6 Cyber Security Best Practices Everyone Should Be Aware Of
By Ashley Brooks on 03/23/2020
Chances are you’re familiar with basic security steps to keep yourself and your belongings safe: Always lock your car at night and don’t leave valuables where people can see them. Keep your home locked and well lit. Be aware of your surroundings when walking or running alone. The list goes on…
But these days, it seems like half your life is lived online. Between automatic bill paying, online banking and even virtual doctors’ appointments, you have plenty of valuable information available in the digital world. Are you taking the same precautions online that you do in real life?
Cyber security is important, but many people also don’t know where to start. If you’re looking for easy-to-follow cyber security best practices, we’ve got you covered. We asked information security pros to share their best advice for keeping data safe and secure.
6 Cyber security best practices nearly anyone can adhere to
Cyber attacks occur at an alarming rate—and while many of these attacks are aimed at high-profile targets, don’t make the mistake of assuming you won’t be at risk. Cyber attacks can affect anyone with Internet access. These days, that includes nearly everyone.
Put these expert cyber security best practices to work to keep you and your sensitive information safe from would-be hackers.
1. Don’t get lazy with passwords
Most people know it’s important to choose strong passwords—but you seem to need a password for everything! While it may be tempting to cut corners when it comes to passwords, that’s exactly what cyber criminals are hoping to take advantage of.
“Weak or stolen passwords are the cause of many of today’s breaches and security incidents,” says Kendall Blaylock, director of cyber intelligence for HORNE Cyber. “We suggest utilizing a password manager to generate and store your passwords—there are free ones available everywhere.”
Many of those password managers will have the option to auto-fill new passwords with random strings of numbers, letters and symbols. But if you’d rather create a password you have a chance of remembering, there’s another option. “Instead of setting a cryptic password that you have to write down somewhere to remember, use a short sentence,” says Rema Deo, managing director at 24By7Security, who suggests something like “Mymomtaughtmetosave2yearsago!” as an example. “A long password, though it might be easy to memorize, will still take years to be guessed by a password-cracking algorithm.”
2. Make your online shopping secure
Online shopping is a convenience that many people use on a regular basis. But when we get too comfortable with online shopping, we may forget to take basic precautions. “Some sites are backed by cyber criminals with the sole intent of collecting personal and financial information from victims,” Blaylock says.
“To avoid malicious sites, we suggest only making online purchases from retailers that you trust and that are verified,” Blaylock says. The easiest way to do this is to look for “https” and a padlock icon at the top of your browser. This indicates that the site is running an SSL certificate and is secure for online purchases.
You can keep your credit card even more secure by using an online wallet system or app, like Venmo® or Apple Pay®. You give your payment information to your wallet app, then use the app to make purchases on other websites. “Rather than displaying your credit card information, digital wallets populate a one-time code for each transaction,” Blaylock says.
3. Be cautious with email
You probably think you’re too smart to fall for the infamous Nigerian prince scam, but phishing scams are getting more sophisticated and harder to detect with each passing day. These email scams are designed to trick users into giving up personal information or clicking on unsafe links. Though many are caught by email providers’ spam filters, you need to be alert for any that slip through to your inbox.
“Be cautious of emails that request personal information or account confirmations,” Blaylock says. Many phishing scams will pretend to be from a legitimate company you do business with, such as Netflix. But if they tell you they need your password to verify your account, or you need to send them your credit card number because your payment has failed, that’s a massive red flag.
“As a rule of thumb, do not share your personal or financial information via email with anyone and avoid suspicious links,” Blaylock says. Legitimate businesses won’t ask these types of questions via email. If you’re concerned about the validity of an email, contact the company directly by calling their customer service line. Taking a small step to verify a suspicious email can potentially save you a lot of time and hassle.
4. Always install updates
We’re all guilty of hitting the “remind me later” a few too many times when prompted to install a software update or holding off on downloading the latest update for your phone’s apps. Computer updates can interrupt a busy workday, and many people put them off on purpose until the glitches have been worked out. But that’s not the best policy when it comes to cyber security.
“Some users tend to worry that new updates to software will ‘break’ things,” says Justin Channell, of Sucuri. “But when those updates also fix vulnerabilities or security issues, you are leaving yourself open to potential attacks.”
Hackers can take advantage of security gaps in outdated software. Set your devices to update automatically or to prompt you as soon as a new update is available. Don’t forget to update the apps on your mobile devices, too, since these can be an easy way for hackers to access your device.
5. Enable multifactor authentication
Typically you gain access to your accounts by typing your username and password. If a cyber criminal gains access to your password, your entire account is vulnerable. But not if you’ve enabled multifactor authentication (MFA).
The National Institute of Standards and Technology (NIST) defines MFA as a “security enhancement that allows you to present two pieces of evidence—your credentials—when logging in to an account. Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint).”
With this additional authentication required to log in, hackers who get ahold of your password can still be blocked from accessing your account. “It takes a bit more time, but will keep you more secure,” Channell says.
6. Beware of public Wi-Fi
Free public Wi-Fi is commonplace, from your favorite coffee shop to the waiting room at the car repair shop. Although it’s easy to hop online in these settings, cyber security experts warn that you shouldn’t use public Wi-Fi without a little extra protection.
“Being on the same network at Starbucks to check your email seems totally innocuous at first, but all the files on your computer are now potentially exposed to anyone who is on the same network,” says Dominic Holt, CTO at Valerian Technology. The solution? A virtual private network (VPN).
“A VPN will encrypt all the traffic between your computer and the network, making it impossible for anyone to intercept your data. Essentially you are using the local internet connection but on a different network,” Holt says. There are a variety of paid and free options available, so there’s no reason not to use this extra layer of security before logging onto a public Wi-Fi network.
Take action, stay secure
Following through on these cyber security best practices are the first steps to protecting yourself from hackers! Now that you have the info you need to keep yourself secure, have you ever considered a career dedicated to preventing and mitigating cybercrime.
Who knows? You may just be a natural fit. Our article, “8 Signs You’re Wired for Working in a Cyber Security Career,” can help you find out.