In this day and age, the increased usage of emails, social media, and the internet to perform our jobs has blurred the lines between work and play. With the internet becoming easier to access and data exchanges becoming more seamless, safety measures need to be taken to ensure that any confidential information including financial data, research data and company plans does not land in the wrong hands.
In addition to a robust cybersecurity program implemented by an organisation, it helps for employees to recognise potential cybersecurity pitfalls because security breaches are very real aspects of working and playing in the virtual space. Here are four tips to help employees stay smart online.
Un!que p@ssw0rds
We all have a few personal details in our lives such as pet names, street address and partner’s birthdays that we remember and typically create passwords based on those details. However, with so much of our lives available online and accessible across multiple devices, it’s important to not just rely on a few favourite passwords that are easy to guess. Get creative and develop unique password combinations by using numbers, letters, and special characters that are at least eight characters long. The best way is to use a password generator to generate complex passwords and to implement two-factor authentication as an additional layer of security.
Free public wifi has its consequences
The way we work is changing with more organisations offering flexible working policies. This gives us the flexibility to work from anywhere and also means that we might be tempted to access public WiFi because of its convenience. However, connecting to the public WiFi can leave us vulnerable to cybercriminals looking to get hold of sensitive information. To secure your online connection and protect your privacy, use a trusted virtual private network (VPN).
Check before hooking up a new IoT device
There’s an infamous example of how cybercriminals hacked a casino through an Internet-connected fish tank. There is no doubt that an insecure IoT device connected to an office network can cause security nightmares. While the onus shouldn’t be on end-users to update IoT devices, always seek the advice of your security team before hooking up an IoT device or better yet an internet-connected fish tank for the new office pet!
You’ve got mail! No, you got phished…
Email is a major vector for security threats. Phishing uses email messages that appear to be from trusted sources — a colleague or even your bank — or lure recipients into providing information that they shouldn’t, to open attachments with malware, or to visit dangerous websites. If you receive an email you were not expecting, check with the person or company the email is sent from before you respond, click, or open any attachments.
Vigilance is key to staying smart online
While some of these tips may seem obvious, putting them into action will offer employees peace of mind as many different types of security threats exist. Cyber crooks will look for and exploit the weakest link available. That link might be a mobile device, email or you! Protecting against these threats is feasible, provided that you are aware of them and you are careful.
Gary Jackson, Vice President for Asia Pacific, Tenable
