Cyber security 101: simple measures everyone should adopt

15226344703_255d45c825_k

As more and more aspects of our lives become connected, we become more vulnerable to attacks. The latest data-breach at VTech toy store taught us that even our children are exposed to the vile deeds of malicious hackers.

But despite the spooky and high-tech stories you hear about the sophisticated methods employed by hackers, in most cases, it is simple negligence and overlook that allows them to carry out their attacks. A 2014 report from IBM states that 95 percent of IT security breaches result from human errors. For instance, despite all these warnings you see on sites about creating strong passwords, you’d be surprised to learn that “12345” and “password” remain the two most common passwords on the internet.

It is time to give up the naïve way of thinking that security breaches are always for big corporations and high profile figures. Any one of us can become a target. And we must learn the basics to protect ourselves.

In this blog post, I’ll reiterate a few simple rules that everyone should learn and abide by – even children.

Know your connections

The first step for good cybersecurity is to know how you, your family and your home are connected to the internet. In days of yore (I mean 20 years ago), you’d only need to seal your desktop or laptop computer’s internet connection to make sure that you were protected against malicious hackers. A few years ago, that domain would expand to include your smartphone as well. Today there are tons of connected gadgets surrounding you (including smart kettles, fridges, door locks, garage doors) and on you (your smart wearable devices such as smartwatch, Fitbit, etc) that you need to be wary of. In a few years, connected devices will outnumber humans. Every one of these can become an attack vector – even your light bulb – and need to be secured.

Strengthen your passwords and guard them

Everyone’s heard about the characteristics of a strong password: over 8 characters and composed of a combination of letters (both uppercase and lower case), digits and symbols. But that’s not all there is to having smart and strong passwords. You should also take note of the following:

  • Never use the same password on different accounts
  • Do not store your passwords on your hard drive
  • Change your passwords periodically
  • Never share your passwords with others
  • Don’t use petnames, birthdates, and other info that can be obtained elsewhere.

Surprisingly, most people know about these rules, but disappointingly, a lot of people simply overlook them, out of lousiness. Especially as each of us have several or even dozens of secure accounts (emails, social media, devices, …) to remember, we tend to neglect protecting our passwords, consoling ourselves that it’s always the next guy whose password will get hacked.

You might be right most of the times, but it only takes one incident to inflict irreparable damage to your data and life.

Lock screens

How many times have you been tempted to get rid of those pesky lock screens on your phone, smart watch or laptop computer? If you’ve either disabled locking mechanisms or extended the timeout period on most of your devices, know that you’ll regret it the next time your gadget gets stolen. But then, it’ll be too late. It pays in the long run to be a little patient and prudent and enter your password a couple of more times during the day. Lock screens go a long way to ensure that you’re safe when the unexpected happens.

The more tempting the offer, the more the reason to avoid it

While perusing the internet, you’ll face a lot of tempting offers, ads that will promise to reward you if you click on them, pop-ups that congratulate you on winning a competition that you’ve never participated in, or scary messages that warn you that you need to update your computer or change your account password.

The general rule of thumb is that every link is harmful unless proven otherwise. The same goes for email attachments. Ok, I don’t mean for you to become overly paranoid, but you really have to be careful when dealing with links. Never click on anything unless you totally trust it. And always make sure your computer or handset has an up-to-date anti-malware software installed on it.

As for your browsers, make sure you disable or uninstall plugins that are prone to being used as launch points for cyberattacks. The Flash Player add-on is one such plugin.

Software updates

Always keep your operating system, browser, antivirus and other software up-to-date. Most vendors regularly offer patches and security updates for their products. Never underestimate the value of these updates. They usually contain fixes for zero-days and newly discovered vulnerabilities. Not installing updates means you’re leaving your system open to attacks through well-known security holes.

Keep backups of your data

Keeping regular backups of your data outside of your computer has many benefits, especially for disaster recovery situation. But it is also important from a security perspective, as some breeds of cyberattacks, such as cryptoransomware attack, target and corrupt your data in order to spite you or extort you out of your bucks. In such situations, having backups of your data can save you time, money, and headaches.

Don’t put your trust in the cloud

If you’re going to keep your backup in a cloud server, my recommendation is to encrypt them on your own end before uploading them, even if your provider maintains to encrypt all user data. Cloud providers are one of the hottest targets of hack attacks, and there are too many cases of hackers obtaining decryption keys to cloud data. Under such circumstances, having an extra layer of protection can make you immune to the possibly disastrous results of your provider’s negligence.

Over to you

The first rule in cybersecurity is that there’s no such thing as a totally secure system. But by adhering to these basic rules, you can rest assured that you’re immune to most types of attacks and will convince the potential hacker to go prey on someone else (let’s hope that someone else has also read this post).

Have anything to add to these measures? Please share with us in the comments section.

Advertisements

16 comments on “Cyber security 101: simple measures everyone should adopt

  1. […] the most part, following basic security best practices, including installing a good anti-malware software along with new updates and patches on should be […]

    Like

  2. […] shared passwords, unchanged passwords, default passwords… And even if you stay true to all the security best practices, some things remain out of your control, including how committed your provider is to encrypt and […]

    Like

  3. […] passwords, unchanged passwords, default passwords… And even if you stay true to all the security best practices, some things remain out of your control, including how committed your provider is to encrypt and […]

    Like

  4. […] passwords, unchanged passwords, default passwords… And even if you stay true to all the security best practices, some things remain out of your control, including how committed your provider is to encrypt and […]

    Like

  5. […] passwords, unchanged passwords, default passwords… And even if you stay true to all the security best practices, some things remain out of your control, including how committed your provider is to encrypt and […]

    Like

  6. […] passwords, unchanged passwords, default passwords… And even if you stay true to all the security best practices, some things remain out of your control, including how committed your provider is to encrypt and […]

    Like

  7. […] passwords, unchanged passwords, default passwords… And even if you stay true to all the security best practices, some things remain out of your control, including how committed your provider is to encrypt and […]

    Like

  8. […] Cyber-hygiene is also an important factor. Be very careful when opening attachments to emails, especially when dealing with files that can have malicious content, such as .doc and .rar files, which have a long history of delivering malicious payloads. As a rule of thumb, never open attachments belonging to emails that come from unknown sources. Also, be careful when you browse websites, especially those that contain ads, because ads are one of the main mediums that ransomware is delivered. Ad blockers can help reduce the threat, plus taking care not to download software that comes from ads, no matter how tempting its offer might sound. […]

    Like

  9. […] of the main reasons users fall victim to ransomware is the lack of cyber hygiene, which means not patching and updating operating systems and antivirus software, carelessly opening […]

    Like

  10. […] few years ago, if you were a good cyber-citizen (which basically means you kept your system and software patched and your antivirus updated), you […]

    Like

  11. […] of the main reasons users fall victim to ransomware is the lack of cyber hygiene, which means not patching and updating operating systems and antivirus software, carelessly opening […]

    Like

  12. […] on the fun of playing games and start taking their own security more seriously. A good start is security basics, simple steps and measures that every user should know and abide by. Also, they should stop seeing […]

    Like

  13. […] 例えばパスワードの変更とか不要な機能をオフにするといった、一般的な方針とIoTセキュリティのための実践は、ディフォルト認証で力任せにスキャンするといった基本的(しかし効率的)な脅威に対する防御のためにはとても役立つ。 […]

    Like

  14. guest says:

    I can’t believe you didn’t add the OBSOLUTE #1 thing you’re NOT supposed to do: Run as an administrator. Unless you need to install/uninstall some program, or other administrative task, unless use the absolute lowest privileges required to perform a task.

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s