Technology is always improving and increasing threat protection, but the most common way hackers can get access to your data is through human error. Unlike machines, people get tired or get distracted and it only takes one click on a questionable link or reply to an email for a hacker to gain control.
To help keep you safe online, here are our 7 cyber security tips.
1. Use two-factor authentication
Two factor authentication (2FA) is exactly how it sounds, you need two forms of identification to prove that you are who you say you are.
There are 3 types of authentication:
- Something you know: a password, PIN, or answer to a question
- Something you have: a phone, credit card or fob
- Something you are: fingerprint, face or voice
Combining two of these is two-factor authentication. 2FA gives you another layer of security to your accounts and makes it harder for hackers to gain access to your data.
2. Learn suspicious email red flags
Hackers and scammers are getting more and more sophisticated, gone are the days of the laughable Prince of Nigeria scams, now scammers are doing their research before hitting their targets.
Red flags to look out for:
- Links - Be wary of hyperlinks in emails, even if they look legitimate they could be linking to an entirely different URL.
- Typos - Bad spelling and grammar can be signs of a scam email, also if the email starts with a generic greeting. However, some phishing emails are getting more sophisticated and targeted so bad spelling may not always be present.
- Threats - Many phishing emails contain threats or negative consequences if action is not taken. These are usually in the form of account closure or legal action if payment is not made immediately.
- Sender - Was the sender someone you don’t normally deal with, or was it out of the blue? Never click on links in an email from a sender you don’t know.
For a more exhaustive list, check out: http://blog.strategicgroup.net.au/social-engineering-red-flags-what-to-look-out-for
3. Practice good password guidelines
We practically have a password for every aspect of our lives these days, and although it can get annoying it’s still important to have good passwords.
Make sure your password isn’t too short and make sure you can remember it. This doesn’t meaning making it ‘password’ but use a string of random words that you will remember.
We also recommend using different passwords for different accounts. The reason is that if your password is compromised on one website, it can’t be used on everything else.
To make things easy, you can use a password manager like 1Password or LastPass.
4. Lock your devices
Always lock your device when you’re not using it. This doesn’t just mean having a password on your phone, but also locking your workstation when you’re away from your desk.
Sometimes locking your workstation may just save you from an embarrassing background from the office prankster, but if you leave your workstation unlocked for an extended period of time, anyone could access it.
5. Don’t use un-secured wifi
The rise of smartphones and every other smart device means we’re more and more reliant on wifi when we’re out and about. The problem is that not all wifi is equal with some public networks carrying a high security risk.
What someone thinks are private on their personal device could easily be accessed by cybercriminals via compromised apps or Wi-Fi networks. 60% of people feel their personal information is safe when using public Wi-Fi yet 53% can’t tell the difference between a public secure or unsecured Wi-Fi network.
What someone thinks is private on their personal device can easily be accessed by hackers through unsecured Wi-Fi networks or even apps with privacy vulnerabilities.
Under no circumstances should you do any online banking, access any financial information or check emails on an un-secured public wifi.
6. Ensure you’re up to date
When the latest software update is available, install it.
Almost all malware comes from vulnerabilities in software that doesn’t get patched right away. WannaCry (one of the biggest ransomware outbreaks ever) exploited a hole in Windows that allowed it to install ransomware after users clicked on a phishing email.
Software is continuously being updated to fix security problems or vulnerabilities that malware or a virus could exploit. Having old software in your business could mean you’re an easy target for a hacker looking for a way in.
7. Train your staff
It is important to continuously train your staff as they are often time the last line of defence in your business. If staff are up to date with the tricks that scammers employ they are able to pick out red flags and avoid falling victim.
Conducting testing on your staff can also help identify vulnerabilities and let you know where to focus your training. White Hat Phishing is when fake phishing emails are sent to your staff encouraging them to click on links or download files. Companies can then identify how susceptible they are to phishing emails and train staff appropriately.
Companies that have implemented white hat phishing have seen a significant drop in staff clicking on compromised emails.