3 Cyber Security Savvy Tips to Protect Your Assets

Series | Exploring Cyber Security | Part II

3 Cyber Security Savvy Tips to Protect Your Assets

Andy Doering, at Man Security gives us three savvy cyber security tips to protect your information online.

Top 3 starter tips for security and awareness:

1) Strong Passwords 15 characters, mix of upper and lower case, numbers, and special characters. You should also change these at least once per year. Furthermore, use a different password for each account you use, and keep your passwords somewhere safe, and not easily accessible. There are applications that will manage these in one location in a safe way for you. Personally I opt to not store any of my credentials by any digital means.

 

2) Use multi-factor authentication and encryption where possible:
Strong, non-repetitious passwords are a huge first step, with the follow on being multi-factor authentication. A multitude of applications and services you already use offer this in their account settings, set up is a breeze, and using it takes no more time than your normal login. Gmail for example, upon login, will send you an additional code to your phone for you to input after your email and password. This means that initially, even if an attacker were to acquire your login credentials, they could still not utilize them without the unique temporary code that is sent to you. (BONUS: Utilize an app such as Google Authenticator that generates this code in the app for any of your apps / accounts requiring two factor)

 

There are some basic browser extensions as well that are free and incredibly helpful that ensure you are browsing over safe means. HTTPS Everywhere ensures that you are browsing over SSL which means that your communications are encrypted. Ghostery is an app that blocks a huge variety of trackers and is highly customizable (down to individual sites). Ad Block Plus is an extension that blocks most ads you will encounter, which is great at protecting against various types of malware and ransomware that are served through the website ads via injection techniques.

 

3) Keep everything updated: 
The best way to defeat a vast majority of exploits and vulnerabilities is to install your application and software updates. These upgrades patch holes and address areas of weakness which cuts off opportunities from the get go. The more you keep your system updated and maintained with your antivirus of choice the better chance you stand at not being the lowest hanging fruit. In addition use a less targeted internet browser such as Firefox or Chrome, and with the above mentioned extensions.

One extra bonus tip, best thing you thing someone could do:

Stay alert and informed. Tech is in constant flux as the new hardware and software comes out. New versions of phones and computers and software gets released all the time, which means constant new vectors for vulnerabilities and opportunities for exploit.

Being aware of trends and the mitigation steps is really crucial in this type of environment. This by no means necessitates that the average user need net admin knowledge of how to lock down their home network, but knowing what things are trending, what to look for, and how to avoid it is really huge.

This could be as easy to do as following a couple Twitter accounts that tweet articles or updates about the latest trends and updates (Wired or Dark Reading would be great places to start).

Be aware of what apps you install on your device, and pay particular attention to the permissions that they request to use. Does this app REALLY need access to you photos, contacts, extra privileges, etc?

In general always being on the lookout for anything suspicious or out of the norm, and being in the defensive mindset will cut off a lot of attempts at the pass. You are the first layer in your security, some of the most devastating infiltrations can begin with social engineering (such as the DNC email example) that results on clicking a link in an email or social media message that starts the whole process. Maintaining a base level of skepticism and awareness in addition to the tips above will set you on the right path to staying safe and secure in your day to day activities, now and in the future, whether as an individual or as part of a company network.

Anything else?

For Everyone: Be mindful of what you post and put out there online. The very nature of social media is a shared connected environment in which you are invited to open yourself up. This is a perfect environment to gather information such as birthdays, addresses, places you frequent, schedules, things you like, family ties, pet names, accounts you may use (think Spotify or other accounts that you link to your social media). Aggregated together, this offers the perfect opportunity to custom craft phishing attempts, catered information for password crack attempts, and more. Be selective and rigorous about your privacy settings, and check them often, as they are updated often and need reconfiguration.

mm

Ashley Wiskirchen

ashley@wiskcreative.com
No Comments

Post a Comment