With Christmas around the corner, we all hope to make it to Santa’s ‘Nice’ List! The rules of the game are simple: be good year-round, and in return, Santa will place you somewhere in his Nice List. Be not-so-good, and you will get bumped onto the ‘Naughty’ List.
However, in the world of Cybersecurity, there’s a lot more to it than meets the eye.
A rise in hybrid working has made us more vulnerable than ever to cybercrime. This has made cyber security more critical for all of us.
Here’s how you can get onto the ‘Nice’ cybersecurity list!
- You are working inside a secure digital environment: When using remote access for business activities, confirm that it’s completely secure. Simply avoid using public WiFi. Ideally, carry company-approved devices and network connections to stay within a secured environment. Use your organisation’s VPN connections. Install and use a professional Customer Relationship Management (CRM) tool to store and share important data and files. If you are working remotely, like a cafe, pay attention to your sightlines. If someone is behind you, they can see everything you are typing. A professional cybercriminal can easily observe and steal your confidential information.
- You adopt strong password practices: Avoid using the same passwords everywhere. Use hard-to-guess passphrases instead of regular passwords. Follow multi-factor authentication into effect to further enhance your level of security. Keep your devices and accounts are password protected. Log out of your social media, email and bank accounts after every login session, especially when you’re using public computers. Keep the screens of your devices locked when not in use.
- You are aware of your digital surroundings: Always research before trusting an internet service provider or installing free or paid software. Use a trusted cloud-based backup service to store all your essential files. When digitally sharing confidential information, pay attention to phishing traps in your emails and messages, and avoid responding to calls that ask for your personal information. Always check if your shopping, banking, and payment websites begin with ‘HTTPS’ and have a padlock icon in the address bar.
- Your digital privacy is your priority: Secure your accounts by practising good security hygiene. Start with your Apps – they can learn a lot about you with all the different types of data they can access via your phone and computer. Seemingly harmless apps – like, say, a flashlight app — could be selling the data they gather from you. Delete such unnecessary apps and use browsers instead. To protect your chats, use an encrypted app for messaging. If you have online accounts, it is most likely that hackers have leaked data from at least one of them. Check your privacy settings for your social media accounts, like Facebook. To know which of your accounts have been compromised, search for your email address on Have I Been Pwned? to cross-reference your email address with hundreds of data breaches. Another trick is to go into your device settings and turn off ad personalization, which often gives companies permission to do invasive tracking.
- You are #cyberready for 2022: Understand the digital identity and the nature of the cyberworld. Enable authentic security updates to keep up with the latest trends of cyberattacks. Be aware of Social Engineering with deceiving methods. While it is typically used for marketing purposes, it’s sometimes used for hacking and deception in the cyberworld. Waste no time reporting any security breaches or suspicious activities you notice on your devices and network.
Now let’s not forget the following ‘Don’ts’ that, if ignored, could potentially land you in trouble, or in this case – Santa’s ‘Naughty’ List!
- Don’t engage with unreliable sources: Don’t respond to emails or open/download attachments from unreliable sources. Don’t click on pop-up ads. Install a reliable pop-up blocker. Also, never download or install software downloaded from untraceable sources.
- Don’t be misled into giving away confidential information: Don’t reveal any personal information on shady websites that lack secure payment gateways. Don’t respond to chats, emails or phone calls requesting confidential company information such as employee data or financial results. Also, never engage with websites bereft of the padlock icon in the address bar and the ‘S’ in ‘HTTP‘. Don’t save your Credit / Debit Card information on websites or browsers.
- Don’t use an unprotected computer and network: Don’t use an unsecured, free WiFi or non-secure computer to log into your bank or social media accounts. Don’t check ‘keep me logged in’ or ‘remember me’ while logging in from public computers. Avoid networking apps in which your chats are not end-to-end encrypted. Never connect any portable devices to your laptop or PC unless you’re sure they’re not corrupted.
- Don’t leave your devices unattended: Keep all mobile devices, such as laptops and cell phones, digitally secured. Don’t leave wireless or Bluetooth turned on when not in use. Only do so when planning to use it in a safe environment. If your device gets lost or stolen, report it immediately to the organization’s designated cyber security representative.
- Don’t ignore cyber threats: Keep an eye for any malicious or suspicious activities that can harm your digital privacy. If you find any error in the system or issues with your devices that can cause hazards to company sensitive information, do report. With the steady rise of Ransomware and Stalkerware attacks, it is paramount that you register, report, and react actively.
Knowing the possible vulnerabilities and risks in advance will surely help you be careful when spending time online and thus significantly protect yourself. Simple hacks like double-checking before downloading a file or app can avoid unwanted risks to the device and data, just like cybersecurity data security has the same relevance. And that is the reason why there should always be a backup for the critical databases or files.
Keep these cyber security tips in mind and guarantee your place in Santa’s ‘Nice’ List this holiday season!
A seasoned cybersecurity professional with over two decades of experience in building businesses, Altaf spearheaded the South Asia business for Kaspersky for 7 years prior to joining the firm. In his previous stints he has run India business for companies such as Sophos, Utimaco and others. Highly passionate about cybersecurity, he combines sharp business acumen with a keen sense of humor.