Cyber Hygiene – 10 Vital Everyday Cybersecurity Best Practices
Thank you, Kaspersky for sponsoring this post and for Championing National Cybersecurity Awareness Month!
Cybersecurity is becoming more and more important. Cyber attacks are becoming more frequent and their execution is becoming more seamless. So since October is Cybersecurity Awareness Month, let’s talk about what you do to stay safe online and your everyday Cyber Hygiene.
What is Cyber Hygiene?
It’s a set of regular practices and activities that will protect you from becoming vulnerable to cybercriminals. Think of it this way: you brush your teeth on a regular basis to protect your teeth from bacteria, it is preventative care. At this point, it’s a habit and you know you need to do it with a particular regularity in order to keep your teeth healthy.
Cyber Hygiene is similar: it is a set of preventative measures that you can take to make sure your data is safe online. The phrase also implies regularity, because building healthy cybersecurity habits is becoming increasingly more important nowadays!
So let’s talk about some of the best practices and how you can start implementing them today!
Photo by William Warby on Unsplash
Cyber Hygiene best practices
1. Have strong and different passwords on every account
If you’d like to continue being able to access your accounts and/or keep your data private, this is the most simple and vital step. If somebody can easily guess your password then they can get into your account and do whatever they want with it or your personal information.
If hackers get one of your passwords, and you have a repeat this password on multiple accounts, then you’ve essentially given them a copy of the keys to your apartment! Well, not quite but you know what I mean – they can use your accounts however they would like to from now on.
Jay Rosenberg, security researcher at Kaspersky, says:
“Sometimes websites or applications get compromised by hackers and they are able to try to login with your account using a password you used somewhere else previously.”
What is a strong password? It’s a password that:
Uses the maximum number of symbols allowed by the account
Has letters in both lower and upper cases
Contains numbers and symbols
Is very random and complicated, misspelling words if there are any
Keeping track of strong and different passwords can be challenging. However, there are lots of awesome password managers that can help you keep them secure and even come up with new strong passwords.
Many security solutions come with a password manager like Kaspersky Security Cloud which I use for many different cybersecurity solutions.
Immediate action item
Get a password manager and do a password audit: add your accounts to the password manager, changing weak or repeating passwords.
It can take up to a few hours depending on how many accounts you have, but it’s worth it. Trust me, it’s better to do it now proactively then scramble and rush once your accounts have been compromised, I’ve had that personally happen to me! Carve out some time this weekend and get your accounts secured!
Cyber hygiene action item
Whenever creating new accounts, make sure you use strong unique passwords. Save them into your password manager! Passwords should be changed on a regular basis or if an account has been compromised, change your password immediately and see what data may have been exposed to take further measures.
2. Share your data with only secure websites (https vs. http)
When you’re sharing any data with a website, for example entering your email, logging into your account, making a payment, etc. – it’s important to make sure that your information is secure. Make sure you check whether the website has an SSL certificate, which means that the transfer of information between your browser and the website’s server is encrypted.
How can you tell if this is a secure website? Look at their URL, if it starts with “https” – it’s secure and if it starts with “http” (no “s” on the end) – it doesn’t have the SSL certificate. Some browsers indicate whether the website is secure or not in the URL field.
Why is it important? If information isn’t encrypted when travelling from your browser to the server and back, cybercriminals might be able to access it. This means that your email, credit card information or any other personal and sensitive information can be stolen.
Cyber hygiene action item
Avoid websites without encryption if possible and, in particular, don’t share your personal information with them.
Photo by Kaitlyn Baker on Unsplash
3. Protect your devices
Sounds pretty simple and yet a lot of us overlook this. Keeping your devices secure is incredibly important though because you’re very likely to keep or access sensitive information using them. There are a number of ways in which cybercriminals can “infect” your device, getting control of your files, camera or other functionalities. Doesn’t sound too pleasant, right?
Here are some measures you can take in order to protect your devices:
Make sure that you have a strong password on your laptop, phone, tablet and any other devices
Don’t leave them alone unlocked in public places – where someone could easily get access to them
Keep your software up to date, only install software and apps from trusted sources
Don’t click any suspicious-looking links or download/open attachments
Regularly scan your devices for malware with an Antivirus software
Immediate action item
Scan your devices for malware and update any outdated software. Get rid of anything suspicious or dangerous the malware scan returns!
Cyber hygiene action item
Follow the points above!
4. Don’t share your location
We live in the age of oversharing, which isn’t always a great idea – especially when it comes to your physical location. Because you never know what intentions people may have online, people can be rather creepy!
