Strategic Group Blog

Everything you need to know about IT and technology

close
Written by Emily Gam
on September 26, 2017

Technology is always improving and increasing threat protection, but the most common way hackers can get access to your data is through human error. Unlike machines, people get tired or get distracted and it only takes one click on a questionable link or reply to an email for a hacker to gain control. 

To help keep you safe online, here are our 7 cyber security tips.

1. Use two-factor authentication

Two factor authentication (2FA) is exactly how it sounds, you need two forms of identification to prove that you are who you say you are.

There are 3 types of authentication:

  1. Something you know: a password, PIN, or answer to a question
  2. Something you have: a phone, credit card or fob
  3. Something you are: fingerprint, face or voice

Combining two of these is two-factor authentication. 2FA gives you another layer of security to your accounts and makes it harder for hackers to gain access to your data.

2. Learn suspicious email red flags

Hackers and scammers are getting more and more sophisticated, gone are the days of the laughable Prince of Nigeria scams, now scammers are doing their research before hitting their targets.

Red flags to look out for:

  • Links - Be wary of hyperlinks in emails, even if they look legitimate they could be linking to an entirely different URL.
  • Typos - Bad spelling and grammar can be signs of a scam email, also if the email starts with a generic greeting. However, some phishing emails are getting more sophisticated and targeted so bad spelling may not always be present.
  • Threats - Many phishing emails contain threats or negative consequences if action is not taken. These are usually in the form of account closure or legal action if payment is not made immediately.
  • Sender - Was the sender someone you don’t normally deal with, or was it out of the blue? Never click on links in an email from a sender you don’t know.

For a more exhaustive list, check out: http://blog.strategicgroup.net.au/social-engineering-red-flags-what-to-look-out-for

3. Practice good password guidelines

We practically have a password for every aspect of our lives these days, and although it can get annoying it’s still important to have good passwords.

Make sure your password isn’t too short and make sure you can remember it. This doesn’t meaning making it ‘password’ but use a string of random words that you will remember.

We also recommend using different passwords for different accounts. The reason is that if your password is compromised on one website, it can’t be used on everything else.

To make things easy, you can use a password manager like 1Password or LastPass.

4. Lock your devicesLock your devices

Always lock your device when you’re not using it. This doesn’t just mean having a password on your phone, but also locking your workstation when you’re away from your desk.

Sometimes locking your workstation may just save you from an embarrassing background from the office prankster, but if you leave your workstation unlocked for an extended period of time, anyone could access it.

5. Don’t use un-secured wifi

The rise of smartphones and every other smart device means we’re more and more reliant on wifi when we’re out and about. The problem is that not all wifi is equal with some public networks carrying a high security risk.

What someone thinks are private on their personal device could easily be accessed by cybercriminals via compromised apps or Wi-Fi networks. 60% of people feel their personal information is safe when using public Wi-Fi yet 53% can’t tell the difference between a public secure or unsecured Wi-Fi network.

What someone thinks is private on their personal device can easily be accessed by hackers through unsecured Wi-Fi networks or even apps with privacy vulnerabilities.

Under no circumstances should you do any online banking, access any financial information or check emails on an un-secured public wifi.

6. Ensure you’re up to date

When the latest software update is available, install it.

Almost all malware comes from vulnerabilities in software that doesn’t get patched right away. WannaCry (one of the biggest ransomware outbreaks ever) exploited a hole in Windows that allowed it to install ransomware after users clicked on a phishing email.

Software is continuously being updated to fix security problems or vulnerabilities that malware or a virus could exploit. Having old software in your business could mean you’re an easy target for a hacker looking for a way in.

7. Train your staff

It is important to continuously train your staff as they are often time the last line of defence in your business. If staff are up to date with the tricks that scammers employ they are able to pick out red flags and avoid falling victim.

Conducting testing on your staff can also help identify vulnerabilities and let you know where to focus your training.  White Hat Phishing is when fake phishing emails are sent to your staff encouraging them to click on links or download files. Companies can then identify how susceptible they are to phishing emails and train staff appropriately.

Companies that have implemented white hat phishing have seen a significant drop in staff clicking on compromised emails.

Free User Phishing Test

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Tips Security

No Place Like Home: Ensuring Cybersecurity for SMEs in the Remote Work Revolution

The rise of remote work in today's business environment creates unique opportunities, but also significant challenges fo...

Tips Security

Building a Phishing-Proof Business

With their alarming simplicity and devastating effectiveness, phishing attacks continue to pose a significant threat to ...

Tips

Social Engineering Red Flags - What to look out for

Hackers and scammers are getting more sophisticated, gone are the days of the laughable Prince of Nigeria scams, now sca...