6 basic tips for better online security

Security is becoming a very complex topic with many different actors and issues — the recent NSA revelations adding to the pile of discussion. But an astonishing number of cybercrime attacks still play on some basic — and preventable — failures to protect personal data.

If everyone who watches this talk (and the friends and family members they share it with) were to apply the following practices, we would massively improve security. Here are six pointers for you.

1. Update your system. It is very common for exploit tools to use old attacks that have subsequently been fixed. For example, out of date Java or PDF software are very commonly targeted. And still, a large number of users won’t update. Make sure you have the latest version of all software.
   .
2. Get a decent password. There are plenty of great articles out there that suggest how to generate a good password. And yet, it is amazing when you review password lists for large public websites that have been leaked how common it is for people to use basic passwords like ‘password2013′ or ‘linkedinpassword.’ You should also make sure you use different passwords for different sites and services, or consider using a password manager to look after them for you.
   .
3. Be a little suspicious. A very large number of attacks rely on simple social engineering. Ask yourself next time you receive an e-mail claiming you have won an iPad or received a FedEx package — is this probably real? Would it happen to me walking down the street? Scams today aren’t all identifiable by poor grammar and spelling mistakes, as they once were.
   .
4. Keep a backup. Some attacks now do permanent damage that cannot be reversed. Whilst most attacks are still focused on reputation damage or fraud, these attacks can be extremely damaging. A tried and tested backup procedure can save you severe pain.
   .
5. Make sure you run basic security controls. Lots of people run severely out-of-date anti-virus software. Whilst there is no 100% in security, and AV won’t block everything, it remains a good basic step for keeping your system clean.
   .
6. Make sure you look up best practice for devices other than just your PC. You may have secured your computer, only to put very similar data on your mobile device with no security checks at all. There is an increasing amount of malicious code focused on Android mobile phones. And I find a lot of people don’t bother to protect their iPhone with a pin or lock screen. (It will be interesting to see how many people use the new fingerprint feature.) Check out the security best practices for each and every one of your devices.