A few controls (tips) to reduce your exposure to online risks
Mr Snowden and his fellow whistle-blowers took the limelight in 2013 and continue to do so in the here and now.
The recent hacking of celebrity iCloud accounts demonstrate the fragility of ‘trusted’ providers’ security processes or how we users understand and implement them; meanwhile, as compromises of Target and other companies show, the criminals are not slowing down.
Individuals and small companies also continue to be targeted and compromised by varieties of Ransomware that lock up access to your own data.
We need to conduct business, interact with our suppliers and partners, and butter our bread by providing valuable goods and services to our clients.
Not forgetting that we like to stay socially engaged with our friends and communities, with the myriad of platforms and applications made just for that.
Given the past 12 months or so, I’m not surprised if you’re feeling a little uneasy or unsure now.
The most common ways of infecting the tools you use include getting you to activate them yourself through malicious links.
Yep, that’s right!
You’re the last link in the chain.
Generally, it’ll just sit there patiently… well, inertly until you click and thus activate.
These can be delivered in attachments via email, a web link, an infected file you download, or even on a USB innocently lying around in your business, home or perhaps given to you as a gift.
So what can you do to reduce the chances of being compromised?
Here are 10 simple tips:
1. Only log onto your device as a standard user – if you are logged-on as an administrator to your device there is the potential that any malicious code that gets onto your device will have full access to it and thus wreak more havoc than if you were a standard user.
2. Install anti-virus applications – install anti-virus, anti-spyware, anti-spam software and make sure you set it to update automatically.
3. Use firewalls – use a firewall to control the traffic to and from your device or network. You can set the firewall controls to only allow communications that are initiated from your device or network. That way the cyber ‘nogoodnicks’ can’t just wander in through your front door and do as they please.
4. Be aware of social engineering – be suspicious of unsolicited calls, email, web pop-ups or the like as it is probably something you don’t need and possibly delivering more than you’re expecting. Don’t click on the web-link, don’t open an attachment and don’t respond to email with unknown/unfamiliar addresses. Make sure to confirm their authenticity.
5. Automate software updates – turn on auto-update on your applications, other software and operating systems.
6. Use passwords – use strong passwords and don’t reuse them across devices, applications, web sites or other accounts.
7. Use two-factor authentication where it is offered – this might include attaching a mobile phone number for login verification.
8. Back up your data – Back it up to a local storage device, media such as a USB or DVD or up onto the cloud.
9. Think about your online activities and their potential impact to you – if you’re heading off to a dodgy site, be aware of the ‘monsters’ that may lurk there.
10. Stay informed about the latest cyber security risks as they apply to your tools and environment – understand them and their limitations.
There are excellent websites providing advice to individuals and small businesses; a particularly useful one is www.staysmartonline.gov.au, which includes alerts of vulnerabilities to software, and hardware that can be tailored to the tools you use.
18 September, 2017
4 September, 2017