10 top cybersecurity tips to make you safer
Technology is more prevalent than ever and keeping your business safe is more important than ever
10 top cybersecurity tips to make you safer
Technology is more prevalent than ever and keeping your business safe is more important than ever. Whether you are an individual or a business leader, you need to be protecting your data 🛡️.
You have to understand that you’re an attractive target 🎯 for cyber criminals. If you have money 💸 (doesn’t matter how much), data 🗂️ or a place to work 🏢, you’re going to be targeted. It’s not even personal, as cyber criminals automate most of their attacks.
✨As a Tech Agency, we meet daily with companies of all sizes – from small businesses to big enterprises. Surprisingly enough, many businesses are struggling to understand what they need to do to protect themselves while also being inundated with slick marketing about the latest tools 🧰 that can solve all their problems. A common misconception is that cybersecurity is only a question of technology. Bad IT practices and human error 😞 cause the majority of security breaches. The power to protect yourself is very much in your hands. 🔥
So, what can you do to keep your data safe and out of the wrong hands? Looking to sink your teeth into some good security tips you can actually apply? 💡
The good news is that today’s range of action-ready cybersecurity advice might be just what you need. 🎁
There are many ways in which you can improve your online safety and they’re all FREE or almost FREE 🆓 to use and apply. You’ll be surprised by the things you can do to better secure your data! All it takes is spending some time reading the right things and adjusting a few settings. Applying these security tips is very simple.
Among all the cybersecurity tips I can think of I would recommend that you start with the following ten. 🔥
Cyber Security Tip #1: Do a security risk assessment checklist
How do you rate your organization’s ability to respond to security threats and vulnerabilities? ☠️ What types of compliance risks exist in your operating market? ⚡How severe are these risks? What type of data do you have stored on your devices? What online accounts do you have? Which do you use more often? 👀
If you can’t answer, make a security risk assessment checklist to assess and mitigate the security risks effectively!
In “The Art of War”, Sun Tzu said that you should fully know your enemy and know yourself. Turn this principle into a battle plan! ⚔️
So, after you made the list, evaluate how valuable is the data that you keep on them. What would happen if you wouldn’t have access to them anymore or that information was lost, deleted or leaked online?
How do you keep the most sensitive information safe? Who else has access to that data?
Cybersecurity Tip #2: Back-up your data 🔐
What security measures did you take in order to prevent something to happen to your data? Achieving absolute security is absolutely impossible! No system is impenetrable. Of course, this doesn’t mean you shouldn’t take all the necessary measures against cyber criminals. It’s just that you shouldn’t rely completely on them. Important data can be lost as a result of a security breach. To make sure you’re prepared to restore data once it’s lost, you should ensure your important information is backed up frequently on the cloud or a local storage device. These days, storage doesn’t cost much. There’s no excuse 🙅♀️ not to have a backup of important data. Remember, malicious threats and hackers don’t always want to steal your data, but sometimes the end-goal is to encrypt or erase it. Ransomware is one of the biggest cyber threats out there. What it does is it encrypts ALL your data and locks you out! 😱 Back it up to have an ultimate recovery tool.
Before backing up to Cloud platforms ☁️, be aware that these that these storage sites can also be the target of computer attacks and that these solutions involve specific specific risks. Be careful when reading 📃the general conditions of use of these services.
The contracts proposed in the framework of generic offers do not generally cover these risks. Ensure data confidentiality by making it impossible for unauthorized persons to read it by encrypting it 🔒 with encryption software before copying it to the cloud.
Cyber Security Tip #3 : Beef up your passwords
One of the key pieces of advice that all cyber security specialists give is so simple it’ll blow your mind: never, ever (ever, ever, ever!) reuse passwords! ⛔ Promise yourself, here and now, that you’ll always use unique, strong passwords for every account.
Determine rules for the choice and size (length) of passwords and enforce them and make sure they are respected. Define passwords of at least 12 characters of different types (upper case, lower case, numbers, special characters) is crucial to your cybersecurity. More characters mean more possibilities for the program to try. The result is that the password takes longer to crack and is, therefore, more secure.
There are two methods to choose your passwords:
- the phonetic method: ” You can’t have everything for you. Where would you put it?”” will become ” Ucnhe4U.WwUpi?”,
- the method of the first letters: the quotation “one yours is better than two you will get!” will give “Oyibt2wg!”.
Although it’s easier to remember a single password for all your different accounts, it’s not the most secure! The best practice is to vary your password for every different site and account you use.
Remind employees not to keep passwords in files or on post-it notes and make employees aware that they should not pre-save their passwords in browsers
Can’t remember them? 🧠 (Of course you can’t. I can’t either 😉.) Use a secure password bank protected by two-factor authentication.
Personally, I would never leave my sensitive data on a free password manager. However, there are some really good free password managers which offer powerful password security, good user interfaces, and some nice extra features. LastPass, Avira Password Manager and Roboform are all good programs. Many offer free versions, and some are totally free. And, if you use Digiposte, OneDrive, Google Drive or the like, you can save the password database on your cloud drive and it will be accessible anywhere.
Cyber Security Tip #4 : Get your 2-FA on
It’s important to have a strong password, but it’s even more imperative to have two-factor, or multi-factor, authentication. Require two-factor authentication every time to access any databases storing sensitive information, even if the person requesting access is on-premises or logged into a work account. Two-factor authentication can save you from hackers. If you find passwords annoying, you might not like two-factor authentication much but it’s one of the best ways to protect you. Simply put, two-factor authentication adds a second step in your usual log-in process. A little of your time today, to save you from a whole world of trouble tomorrow.
