The following Cyber Security Dos and Don’ts help remind us of actions we must take to remain vigilant. Whether you use the internet casually or for business, every defense your IT services company puts in place are useless if you do not negotiate cyberspace responsibly.
Here are the Cyber Security Dos and Don’ts of using the internet:
1) Follow the guidelines on this page for developing unique passwords.
2) When you are preparing to transmit funds online, make sure the site begins with ‘https’ and a padlock icon is present.
3) When doing online banking, type in the URL yourself – never click a link in an email or text message.
4) Research ;free’ software before you download it.
5) For people you are familiar with, always use your main email address.
6) For social media, keep a separate email that you don’t use for important communications.
7) Use trusted WiFi only – avoid ‘free’ WiFi because it is easily hacked
8) Avoid clicking links or opening attachments in emails you were not expecting or didn’t ask for – even if they seem to be from a source you are familiar with.
9) Always delete any online accounts you no longer use.
10) Backup, backup, BACKUP! Frequently – to a local backup separate from your network, an external hard drive or to a cloud backup.
1) Post personal information on social media.
2) Check ‘keep me logged in’ on websites.
3) Click on pop-up ads. Ever! If you like the pitch, search the site out for a look.
4) Frequent any websites where the address bar says ‘not secure’.
5) Share personal or banking details on the phone, by email or SMS.
6) Download and install software from an attachment in an email.
7) Save cred/debit card information on websites or in your browser.
8) Stay logged in to online accounts. Log in, do what you need to do, and log off.
9) Use personal information (name, address, date-of-birth etc.) in your passwords.
Cyber security awareness best practices
If CEOs, directors, and managers want to keep their data safe, it is up to them to educate their colleagues and create a workplace culture surrounding cyber security awareness. Here are some cyber security best practices every organization should be following:
Implement basic cyber security training
Conducting training sessions will ensure that employees use approved software and have strong passwords. You could also look at implementing common sense practices surrounding technology access and consider adding further levels of protection for staff with multi-factor authentication. This could be something as simple as not letting employees take their laptops home at the weekend or enforce a two-step verification process.
Have a data recovery strategy
A recent survey had shown that one in five businesses don’t have a procedure or back-up plan, should their data get lost or damaged. With more and more businesses relying on the cloud, it’s crucial that you ensure your cloud-based data is adequately protected and compliant with new GDPR regulations. Alongside this, you need to make sure your employees are clear on the strategy, and exactly who is responsible for what.
Detect and plan for what you can’t prevent
Hackers will always try and find a vulnerability, and when they do you need to make sure you have the resources and knowledge to detect their activities as quickly as possible. This way, you can contain the damage and get back to normal business without experiencing a massive loss event. Implementing a security information and event management (SIEM) solution will aggregate logs from applications, operating systems, and network infrastructure appliances across the enterprise. It will then analyze the data to identify any questionable activity and flag it to the appropriate people.
It’s clear that the weakest link in cyber security is the human factor, and if your employees are unable to make an informed and educated decision about something as simple as what network to connect to or which email attachment to open, you’re at risk of a potentially devastating cyber-attack. Your business’s cyber security is only as strong as your weakest employee - it is your responsibility to create a risk aware workplace culture surrounding cyber security awareness.
Remember - cyber security is everyone’s responsibility! We hope all users take these Cyber Security dos and don’ts to heart.