Whether you are in the office, at home or browsing the internet from your phone, ensuring your data is protected online is vitally important.
Knowing what you can do to protect yourself against modern digital threats is key, but knowing where to start can be difficult.
Don’t worry though, because help is at hand from TrueMSP director Neil Shaw. He’s put together his eight top cyber security tips which are simple but effective ways to protect yourself online.
1. Keep software up to date.
Installing software updates for your operating system and programs is critical. Updates are released all the time so regularly check that you have the latest updates installed.
Ways to do this:
- If your IT systems are not managed by an IT company, such as TrueMSP, then you should switch on your automatic updates.
- Use Firefox or Chrome as your web browser because they receive regular updates.
- Update all of your third party apps, such as Java and Flash.
2. Always use a strong password
We all have too many passwords to remember so most people reuse the same password for multiple sites. However, you wouldn’t have the same key for all your locks so why use the same password for all your accounts? To make things simple you could use a password manager, such as KeePass or LastPass, which securely store all of your password in an encrypted vault. They allow you to automatically generate a very complex password that you don’t have to remember because the programs store them for you.
Whether you use a password manager or not, please follow these best practices:
- Update your password periodically – at least once every three months
- Use a strong mix of characters including numbers and special characters
- A long password is more secure than a short one. Try to make the passwords at least 10 characters. 20+ is the recommended amount.
- Never share your password with anyone.
3. Avoid Phishing scams and other malicious emails.
Phishing emails, which try to trick you into entering your details to gain access to your online accounts, have become a real nuisance over the last couple of years. Phishing scams can also be over the phone, by text or through social media, so it’s important to be vigilant when entering your account details into any site, especially one you’ve not requested access to.
- Be wary of any emails or websites that ask you to enter your account or personal details.
- Messages that say “You’ve been hacked” or “please login to remove threat” are always malicious
- If you think something doesn’t look right the chances are it isn’t.
- Switch off your PC/laptop if you are concerned that your device has been taken over by someone.
4. Think before you click
Along with Phishing scams, you should be mindful when clicking on any internet links, especially when you’ve gone to the webpage by choice.
So bear in mind:
- Hovering your mouse over a link will reveal its true destination. For example a link to thecompanyyouwanttolookat.com may actually go to ihavenowgotyourdata.com
- Email attachments should always be verified before clicking. If you’ve recently spoken to the person sending the email you’re generally OK to open the attachment. However, if an email comes in and you’re not expecting an attachment, double check by contacting the sender. Do this by phone or by sending a separate email and not replying to the one you’ve just received. Much like links, email addresses can be spoofed. You can check them in the same way as a website link.
5. Never leave your devices unattended
Physically securing your devices is as important as locking your PC. Once you’ve lost your data you can’t encrypt it or delete it unless that feature is enabled (mobile phones)
- Never leave your laptop, PC or mobile device unattended.
- Don’t store sensitive data on a USB stick or USB hard drive without locking them away when not in use.
- Encrypt your USB sticks using Windows 10 (BitLocker feature).
- Look at using a secure cloud to store your data rather than a physical device.
6. Use your mobile devices safely
Many of us rely on our mobile devices, however they’re susceptible to attack in much the same way as your computer.
My advice is:
- Always lock your device with a PIN or password.
- Only install apps from trusted sources.
- Keep your device’s operating system updated.
- Don’t click on links or attachments from unsolicited emails or texts.
- Avoid transmitting or storing personal information on the device.
- Backup your data.
7. Install an anti-virus package
There are many anti-virus packages available. We recommend Webroot or Bitdefender. These packages use ‘definitions’ which is a database of all the known threats currently out there. Keeping them up-to-date is important.
Webroot and Bitdefender also use artificial intelligence which helps with threats that aren’t listed in the definitions. This technology is improving every day yet no anti-virus package will be 100% effective. Anti-virus packages are an extra line of defence, not the only line of defence.
8. Back up your data
If all else fails and your data is encrypted by a cyber-attack or your device is stolen what’s your backup plan?
- Backup software is inexpensive and can offer a range of storage – local USB stick, NAS (Network storage) or Cloud.
- Cloud storage can be accessed from anywhere with an internet connection.
If you are concerned about your cyber security, contact TrueMSP to see how we can help.