Here are some tips that can help you to stay secure in the modern web world:
Cybersecurity Tips for Day-to-Day Life
- Password security: There are many password security guidelines publicly available, published by National Institute of Standards and Technology (NIST) and other institutes. Let’s take a look at a few points to improve password security:
- Keep your password long and strong. Long passwords are hard to crack sometimes when you are using alphabets, symbols, and numbers in upper and lower case.
- Usage of a passphrase helps you choose a long password, and it is also hard to crack.
- Try not to repeat the same password on different platforms. There are chances of a data breach that can lead to compromising and making all your accounts vulnerable.
- Use multi-factor authentication: multi-factor authentication works as another layer of security. It works on the principle of something you know and something you have. You can use your password along with an OTP/Call option, authentication token, or a hardware token and a FIDO (Fast Identity Online) key.
- Use password managers: Modern password managers are very helpful to generate strong passwords/passphrases along with keeping them secure. There are a few options here too. We can opt for a service or use open-source password manager tools. There are multiple choices available in the market for this.
- Avoid using your personal email everywhere: Nowadays most sites ask you to sign up before entering. Signing up with a bunch of sites floods your mailbox with a lot of spam emails. You can use disposable email accounts for such cases. It will help you get rid of spam emails. As we know, reusing passwords may be harmful in case of a data breach from certain sites. We can avoid the usage of actual email unless it is necessary.
- Disposing or wiping off your personal information properly from packages before throwing them in the trash: Dumpster diving is a social engineering attack where an attacker gathers information from trash bins. They dig up all the things thrown by you and try to find essential information from them. This practice can help you to refrain from identity theft.
- Think before you post: Do you know that you can board a flight without posting it on social media? You can restrict what to share with a larger audience on social media because you don’t know everyone there. Some people have a habit of posting everything on social media platforms, but such things can be harmful in one or another way.
- Keep your OS updated: Today’s new software may become vulnerable tomorrow. As soon as the technology grows, it makes the old system more vulnerable. To keep their operating system or software secure and reliable, respective OS providers used to release patches in certain frequencies. You can keep your OS/software updated so you can overcome OS/software-related vulnerabilities.
- Never open attachments from unknown senders: Malicious attachments are the most common reason for the spread of viruses/malware. We must avoid opening such emails or attachments shared by unknown people.
- App permissions: Do check the app permissions you are using on your phone. It is a good thing to review permissions periodically. Sometimes, we see strange requirements that a calculator app needs permission to your calls or messages. So, be careful about permitting apps to access your information.
- Backup your device: Cyber-attacks have become more critical nowadays. Imagine one day you open your laptop and see all your important data has been encrypted and some random notification is flashing on your screen to pay X amount in bitcoin to recover that important data. Having another safe copy of the data is the best way to deal with such situations.
- Untrusted software: You should choose the official websites of the respective software while installing it. Untrusted sites can have trojan horses attached to them.
- Refrain clicking on links, especially if the email is from unknown senders: Humans are considered the weakest link in cyber security. As per data, 36% of breaches happen because of phishing attacks. Hence, they are the easiest targets of cyber criminals. Phishing is one of the best methods they use to get information from you or drop malware using that malicious link.
- Low-level format your equipment before reselling or scrapping it: Your data can be recovered and used in case it is normally formatted or just deleted. The low-level hard drive format removes it completely and reduces the chances of recovery. So, you should always follow this practice.
- Use encryption: Lost or theft devices can be easily accessed and used to collect the data in case it is in non-encrypted form. Using encryption to your computer data helps you to protect information residing in your hard drive whenever your device is lost or stolen. There are open-source solutions for encryption as well as Microsoft’s BitLocker. Encryption becomes a barrier to accessing the data from your computer drive.
- Awareness is the key: Keep yourself updated about the latest threats and practices cyber criminals are using so you can stay one step ahead of them.
- Always use an antivirus or EDR: Antivirus software can help you detect viruses, or malware based on signatures, whereas EDR can help monitor behavioral changes in your system to detect these threats. Both are good at their usage, but EDR or XDR could be more advance than any legacy antivirus system. You should always keep their definitions updated to detect the latest threats.
As the world gets more connected, cyber security becomes an area of growing concern. Without setting practices, tackling such issues may be nearly impossible.
With its IoT Cyber Security services, eInfochips assists businesses in the design, development, and maintenance of connected goods at the device, connection, and application levels by utilizing a variety of cybersecurity platform services and tool stacks. We have extensive expertise with turnkey deployments, security monitoring operations, strategic evaluations, and changes. To learn more about our experience, please check our IoT Security Brochure below or contact us now.
ABOUT THE AUTHOR
Manav Parekh works as Senior Security Engineer with eInfochips IoT Security Team. He has 10+ years of experience in system administration, cyber security configuration, VAPT and compliance. He is well experienced in Linux, Virtualization, Azure, and other technologies. He possess RHCSA, VCP, AZ-900, SC-900, and AZ-500. certifications.