As we enter another Cybersecurity Awareness month never has our need to protect our online activities been more crucial. The Federation of Small Businesses reported that small firms suffer close to 10,000 cyber-attacks daily.
Although cyber-attacks are becoming ever more complex, many online users are still providing easily avoided opportunities for exploitation. Bad actors are winning the battle, they breach and defeat more and more systems every day. They are on the offensive while we are on the defensive having to manage, monitor and watch every possible risk whereas they only need to find a single weakness or moment of vulnerability to strike. Make sure you and your team are all prepared to help protect your organisation.
Below is a simple yet effective checklist to fortify your cybersecurity.
We hope by now we are switched on enough to realise we are not lucky enough to inherit £500,000,000 from an African relation we never knew we had but email phishing campaigns are becoming more advanced and can now replicate everyday emails we are sent from management, colleagues, friends and families.
Being aware of poor grammar, low image quality or suspicious sender address can raise initial concerns and you should never open or download attachments or reply if there are any doubts on the intentions of the email. Online banking companies will never ask for you to confirm or send any sensitive information.
Use a Password Manager
Passwords give access to all your data, and if you're not already taking them seriously, you must. It turns out 'Password' as a password isn't as original as you thought. The most secure passwords are a random arrangement of letters (both uppercase and lowercase), numbers and symbols. But, we know it can be impossible to remember all of these for every site you use. That is where password managers, such as LastPass, come very handy. LastPass allows users to use one master password to populate randomly generated passwords into the password fields which are securely stored in the LastPass Vault. This allows users to use secure complicated passwords on any device they install Lastpass and enter their unique password.
Avoid Public WiFi
We may see Starbucks public WiFi as the perfect opportunity for some relaxed out of office work or protect you data allowance whilst you catch up on your favourite show on your phone in a hotel, but we must understand that public WiFi is rarely secure and offers a lucrative entry point for cyber-criminals to exploit. This is because WiFi uses the "password" you enter to encrypt everything flying through the air so remember, if you anyone else knows the password they can decrypt everything in the air without even trying and spy on what you're up to. WiFi it's not secure if ANYONE else knows or could guess the password.
We must also note that, as described in the small print that no one reads when hitting that connect button, most organisations that provide free WiFi use this opportunity to collect information on users. The websites you visit, for example, can be useful data for the market research team in a hotel.
Tethering from your mobile is a much more secure option. If you are abroad, some carriers, such as our own Apollo network, can allow use of your normal data plan to avoid any expensive bills on your return.
Use a VPN
The flavour of the, well, last decade has been your privacy online. A VPN or Virtual Private Network, is a service that will encrypt what you do online. As in the above section regarding the use of public WiFi, if you absolutely must use public WiFi then you absolutely must use a VPN to protect your data and privacy. While bad actors will still be able to intercept what is beaming out from your device the VPN will encrypt everything sent over it in an additional "wrapper". Just like a present, if it's in the VPN wrap they can't see it.
Review Social Media Privacy Settings
You've just purchased your first pumpkin spice latte of the year, you've taken a picture, applied the perfect filter and a social media update is imminent. But wait, is that your bank card in the background? This scenario happened a few years back where a bank card could be read in the background of a photo. Team that up with the victim's address and age publicly available on their social media platforms and voila!, you've just given a bad actor access to your hard-earned.
We should all review our social media use and just how sensitive the information we divulge is and how it can be weaponized. Take time to read through your privacy settings and see who can see what, but also think about what can be done with however little you share. Personally, I make all my information completely private and only connect to people I know and trust.
Install Latest Updates
Don't put off updating your devices, most updates are reactive to current or previous attacks and provide patches to vulnerabilities. The longer you put it off, the longer you are at risk.
Please get in touch with our team of experts if you wish to discuss how we can help implement our cybersecurity checklist and what more complex measures we can offer to keep your business protected online. Helpdesk@wardmanuk.com.