Cybersecurity is often not a topic of concern for the average person, but we believe it should be. In honor of National Cybersecurity Awareness Month (NCSAM), an initiative jointly led by Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA) to spread knowledge about cybersecurity best practices, we put together a list of basic cybersecurity hygiene tips. The NCSAM campaign theme this year is ‘Do Your Part. #BeCyberSmart,’ so be sure to share these tips with employees, colleagues, clients, etc.
Passwords: Make them Unique & Don’t Re-Use Them
If you’ve made a new online account for anything over the last couple of years (and we bet you have), you’ve likely noticed stricter, more complex password requirements; which means more letters, number and character configurations to try and remember. These stricter requirements are meant to make it more difficult for cyber-criminals to break passwords. A password like vK8%!LsO9!jP5 when compared to doglover123, takes longer to decipher, keeping your account and personal information safer.
A strong password strategy calls for the creation of unique passwords for each of your accounts. In addition, it’s beneficial to change the passwords to accounts with your critical information (think banking accounts) every couple of months. If you receive a legitimate notification that your credentials are compromised, take care to change them immediately.
Check Your App Privacy Settings
According to Statista, 73% of smartphone users in 2019 had anywhere from 1 to over 31 apps on their phones. Every time you download an app, you grant it certain permissions, whether you realize it or not. If an app seems important enough to have on your phone, do some research on it first. Are there recent news stories about data breaches and other cybersecurity incidents coming up in search results? If so, it might be best to refrain from downloading it.
For the apps you have already downloaded, do a ‘spring cleaning’ of what your privacy settings are. Keep as much of your personally identifiable information (PII) confidential (or in private mode). Think critically about the permissions you have granted an app. For example, does a meditation app really need to access your text messages or files?
Learn the Signs of a Phishing Scam: SMS, Emails, Calls, etc.
Phishing scams are a very popular type of attack that typically require you to click on a malicious link or download an unknown file. Three big means of deploying phishing attacks are email (to personal email addresses and corporate emails), text messages and social media app messages. Some easy signs to tell if a message might be malicious are spelling or grammar errors, a non-typical email address or user name, and/or the email is asking you to do something strange like transfer money.
Avoid Connecting to Public WiFi
Don’t use public WiFi. That’s our advice. “Free” WiFi at cafes, airports, malls and the like, are playground for cyberattackers. These networks are unsecure, so the moment you connect the potential exists that a malicious actor has inserted themselves between you and the network (while you’re none the wiser). This means the information you’re interacting with on your device and sending out is directly accessible by an unknown entity. The best way to avoid public WiFi is making the move to a robust or unlimited data plan or using a WiFi hotspot. The investment is well worth the security of your private information.
Update Your Software
The software you use every day isn’t perfect. Software companies have dedicated development and security teams that are on the lookout for potential bugs and vulnerabilities, and their fixes. Fixes are pushed out to users in the form of updates (or patches). While notifications for those may be a nuisance, they are important for reminding you to secure the tools you use everyday.
Protect Your Information on Mobile Devices
In the U.S., 81% of people own a smartphone, not factoring in other mobile devices like tablets. Mobile device security is often overlooked by individuals and companies alike. There is a slight paradigm shift required of the public to recognize mobile devices for what they are – computers – and that they too need protection. Be wary of phishing scams and clicking unknown links and be diligent about what apps and files you download.
Because of this corporations need to take mobile security to the next level, especially if they have a BYOD policy. A containerized application solution, like Secure.Systems, effectively separates employees’ personal device use from the work data they interact with, within the encrypted workspace. So, in the event an employee does fall victim to a mobile attack, corporate data is protected.
___
For extra cybersecurity tips and news you can follow @CISAgov and @StaySafeOnline on Twitter. For information specific to mobile security, follow us @SyncDog on Twitter and on LinkedIn. Don’t forget to use #BeCyberSmart during October!