Having a second step of authentication makes it so much more difficult for a hacker or a thief to break into your online accounts. Two-factor accounts protect from automated log-in attacks and against phishing emails. As such, the implementation of two-factor authentication (2FA) has become a necessity and it works. Figures suggest users who enabled 2FA ended up blocking about 99.9% of automated attacks. But as with any good cybersecurity solution, attackers can quickly come up with ways to circumvent it. They can bypass 2FA through the one-time codes sent as an SMS to a user’s smartphone.
Cyber Security Tip #5: Automate software and browser updates
In each Operating System (Android, IOS, MacOS, Linux, Windows,…), software or application, vulnerabilities exist. Once discovered, they are corrected by the editors who then offer users security updates. If you go to https://www.ssi.gouv.fr/agence/cybersecurite/ssi-en-france/les-cert-francais/, you will find the list of CERTs (Computer Emergency Response Team) in France. Did you know that updating your apps can prevent most of targeted attacks? Rule of thumb: keep your operating system and your applications up to date all the time in real time. You can configure your software to automatically install security updates whenever possible. If not, download available security patches available. Browser are also one of the most common security holes, if you don’t keep them up to date. Cyber crooks frequently scan websites and PCs for vulnerabilities, such as outdated software. They use those backdoors to penetrate your systems and infect you with malware. Keep those browsers updated.
Cyber Security Tip #6: Dissociate administrator and users' roles clearly
How many people have the administrator password to access the central rights management system?
The number of account holders with elevated privileges, including of course accounts that provide access to the central rights management system, which are prime targets for attackers, should be reduced to only those for whom these privileges are necessary to perform their duties. Don’t count on your good star. Don’t pray to God 🙏 (no matter if your God is an Apple or not). It’s not a matter of it, but when you’ll become a victim to a cyber-attack.
Last but not least, have a checklist of all the accounts that they had access to. Don’t forget to remove their permissions when they leave.
Cyber Security Tip #7: Disable autorun for USB media
Does dropping an infected USB drive in a parking lot work when it comes to a hacker luring its prey into a digital trap? The answer is a resounding yes.🙅♂️ Malware is easily spread via USB media when USB media autorun is enabled. Never insert foreign USBs or external hard drives in your PC or laptop. Even though they seem innocent, because of their common nature, they could still be infected with malware, viruses, Trojans or keyloggers. To make it easier to manage this feature, you can use group policy mechanisms (GPOs in Windows) to disable autorun and autoplay.
Cyber Security Tip #8: You still need antivirus (yes, really!)
Get protection for your connection even if you believe in Apple God! As soon as you’re connected to the web, it’s impossible to have complete and total protection from malware. Antivirus alone won’t keep you protected from all dangers that are out there, on the big dark web. However, you can significantly reduce your vulnerability by ensuring you have an anti-virus and at least one anti-malware installed on your computers. Do a bit of research and choose an antivirus 🦠 you trust. Paid is better than free. Antivirus is still very necessary, so don’t skip it.
Cyber Security Tip #9: Use a VPN to privatize your connections
For a more secure and privatized network, use a virtual private network (VPN). It’ll encrypt your connection, protect your identity and location. It act as an additional layer of security over your private network when employees visit external websites.
Make sure that you only navigate on secure websites, with SSL certificate 🔒 (a website starting with https encrypts the data you put on the website and the data you get from it) and make sure your terminal has the WPA2 encryption protocol and activate it. Otherwise, use the WPA-AES (never use WEP encryption that can be broken in a few minutes). Your data is especially vulnerable when sent over public networks, especially while traveling. The information going to and from your device can be easily intercepted by others using the network. Useful if you have to use public Wi-Fi 📶, VPN will help provide an additional layer of data encryption that can keep your safe from MitM (Man in the Middle) attacks.
Cyber Security Tip #10 : Use encrypted messaging apps
Encryption is a trending subject right now, although not everyone understands its applications or benefits just yet. Many of you could believe that all the private data shared via Skype, or other social networks is safe, but sometimes it’s just an illusion. Remember that most of popular apps like Twitter do not use end-to-end encryption, so your conversations and files may not be fully protected. Without end-to-end encryption, your conversations most likely will get into the hands of cybercriminals, and other malicious actors focused on stealing them.
Personally, I would recommend Olvid. Olvid is the first instant messenger providing a certification of Security from the French agency ANSSI 🇫🇷. Their security model is utterly game-changing and they offer free or premium version.
Their messaging system don’t rely on any trusted third party, either operators or their servers. Olvid system also encrypts metadata, thus guaranteeing the anonymity of interlocutors.
These are just some tips 💡 that can help mitigate the risk of cyberattacks and help you stay on top of your organization’s security. Creating awareness of threats among the workforce and users 🧑🏻🤝🧑🏻 is key to preventing cyber-menaces.
In the technological world 🌍, inform and train employees from day one about the security measures matter, and convince them that they are the FIRST line of defense 🛡️ in preventing cyber-attacks.
Here’s the good news. If you’re looking for an independant partner, Stroople provides customized solutions to design and build your technology dream team. You can choose the best solution that suits you. We provide tech talents pros whether you need to hire or outsource your cybersecurity team.