This Computer Security Day, we’ve compiled a few quick and handy tips that you can apply to your day-to-day lives to reduce the risk of your personal devices becoming compromised. Remember, even though it is named “computer” security day, this advice can and should be followed when using your smartphone, tablet, games console or any other digital device with an internet connection.

Passwords

Having a strong password in place to block unauthorized access to your digital accounts is a good starting point to improve your personal cybersecurity posture.

• Don’t make them something obvious (12345678, password2021 etc.) or something that can easily be associated with you (e.g. name & birthday). Hackers can research you through social media and obtain these obvious pieces of information.
• Avoid using the same password across multiple accounts. If you use the same password on everything, once the hacker compromises one account (such as your Netflix or Spotify account) they can gain access to your email and from here possibly your banking details.
• Update your passwords regularly. There’s a good reason your work PC requires you to change your password at least once per month!
• Consider using complex automatically generated passwords and storing them using software such as LastPass.

Dual Factor Authentication

Online accounts that are secured with your login credentials alone (your email/username & password) have what is referred to as “single factor authentication”, meaning that only a single factor (the login credentials) are required to gain access to the account. Dual factor authentication (sometimes referred to as two factor authentication or “2FA”) requires an additional step, or factor, to prove that you are indeed who you say you are to allow access to the account. Dual factor authentication is commonly implemented on websites and applications by sending a one-time passcode (OTP) via SMS messenger or email to the registered contact details associated with the account. Only upon entering the correct OTP will the site grant access to your account. Most applications and online services will have this functionality; ensure it is enabled wherever possible.

Be Phish Aware

Phishing is a form of cyber scamming whereby criminals will impersonate legitimate organisations, often via email and SMS text message. They commonly include a link to a scam website. Never click any link you don’t trust! By doing so, you risk disclosing your credentials to the cyber criminals and/or downloading malware onto your device that will allow the thieves to spy on you. Phishing has been around for decades and it continues to grow ever more sophisticated. For instance, if a friend or family member’s email address has been compromised, the criminals could send a malicious link from that account. Even if you recognize the email address, if the message looks “phishy”, don’t open or click anything. Contact them via some other medium and ask them to verify the email.

Update your software regularly

Ensure that you download the latest version of your device’s operating system (OS) software (Microsoft Windows, Android OS, Apple iOS etc.) as soon as it becomes available. This will remove the latest cybersecurity vulnerabilities that hackers could exploit to infiltrate your device. If using an older OS which is no longer supported by the manufacturer through regular software patch updates (such as Windows 7), consider upgrading to the latest version. Without ongoing manufacturer support, the attack surface area of your OS will become more and more porous as hackers exploit and develop upon existing weaknesses and vulnerabilities.

Avoid Using Public Wi-Fi

As a user, there is no way of knowing what security precautions are being taken with each public Wi-Fi network to ensure its integrity. Therefore, it is better to be safe than sorry and avoid using them altogether. Use cellular data to access the internet whenever possible when out and about.

It is important to note that our recommendations today are to help you enhance cybersecurity integrity in relation to your own personal devices. Companies, regardless of size, represent a far more lucrative target to hackers. In addition to training staff in cybersecurity best practices, organisations need to evaluate the cybersecurity solutions currently in place; from integrated edge-to-core firewalls, endpoint protection, web and email filtering and, for when a cyber-threat manages to infiltrate the network, advanced Business Continuity and Disaster Recovery procedures underpinned by trusted solutions.

If you have any queries in relation to your organisation’s current cybersecurity posture or would like to learn more about the wide range of offerings at Datapac, feel free to leave your details below for a no-commitment call back from a member of the cybersecurity team.

Follow us on Twitter and LinkedIn to stay updated.