Tuesday, August 13, 2019

Top 10 Tips for Strong Internet Security

Tip #1: Only sites with HTTPS are secure!

URLs beginning with ‘http://’ are NOT secure. Sites with ‘https://’ are using a combination of Hypertext Transfer Protocol (HTTP) with the Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocol, meaning that the session between your browser and the web server is encrypted. Without HTTPS, bad guys can intercept your session using tools like Firesheep.

Tip #2: Use security questions whose answers are impossible for others to guess

Security questions are useful when we forget our passwords and need to reset them. In fact, when signing up for email accounts, most of us unthinkingly put in truthful answers to easy questions, like, “What is your mother’s maiden name?” or “What’s the name of the town in which you were born?”

But have we ever stopped to think how easy it is for bad guys to find the answers to those questions? We share so much of our personal lives on the internet; it’s actually very easy for bad guys to find our security answers on the internet, and to reset our passwords without permission. In fact, a reporter from the Washington Post was able to hack her brother’s iCloud account in three minutes using information that was guessable or findable on the Internet.

Instead of answering security questions with obvious answers that people can find using search engines or from reading your online profiles, try answering with irrelevant answers mixed with numbers. Of course, make sure you remember the answers in the event that you ever get locked out of an account and need to use your security question!

Tip #3: Don’t use the same password for all your accounts

Obviously, it’s easy to remember one complex password and use it across all of your accounts. However, this leads to the possibility of one service being hacked and the hacker using this password to attack your accounts with other services.

Try using suggest using a password manager like 1Password, KeePass and LastPass to generate and keep passwords (we also have a random password generator). These password apps can create random, indecipherable strings of alphanumeric characters as passwords and help store them for you on your different devices.

If your online service (i.e. email, online storage, bank) offers 2-step verification, you should definitely use it.

Tip #4: Keep your operating system and all your software up to date

Operating systems such as Windows and Mac regularly send updates for users with software patches and so on. While it may be tempting to close popups reminding you of a new update, you should be updating as soon as you’re able to protect against the latest security vulnerabilities.

You should also keep your other software up to date. The best tactic is to turn on automated software updates on all your apps—this applies to your antivirus software, email apps, browsers, and so on.

Tip #5: Be careful when accessing public WiFi

Unfortunately, a lot of people don’t know that when you are sitting in your favorite coffee shop, accessing your favorite sites with free Wi-Fi, you’re at risk of having someone intercept your data.

Unprotected free Wi-Fi is a breeding ground for hackers to intercept and access your personal data. Before you connect to public Wi-Fi, turn off file sharing on your computer. If you’re on public Wi-Fi, don’t sign into anything requiring a password UNLESS you’re connected to a VPN.

Tip #6: Be careful what you write on social media

While social media is getting more and more popular, sites like Instagram, Twitter, Pinterest and Facebook are great for keeping up to date and letting your friends know what you’re doing and where you’re going. However, this information is gold for criminals. Accepting friends you don’t know personally could mean giving a hacker unfettered access to information about your family, your friends, where you live, and what you buy/read/do. Yikes.

Tip #7: Delete suspicious email attachments

Have you ever received an unsolicited email? Chances are, you have. The majority of people know that if you receive suspicious links or attachments from random strangers, you shouldn’t open them and should delete them straight away. However, if you receive a strange attachment or link from a friend, you should still do the same.Hackers often send dangerous malware by hacking someone’s email account and sending emails to the victim’s contact list. If you ever receive a suspicious email from a friend, you should email them and tell them that they are likely a hacker’s

Hackers often send dangerous malware by hacking someone’s email account and sending emails to the victim’s contact list. If you ever receive a suspicious email from a friend, you should email them and tell them that they have likely been hacked. In addition, tell them they should change their password and turn on 2-step authentication ASAP.

Tip #8: Don’t plug strange things into your computer

Not only can malware spread through virtual means—but it can also be spread through hardware! Users of USB sticks, external hard drives, and even smartphones are not immune from malware. The nefarious BadUSB malware is a case in point. Before you plug anything into your computer, make sure that you know exactly where it came from and what else has been on it. Only plug in things from trusted sources.

Tip #9: Never lose your device

So you’ve loaded your computer and smartphone with all the latest security software, changed all your passwords, and turned on 2-step verification. But what happens if you lose your computer or your smartphone? If you lose your device, all your emails, photos, and personal data could end up in the hands of someone who’s up to no good.

