security habits don’t just put the individual’s data at risk–corporate data is also in danger. In today’s BYOD work environment, laptops are a mix of personal and corporate data. Unfortunately, endpoints like laptops are also a favorite target of cybercriminals. In the U.S., as much as 60 percent of corporate data is on employee endpoints. Minneapolis has 117 free public Wi-Fi hotspots, and U.S. Bank Stadium alone has 1,300 Wi-Fi access points. All it takes is one employee on one of these hotspots to make a mistake and become exposed to ransomware, malware or another data loss incident.
The good news is that following a few simple data security best practices can drastically reduce your odds of getting hit by data loss during the big game:
- Use a secure internet connection and avoid public Wi-Fi. If you are using a company device, use the VPN provided by your organization.
- Ensure your email and other important transactions occur with SSL. Look for “https” in the browser.
- Use password best practices. Make sure to use unique passwords for personal and professional accounts.
- Use a “dedicated” or prepaid credit card for making online purchases.
- Stay alert for phishing emails. If an offer seems too good to be true, it probably is. Don’t click on links embedded in an email even from someone you conduct business with. Instead, open a fresh browser page and go to their site using your own browser history or app.
- Look closely at email addresses to ensure they are properly formatted and from the correct domain. Look for typos or a 0 (zero) being used instead of the letter “O.”
- Back up your devices regularly with an endpoint recovery solution. This is an essential form of protection in the event of a ransomware attack.
- Educate your employees about security best practices. People are often the weakest link in security manifestations, so diligence is essential to staying safe.
- It takes a mere second for an employee to click on a link in response to an inquiry that looks innocent or open an attachment that gives a cybercriminal access to your company’s network and data.
- Lack of education is often the reason that employees breach certain conditions, such as downloading non-approved programs.
- Data has moved outside the data center. To protect information, companies must have visibility to where it is, who moved it and how it is being used.
- Back up all corporate devices regularly with an endpoint recovery solution.