Cybersecurity – What Is It?
It can be best described as methods, processes or technologies that help protect the integrity, confidentiality and availability of computer systems, networks, and data against unauthorised access and cyber-attacks.
If you work in a business that has either a dedicated IT department or outsources to a 3rd party, you should have systems and processes in place to help combat against a cyber-attack. If you work alone, or in a small business your resources may not stretch that far, plus we all have personal systems at home that can be impacted by an attack.
So, what can YOU do to help minimise your data and systems getting compromised?
The weakest link in any security model is always you and me – people. This is why most cyber-attacks are propagated by an action from a person within the network, that then moves through the systems and data.
Below is some guidance on how to avoid common threats with your data and on social media.
Keep Private/Personal Data Private
Encrypt Sensitive Files
Use encryption when sharing or storing confidential data. Windows comes with Bitlocker for encrypting your hard drive, helping to protect against theft. You can also use software encryption tools to encrypt your data.
Vary Your Passwords
Use unique, complex passwords on different sites and systems. You are vulnerable to a hack if your password is compromised on a website, and that password and username are used on multiple other systems.
Properly Destroy Unwanted Data
Shred unwanted documents and CDs, and thoroughly wipe devices before discarding them.
Social Media Habits to Implement Today
Regularly Review Your Privacy Settings
Don’t assume standard privacy safeguards are strong enough. Many applications default to less secure privacy settings to make your profile and posts easy to find and engage with.
When you share data publicly, be aware that scammers can use those details against you to make malicious emails, phone calls, and other communications seem legitimate.
Keep in mind that online privacy policies and settings change over time. It’s a good idea to regularly check your settings.
Most, if not all, social media accounts now offer 2FA (2 factor authentication) that is recommended to implement.
Assume Everything You Post Is Public
This may seem to contradict the first point, but this is social networking in a nutshell. The reality is data privacy settings can only protect you to a point. When you share something with someone, that something is no longer in your control.
Screenshots can be taken, messages can be forwarded, ‘deleted’ posts are not necessarily gone and private messages don’t always remain private.
It’s to your advantage to assume that everything you post could travel well beyond the privacy confines you believe you’ve set.
Scammers and cybercriminals love social media. Social accounts hold treasure troves of personal information, and it’s incredibly easy for individuals to pretend to be someone or something they aren’t within these networks.
Before you click a link, accept a connection request, or download a file, take a moment, and ask yourself:
Do I personally know this individual and/or trust this connection?
Am I already connected to this person?
Does this seem legitimate?
Do I know for sure if this link/file is safe?
You can make logical decisions based on the above and if in any doubt, err on side of caution. If something seems out of character from someone you know, ask them by using your own contact details (phone, etc.). The old mantra of ‘if it seems too good to be true it probably is’ still stands up!
Working Remotely and on the Web
Avoid Illegal Content
Don’t download pirated files like “pre-release” movies, music, or “cracked” software. These often contain malware.
Watch Out for Pop-Ups
Don’t interact with unexpected pop-up windows and ads. They can install malware and viruses.
Enable Security Features
Activate firewalls, anti-virus, and wireless encryption. Password-protect all personal and business devices and systems.
Use Secure Sharing Channels
Avoid taking sensitive files outside the office. If you must access confidential data remotely, use a secure server or other IT- approved channel.
Do not allow children, family, or friends to use business devices for personal activities.
The main takeaways for you are mixing up your passwords, never divulging your passwords to anyone, enable basic security features as a minimum, the Internet is public and if it seems too good to be true it probably is!
Look out for Part 2 which will be coming soon – it will provide information and some guidance on Phishing scams + Ransomware.
Some further reading can be found below:
National Cyber Security Centre: https://www.ncsc.gov.uk/collection/10-steps
IT Governance: https://www.itgovernance.co.uk/what-is-cybersecurity
Cybersecurity & Infrastructure Security Agency: https://www.cisa.gov/stopransomware
This post was written by Darren Cope, IT Manager for WSX Enterprise.