Don’t let this happen to you! Password protect your lock screen, use a brightly colored case so that you can’t lose it, and back up your data regularly. Turn on device location or use a third-party anti-theft app in case the unimaginable happens. The best, of course, is to always be vigilant about your hardware and never lose it, period.

Tip #10: Know where you’re downloading apps from

For maximum safety, only download apps from 100% trusted sources—for example, the Apple app store, or the creator of the software itself. When installing apps, make sure you know the permissions you’re giving them. For example, does that time management app really need access to your camera and contacts?

One more easy win – make sure your computer or device is configured so that downloaded apps need to be opened manually. You don’t want to download an executable file and have it automatically open on your machine without your consent!

At the end of the day, knowledge is a powerful tool. Maintaining good internet security requires a combination of taking care of your software and hardware, and using some good old fashioned common sense.

All credit for this article goes to http://bit.ly/2Tsc7HA

Tuesday, August 6, 2019

Stay Protected: 5 of the Most Important Cybersecurity Training Tips For Your Employees

We highlight the most critical cybersecurity training tips for employees because every business, whether big or small, experiences cyber threats.

It is believed that the most sophisticated cyber attacks are the biggest threats to any organization. However, the biggest cybersecurity threat to a business is the people that work there. In fact, eight out of ten top data theft are as a result of human error. This means you could probably stand to receive a few cybersecurity training tips.

Every business, whether big or small, experiences cyber threats. That is why it is absolutely important to have the right cyber prevention setup for your business to grow.

With the ever changing digital landscape, cyber attacks are becoming more sophisticated. All businesses therefore need to ensure the safety of their sensitive information and the security of their networks.

Being up to date with the methods used by criminals and ensuring employees are also aware of obvious dangers are necessary.

This post highlights five critical cybersecurity training tips to get your employees up to date and in turn ensure the protection of your business data.

1. Social engineering:

This is a term used to manipulate others so they give up their important information. It is commonly referred to as phishing. Based on an investigation report by Verizon, 93 percent of data breaches are as a result of pretexting and phishing.

Educate people working for you to be cautious while opening an email or communicating with clients on social media.

They should be weary of pretext such as:

  • A request for sudden help: Your friend has traveled to a different country and is stranded. He needs some money immediately so he can return home.
  • Give to a charity: The reason for the fundraiser might be honest, the payment link might not be.
  • A request that you verify some information: Requests like this seem official and come from an email disguised as from your bank.
  • An unusual request from your co-worker: If a co-worker asks for information regarding a project the organization is carrying out.
  • You’ve won a prize: These messages appear to be from your lawyer, a lottery, or the IRS for a deal that is nonexistent.
Cyber criminals usually succeed with most of these phishing messages employees act without giving much thought. Train your workers to pause and analyze situations before responding to such emails.

2. Password management:

According to a research conducted in 2017 by OneLogin, less than 31 percent of IT services require their employees to change passwords monthly. Password management is a major challenge for business owners as it regards cyber security.

With IT decision makers failing to remind employees, there needs to be a major change in attitude if you want to improve your cyber security.

Additionally, teach your workers to make use of strong passwords. Trace Security conducted a research and discovered that 81 percent data theft are connected to weak passwords.

When selecting strong passwords, keep the following in mind:

  • Use a combination of numbers, letters and special characters
  • Get creative
  • Choose something you can remember and that is impossible to be guessed
  • Avoid using personal information like your name, pet names, birth dates, and family names
  • Don’t share your passwords with anybody
  • Use a password that is unique for every device
  • Regularly change your passwords

3. Email usage:

Most businesses depend on emails daily for both external and internal communications. Since emails are primary delivery methods for computer malware, employees need to know how to responsibly use them.

They should exhibit caution when clicking on emails and opening attachments under these conditions:

  • Received from a strange email
  • An unusual tone
  • Having strange characters and wrong spellings
  • You antivirus doesn’t clear the file
  • The attachment seems unusual

4. Unauthorized software:

A quick way for viruses to infect your computers is by downloading software from sources that are unknown. Even software that appears innocent such as a game could have ransomware, spyware or other malicious codes.

Have a policy in place regarding software employees can and cannot install on company computers.

5. Using the internet:

Carry out training for your employees to avoid opening unfamiliar links on the internet or from sources that seem suspicious. Such links might download malicious software that could potentially infect your computers and put them at risk.

Establish safe browsing guidelines for using the internet in the office, and let your IT support workers to educate other employees on these rules.