It is cybersecurity awareness month and although we highlight cybersecurity this time of year, the top 10 tips for your individual security should be a daily cyber hygiene must for every one of us. Thought I would take the time to share with you what I tell my clients when asked:
1. Keep Your Software Up to Date & Use your Device Securely
One of the most important cybersecurity tips to mitigate ransomware or other cyber intrusions is patching outdated software, both operating system and applications. This helps remove critical vulnerabilities that hackers use to access your devices. Here are a few quick tips to get you started:
Note: Ransomware attacks continue to be a top attack vector of 2019 for both businesses and individuals. Ransomware is malicious software designed to block access to your computer until a sum of money is paid.
2. Use Anti-Virus Protection and a Virtual Private Network (VPN)
Anti-virus (AV) protection software has been the most prevalent solution to fight malicious attacks. AV software blocks malware and other malicious viruses from entering your device and compromising your data. Use anti-virus software from trusted vendors and only run one AV tool on your device.
Why use a VPN: Typically, when you try to access a website on the internet, you start by connecting to your internet service provider (ISP). They redirect you to any website (or other online resources) that you wish to visit. All your internet traffic passes through your ISP’s servers, which means they can see and log everything you do online. They can also hand your browsing history over to advertisers, government agencies, and other third parties.
Here’s where a VPN comes into play: It redirects your internet traffic through a specially configured remote server. This way, the VPN hides your IP address and encrypts all the data you send or receive. The encrypted data looks like gibberish to anyone who intercepts it — it is impossible to read. Protecting you and your personal data, financial information etc. Top of the line: ExpressVPN or NordVPN.
3. Don’t Use Public Wi-Fi – I say again – Don’t use Public Wi-Fi!
DO NOT use a public Wi-Fi without using a Virtual Private Network (VPN). By using a VPN, the traffic between your device and the VPN server is encrypted. This means it’s much more difficult for a cybercriminal to obtain access to your data on your device. Use your cell network if you don’t have a VPN when security is important.
4. Use Strong Passwords & Use a Password Management Tool
You’ve probably heard that strong passwords are critical to online security. The truth is passwords are important in keeping hackers out of your data! Lock all of your devices including phone, tablet, laptop/desktop with a password or even better – biometric data (your fingerprint).
5. Use Two-Factor or Multi-Factor Authentication
Two-factor or multi-factor authentication is a service that adds additional layers of security to the standard password method of online identification. Without two-factor authentication, you would normally enter a username and password. But with two-factor, you would be prompted to enter one additional authentication method such as a Personal Identification Code, another password or even fingerprint. With multi-factor authentication, you would be prompted to enter more than two additional authentication methods after entering your username and password.
6. Do NOT Use Public USB (Universal Serial Bus) Ports
DO NOT use a public USB port to recharge your devices. Always use your standard electrical outlet plug. If you do not have portable charger (cost starts at $10) or an available electrical outlet and must resort to using a USB, then ensure you are doing this in conjunction with a Virtual Private Network (VPN). By using a VPN, the traffic between your device and the VPN server is encrypted. This means it’s much more difficult for a cybercriminal to obtain access to your data on your device. Use your cell network if you don’t have a VPN when security is important.
7. Always protect your work with a Privacy Screen
DO NOT conduct your personal and private business out in public without using a privacy screen that protects an onlooker from seeing company or individual intellectual property. A computer privacy screen, sometimes called a privacy filter, is a thin piece of plastic that’s placed over your monitor or display panel in order to prevent wandering eyes from absorbing confidential information.
Here are a few of the key takeaways from their worldwide results on the importance of visual privacy in the workplace:
8. Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers
Phishing scams are nastier than ever this year. In a phishing scheme attempt, the attacker poses as someone or something the sender is used to receiving with the intent that the recipient will divulge critical information, credentials, send a monetary payment, click a malicious link, or open an attachment that infects the user’s system with malware or a vulnerability exploit. This often leads to a ransomware attack. In fact, 90% of ransomware attacks originate from phishing attempts. A few important cybersecurity tips are:
9. Protect Your Sensitive Personal Identifiable Information (PII)
Personal Identifiable Information (PII) is any information that can be used by a cybercriminal to identify or locate an individual. PII includes information such as name, address, phone numbers, data of birth, Social Security Number, IP address, location details, or any other physical or digital identity data. In the new “always-on” and “always connected” world of social media, you should be very cautious about the information you include online. Consider reviewing your privacy settings across all your social media accounts, particularly Facebook, Instagram or LinkedIn. Adding your home address, birthdate, or any other PII information will dramatically increase your risk of a security breach. Hackers use this information to their advantage! Recommend you keep highly confidential information, i.e. banking, on a separate computer, safe from family internet surfing.
10. Backup Your Data Regularly
Backing up your data regularly is an overlooked step in personal online security. The top IT and security managers follow a simple rule called the 3-2-1 backup rule. Essentially, you will keep three copies of your data on two different types of media (local and external hard drive) and one copy in an off-site location (cloud storage).
Important Note: If you become a victim of ransomware or malware, the only way to restore your data is to erase your systems and restore it with a recently performed backup.
Lastly – ALWAYS LOG OUT of applications and websites when you have finished using them.