October is important for the security industry, ensuring people are safe online as internet usage ramps up as we head towards Black Friday and Christmas. Due to this, every year, October is known as Cyber Security Awareness Month around the world. Today, October 29th, is International Internet Day; a day to celebrate everything the internet gives us. Combining the two, we thought today would be a great day to give out some of our top tips to stay safe online as we head into the festive seasons.
How to stay safe online
- Ensure a website is safe
- Use strong passwords (and/or a password manager)
- Use 2-Factor Authentication/Multi-Factor Authentication
- Be wary of links, downloads and attachments
- Use cybersecurity software
- Don’t put important/confidential data online
- Keep your device updated
- Be careful using public Wi-Fi
- Cybersecurity Awareness Training
- Back up your data
1. Ensure a website is safe
There are millions of phishing sites on the internet. Fake websites, posing as a company you trust to try and get your details. This may be your contact details, credit card information or login details for a website. So how do you spot the difference between a real, reliable website and a fake one trying to steal your data?
There are actually several things to look out for when perusing a website that you can quickly check to ensure authenticity.
- Ensure the website’s address is what you expected, with no spelling mistakes. Sometimes a link may look legitimate, but redirects you to another site without you noticing.
- There should be a padlock in the address bar, indicating that the connection to the site is encrypted. This means that your data can not be intercepted as it transfers between your computer and the intended target.
- Assess the website’s content. Are there spelling and grammar mistakes? Is the website displaying correctly? If anything looks wrong with the site, it may not be legitimate and you should be wary of entering any information or downloading anything from the site.
2. Use strong passwords
Lots of advice online surrounds the use of very complex passwords, full of uppercase and lowercase letters, numbers and symbols. Whilst this is important to combat bruteforce attacks, it is more crucial that you can actually remember it too. You don’t want to be writing a password down to remember it; that would be the equivalent of leaving a key to your front door under the doormat.
We have a couple of solutions for this issue. Our first recommendation is to use a string of 3 or more unrelated words that you could easily remember. For example, “HoundMeltsWind” would be an easy password to remember, but it would take hundreds of years for a computer to crack the code. Our second recommendation is to use a password manager. This will allow you to create those complex passwords that everyone talks about (You know the ones. They look like X9&%&^$£noIASF?’[sf[0sa-dj or some other crazy string of random characters.) except you won’t have to remember them. They allow you to hide your strong passwords behind another password that you shouldn’t use anywhere else. Maybe use your 3-word combo for this password instead!
We recently published a full article with advice about password creation and password management, so for more detailed information please click here.
3. Use 2-Factor Authentication / Multi-Factor Authentication
Leading on from passwords, they shouldn’t be your only line of defence for logging in to anything with sensitive information included. Despite all the precautions you take, you could still end up becoming compromised, perhaps through downloading an untrustworthy program that includes a keylogger that tracks everything you type. However someone may gain your password, you can still stop them getting into your accounts with 2FA/MFA.
This extra layer of security requires you to provide extra evidence that you are who you say you are. This could be through the use of a code that is texted or emailed to a device that only you have access to, or even via biometric data like facial recognition or a fingerprint if you have the necessary equipment to do so.
Again, for more information please check out our recent blog post all about passwords and authorisation.
4. Be wary of links, downloads and attachments
Dodgy links are everywhere on the internet. Spam emails, clickbait ads, social media replies and even text messages now. If you don’t know where a link came from, don’t click it. If you think a link is trustworthy and click on it, but you don’t go to a site you were expecting, leave the page. If it comes up asking if you want to download something and you aren’t trying to download something, reject it.
If you receive an email that you weren’t expecting with an attachment, don’t open it and don’t click on the links, even if it looks like it is from someone you know. Contact that person/company via means other than contact details that are in the email to check what it is first. Malicious actors could just include their own contact information on the email, so you could potentially just get a hacker telling you an attachment is ok to download!
5. Use cybersecurity software
Backing up all of these precautions, you should use cybersecurity software including antivirus solutions. It never hurts to have a bit of added protection against those that mean you harm. As safe as you try and stay online, there is always a risk of getting a virus. Modern, sophisticated, feature-rich solutions such as those offered by Nutbourne will keep you the most protected. Detect threats before they affect your computer, filter out unwanted emails and more with our advanced cybersecurity software.
Businesses can also make use of website filtering software, which allows you to restrict what kind of websites can be accessed in the workplace. This can make the internet a much safer space and is absolutely a necessity as your workforce grows.
6. Don’t put important/confidential data online
85% of identity theft happens online and nearly 500 identities are stolen every single day in the UK. The total cost of online fraud for UK businesses is over £140 billion a year. To avoid having your identity stolen, ensure that no one can gain access to data you don’t want them to have. Pet’s names, mother’s maiden name, birthdays, etc. are all examples of useful information for someone trying to steal your identity and relatively easy things to find out about someone who posts a lot online.
For starters, you should make sure that only people that you trust can see anything that might be a bit more sensitive. Make your accounts private so that only friends and family can see your activity. Secondly, it might sound obvious, but it is easy to let our guard down when we are sharing our lives on social media; just be careful what you post online!
7. Keep your device updated
Operating Systems and apps are regularly updated to remove vulnerabilities, so constantly saying, “remind me later” can be very dangerous and leave you open to attacks. Making sure everything is on its latest version is an easy way to improve your safety whilst connected to the internet.
8. Be careful using public Wi-Fi
When using public Wi-Fi, be careful about what you browse, as it may not be as secure as you’d hope. Avoid accessing any sensitive information on your device whilst connected to one of these networks. If it is vital that you access data, such as making an urgent payment for something, use a VPN to disguise your activity.
9. Cybersecurity Awareness Training
It is all well and good staying on top of cybersecurity yourself in the workplace, but unfortunately it isn’t just down to you. In some cases, you may have thousands of people logging into a network, which is thousands of potential problems if users are not cyber aware. Training is available from experts in the field of cybersecurity and there are SaaS solutions available too! Programmes such as usecure can give you rapid deployment and tracking for cybersecurity awareness across your business and allow you to test users with fake targeted phishing techniques to see just how aware they actually are.
10. Back up your data
Similarly to having cybersecurity software, backups are an important precautionary measure. If anything does make it through your stringent security, be it ransomware, malware or other viruses, your data will be kept safe, away from your device. Think of it as a safety parachute… if your 10 other main parachutes don’t work as planned. Backups are there for a worst-case scenario. You won’t need them every day, but should you experience a disaster, you’ll be glad you’ve got them!
If you have any questions about staying safe online, or anything to do with internet cybersecurity, we’ll have the answers. Whatever you need, just give us a call.
So, if you’d like to find out more about our cybersecurity services or our work more generally as a London managed service provider, then get in touch! Contact Nutbourne today on +44 (0) 203 7273 or by filling out an enquiry form on our website.