Cyber Hygiene

  • 24 July 2018
  • 1 reply
  • 24 views

Userlevel 7
Badge +36


 
 
Limit Personally Identifiable Information on Social Media

Whether you are about to create a new social media account or you already have one, only enter the basic information required to get the account activated and never provide excessive information that could put you at risk. Many social media services will tempt you to enter information like date of birth, home address, location details and mobile numbers to make it easier for other people to find you. But this dramatically increases your cyber security risk as cyber criminals find ways to locate this information. If you’ve already added this information set it to hidden; or better still, remove it from your profile.
 
 
Enable Privacy Settings, increase the default security settings, and set up alerts

Many social networks are open by default, privacy is basic or turned off, and security is optional. Review the privacy and security options available to you and enable them. Don’t be afraid to make your account less visible. If multi-factor authentication is available—use it! Use an Authenticator application like Google, Microsoft, Symantec or Authy to SMS. Enable alerts and notifications on your accounts so you are quickly advised of any suspicious activity. Get notified when anyone attempts to tag you.
 
 
Use stronger passwords and change them at least once per year

When choosing a password make it long, strong and unique to that account. Then change it at least once per year. The average age of a social media password today is years, and social media platforms don’t do a great job of reminding you how old your password is, pointing out how weak it is, or telling you when it’s a good time to change it. It’s entirely up to you to protect your account—so do it wisely. If you have many accounts and passwords, use an enterprise password and privileged account vault to make it easier to manage and secure them. Never use the same password multiple times.
 
 
Never use social logins, as tempting as it may be

Where possible, log into original accounts using the unique login you created for that account rather than using social logins. Sure, it’s quick and convenient to ‘log in using Facebook’, but when Facebook gets hacked it means that the hacker could cascade to all of your accounts using that social login.
 
Maintain and use multiple Digital Identities

Create multiple accounts to de-risk your information. Set up multiple email accounts with different purposes: use one email address for low-risk communication; one for subscribing to online newsletters, airport Wi-Fi and other services that require an email address; one for shopping online, and another for resetting passwords (which has higher security settings). This lowers the chance that your information will be compromised, and limits the risks associated with having all your eggs in one basket.
 
 
Limit what you do over public Wi-Fi and apply the following best practices when using it
 
  1. It’s best not to use a public Wi-Fi network without VPN. Rather use your cell network when security is important (3G/4G/LTE).
  2. When using public Wi-Fi ask the vendor for the correct name of the Wi-Fi Access point and confirm that it has security. It is common for hackers to publish their own Wi-Fi SID with similar names.
  3. Disable Auto Connect Wi-Fi or enable Ask to Join Networks. Hackers use Wi-Fi access points with common names like ‘Airport’ or ‘Café’ so your device will auto-connect without your knowledge. Never opt to remember the Wi-Fi network on public access points.
  4. Use the latest web browsers as they have improved security for fake websites. This prevents someone from hosting their own ‘Facebook’ website, for example, waiting for you to enter your credentials.
  5. Do not click on suspicious links like videos, even via social chat.
  6. Beware of advertisements. They could direct you to compromised websites.
  7. Use a least privileged user or standard user while browsing as this will significantly reduce the possibility of malicious malware being installed.
  8. Always assume someone is monitoring your data over public Wi-Fi.
  9. Do not access your sensitive data like financial information over public Wi-Fi.
  10. Do not change your passwords, and be wary of entering any personal credentials while using public Wi-Fi.
  11. If you have a mobile device with a personal hotspot function, choose this over public Wi-Fi where possible—but still be cautious.
 
Limit on how often you like a status, follow a page, or allow an application to access your social media profile

If you’re a frequent user of any social media platform be aware of the risks of liking posts, following pages or allowing different applications to access your profile. You’re accumulating a trail of activity that is time consuming, or even impossible to reverse.
When you grant access to a social media app you must practice good cyber hygiene—remove the app’s access when it’s no longer required. Apps may share your information (and sometimes that of your friends) and unless you revoke access the app will continue to have access to your profile data and more. On occasion, go into your account and review which apps have your approved access and revoke access if you no longer need the app.
 
 
Before clicking on anything, stop, think and check if it is expected, valid and trusted

We are a society of clickers; we like to click on hyperlinks. But be cautious of any message you receive that contains a hyperlink, even if it looks like a legitimate message from a friend or a trusted organization.
 
Stop and ask yourself if the message was expected. Do you know the person who sent it, and is it really from them? Or could they have been hacked? Could it be a phishing email—a message that looks exactly like one you might receive from a familiar organization but is really a set-up to get your information. If you’re unsure of the authenticity of the message contact the sender by phone or via a new message and ask if they sent you the link. It could be malware, ransomware, a remote access tool or something that could steal or access your data. Nearly 30% of people will click on malicious links. We all need to be more aware and cautious. Before clicking, stop and think.
 
Stay safe online with these cyber security best practices and avoid becoming the next victim of cyber crime.
 
 
By Joseph Carson, on October 4th, 2016 The Lockdown

1 reply

Userlevel 4
Very nice post

Reply