Security Tips for the #CyberSecurityAwareness Month

Author:

CEO

Tinesh Chhaya

CEO

Published:

5 Oct, 2020

Tags:

Hi All,

I hope you are all well and safe.

#CyberSecurityAwareness month runs throughout October.

Following up on my last post, I would like to expand on some of the things we can do to secure ourselves in a time where many organisations are forced to work from home that simply aren’t equipped to do so.

Seventy percent of professional’s work from home once a week at least according to Zug. With that being said, the cybersecurity risk that comes with this is not always clearly addressed.

When working in an office, data is more secure as it is internally accessed, and IT security officers monitor it.

The risk to the data grows when the information is accessed remotely. Working from home takes into consideration the different networks that will be used to access organisations data externally. Before the pandemic, the data would flow from the company server into the internal network to the end-user machine. However, now the data is splashed from public internet to local networks.

Below are approaches that can be taken to minimise the risk from an employee perspective.

Secure your workplace

Physical security is as essential when working from home. The same way you would lock your office after leaving the same should be done at home. Laptops can still be stolen from your house. At least lock your laptop when not in use.

If possible, you should ask your organisation to loan you your work computer. This would keep you more secure because using your personal computer may have exploitable vulnerabilities from non-essential apps. These can include games or other non-work essential apps that may be there for personal purposes or used by family members. The working device will already have the vital apps needed for work.

Ideally, suppose you are handling sensitive data. In that case, the camera to your device should be blocked, and your home office door should be locked when not occupied.

If and when your data has been compromised, your organisation should be informed so that the necessary steps can be taken.

Having good password practice

As humans, we forget. We could easily forget to lock our devices, therefore enabling automatic locking would be worthwhile. This can be configured to automatically lock your device after a certain amount of time has passed.

With that being said, having a weak password would make the above statement useless. A password should be unique to anyone that is not you. It is good practice to avoid repeating sequences and anything related to you that could include your birthday, address or something that can be guessed easily.

Using a password manager can be solution to this. A password manager makes randomised unique passwords and stores them automatically.

This is critical because, in the case of a data breach, the data that will be compromised is the data stored in the place of the breach and not every other platform containing your data.

Activating two-factor authentication as an additional tool can prevent malicious access even if your password is compromised. What this does is require to send you a text message with a code or by the use of an authenticator app to attain access.

Securing your router

Your home router should be secured. The first step to secure your router is to change the password of the router from the default one to a new unique new one. Cybercriminals can exploit your home network if the settings are the default ones. This can be simply avoided by changing the router’s password to something unique.

Use encryption

This is a simple but vital step. If your employer has not already done this for you, you should. Turning it on is critical because it protects your data from unwanted access.

Most devices include this feature as default which can be enabled according to your device manufacturer.

Your operating system

Making sure your operating system is still supported is important. Only the more recent significant versions of an operating system are supported at each time. Supporting all systems would cost the developers too much therefore the most recent ones are supported.

If your system is not supported, you will no longer receive security patches making your device exploitable by cybercriminals.

According to your device manufacturer you can check if your device is supported on their website.

Having a supported operating system is not enough; you should make sure that your operating system and software are all up to date with the latest security patches.

Turning on automatic updating would be the best strategy as you will always be up to date with the latest security patches.

Using an antivirus

Antivirus software can be used to protect you from malware that includes viruses, spyware and trojans.

An antivirus detects a virus and works to remove it from your computer. Antivirus software can be used in two ways, to look and detect for existent viruses in your computer already. It works by preventing potential future malware from entering your devices.

It is a good practice to run a scan on your computer to detect and remove malware.

Enabling find my device

When a device is lost or stolen, this is crucial in ensuring your device can be found and have sensitive information wiped. This makes it much harder for a hacker to access and use your data.

Most devices include this feature as default which can be enabled according to your device manufacturer.

Using a VPN

Using a VPN when using a public network is a must. A VPN creates a private network using a public network. A VPN hides your IP making you untraceable. You can receive sensitive data on a public network as if you are using a private network.

Educate yourself in cybersecurity awareness

Learning about cybersecurity is not like learning how to ride a bike; cybercriminals are continually evolving with new methods to exploit.

There are different types of attacks that you should be able to distinguish and avoid. These include phishing and whaling attacks. Moreover, it is critical to be able to recognise domain hijacking and typosqautting attacks.

It is vital to avoid downloading apps and browser plugins from unknown app developers.

About author:

CEO

Tinesh Chhaya

CEO

Related Blogs

Global Tech Loop Issue

CEO
Tinesh Chhaya . 10 Nov, 2020

What is Internet of Things?

CEO
Mohammad Baker Ahmed Almousawi . 2 Nov, 2020

Cyber Security Awareness Month

CEO
Tinesh Chhaya . 26 Oct, 2020