Jay Rosenberg says:
“Be careful while posting locations of photos. If you continuously post photos in your neighborhood, people could figure out where you live. I spoke to another influencer in Boston that someone started going through her trash.”
Yes, this is a thing! When I worked at YouTube, I’ve also talked to a couple of Creators whose apartment location has been identified because of the view outside of their windows in their photos. One got stalked and the other got threatened – as a result, both had to move. Of course, they had large followings on social media so the probability of things like this happening is much more likely. But you never know what’s the ratio of stalkers to normal humans you have in your social media following and I wouldn’t advise testing that.
Another thing to be aware of is geo-location information attached to your images. Make sure you turn it off on any devices you use to take photos with – because creepsters can figure out your location using that information in the photos you share.
Immediate action item
Turn off geo-location information from your phone/camera/[insert photo capturing device here]. Look through your public-facing images and delete any that could be giving away the location where you live.
Cyber hygiene action item
Don’t share images that give away where you live or your current location while you’re still there. Either be broad (e.g. tag “New York” instead of the particular cafe you are in) or wait until you’ve left that place and then post the exact location.
Photo by Markus Spiske on Unsplash
5. Watch out for phishing scams
Phishing scams are essentially traps for you to share your personal information – most commonly passwords. This allows cybercriminals to get access to your accounts and do malicious things with them.
Phishing attacks take so many shapes and forms nowadays. They’re getting harder to spot and I know you think you are vigilant and too smart to get phished, you might be wrong. In fact, you may have been phished today and you thought it was just an email from your colleague/sister/aunt/brand X. If you still think you’re invincible, listen to this awesome podcast episode by Reply All, What Kind Of Idiot Gets Phished? 😉
Staying on top of common phishing techniques is a great way to know what to look for. For example, after listening to that podcast episode (it’s great, please give it a listen) I now know that one of the things I need to look out for is the email address. Even if the email looks relevant to me, there might be a tiny misspelling in the email address itself.
There are a lot of signs that can give away a phishing scam, but you need to know what you’re looking for. Kaspersky has a great blog post with 10 tips on how to protect yourself from phishing, you can start there!
Stay updated on phishing techniques to stay on top of what to look for. You can either search for news about phishing on a regular basis or if you use a news app, subscribe to that topic. Kaspersky Security Cloud also sends me notifications when it detects that there are phishing scams going on that might be relevant to me
Immediate action item
Read the post I’ve suggested. Also, listen to the podcast episode on Reply All 🙂
Cyber hygiene action item
Become suspicious of emails you receive and look for signs on whether it’s a phishing attack. If your colleague seems to have sent you an attachment or a link that you weren’t expecting, double-check the email it came from and ask them to double-check if it was them.
And stay on top of scam techniques!
A few other cyber-hygiene best practices:
6. Keep your software up to date
Immediate action item: Update all of the software on your devices, making sure that everything is up to date
Cyber hygiene action item: Regularly check for software updates and install the latest version as soon as it’s released. You can also set your apps and software to update themselves automatically.
Photo by Andrew Neel on Unsplash
7. Use 2-factor authentication
Immediate action item: Enable 2-factor authentication on your most valued accounts right now. When you have more time, go through the accounts in your password manager and one by one add 2-factor authentication to them as well.
Cyber hygiene action item: Use 2-factor authentication on as many accounts as you can enable it as soon as you create new accounts.
8. Use secure WiFi networks
Immediate action item: Make sure that your home network follows the latest security best practices and create an account with a reliable VPN provider.
Cyber hygiene action item: Keep your home network up to date with WiFi security best practices and make sure you follow the steps listed above.
9. Backup your devices
Immediate action item: Backup your devices. Right now!
Cyber hygiene action item: Regularly back up your devices and ensure that your hard drives are in good condition so that they don’t fail either!
10. Beware of what personal information you share
Immediate action item: Check if your data could have been leaked somewhere, do an audit of what you’ve shared so far.
Cyber hygiene action item: Regularly check for leaks and don’t overshare, in fact, go on a sharing diet 😉
That’s quite a lot, I know! Some of these things if practised on a regular basis should become second nature to you and some can be solved with software solutions. As I’ve mentioned already, I use Kaspersky Security Cloud to take care of a lot of the points listed above. Check it out if you’re looking for a reliable one-stop-shop solution!
Finally, here’s a Cyber Hygiene checklist for you! Spread the word about everyday Cybersecurity best practices by sharing it on your Instagram stories!
I hope this has been helpful, stay safe online!
</Coding Blonde>
Commentaires