Cybersecurity can be overwhelming. But with constantly evolving cyber threat landscape, it’s important for businesses to stay safe and protect themselves from being hacked. With this in mind, here are a few simple cybersecurity tips to mitigate cyber threats and be secure.
Passwords are becoming more and more insecure, as many of us use the bare minimum requirements for password length and often use the same ones for multiple sites. These passwords are either difficult to remember and very easy to crack or extremely easy to remember and even easier to crack. The solution is to use passphrases instead, for length and hash tables.
Every password has a unique hash and when passwords are cracked using a hash table (a giant list of cracked passwords), the password-cracking tool compares the hash on the list, with the password hash. Hash tables can consist of millions or billions of strings of characters to compare with your passphrase. By creating a longer passphrase, you greatly decrease the possibility of it ending up on that table.
Today, we have dozens of applications and software from various vendors, developed and tested by people. This means chances are not all applications are bug-free. Hence, the regular software update, as outdated browsers and unpatched devices are primary targets for cyber-attacks. Updating software to the newest version will reduce the chances of getting exploited.
One of the frustrating things that can occur is when you start your workday, and upon opening your laptop, you see a message that says, “All of your data belongs to us.” Unfortunately, the only option is to format the entire hard drive and reinstall the OS. This could mean that you’ve just lost all of your work and files. To prevent such a sad day from occurring, back up your data.
Today, we are highly dependent on our mobile devices, and more and more attackers are using them as points of attack. One of the easiest ways to help secure your device is with a PIN or password or biometric options, such as a fingerprint or face recognition. The second key thing is application security where app stores generally vet the applications for safe practices. But not all apps are equal; be careful that you are downloading a legitimate version for apps.
Though modern phones and operating systems have data encryption as a standard, some information may not fall under that encryption umbrella. Be sure to find out what is or isn’t encrypted. Also, be careful about “Find my device” services. This might sound a bit controversial, but don’t forget that turning on device location services means others can also potentially see you. However, in doing so, you may be able to track down your phone if it’s ever stolen or misplaced. This is a risk/reward situation.
Sadly, this is a phrase heard too often. It’s assumed that most of us aren’t in danger of having a security issue affect us. The truth is, most attackers go for easy targets, the low-hanging fruit. An attacker could spend days or weeks trying to penetrate a system, or they could just sweet talk their way to getting information by sending a phishing email or making few phone calls.
Instead, a good recommendation is to practice a heightened state of awareness. However, it must be stressed that this is not the same as paranoia. It’s simply a state where you question the information in front of you with the intention of avoiding social engineering attacks.
James Ley, ANZ Sales Engineering Manager, Ivanti