Security is becoming a very complex topic with many different actors and issues — the recent NSA revelations
adding to the pile of discussion. But an astonishing number of
cybercrime attacks still play on some basic — and preventable — failures
to protect personal data.
If everyone who watches this talk (and the
friends and family members they share it with) were to apply the
following practices, we would massively improve security. Here are six
pointers for you.
- Update your system. It is very
common for exploit tools to use old attacks that have subsequently been
fixed. For example, out of date Java or PDF software are very commonly
targeted. And still, a large number of users won’t update. Make sure you
have the latest version of all software.
. - Get a decent password. There are plenty of great articles out there that suggest how to generate a good password.
And yet, it is amazing when you review password lists for large public
websites that have been leaked how common it is for people to use basic
passwords like ‘password2013′ or ‘linkedinpassword.’ You should also
make sure you use different passwords for different sites and services,
or consider using a password manager to look after them for you.
. - Be a little suspicious. A very
large number of attacks rely on simple social engineering. Ask yourself
next time you receive an e-mail claiming you have won an iPad or
received a FedEx package — is this probably real? Would it happen to me
walking down the street? Scams today aren’t all identifiable by poor
grammar and spelling mistakes, as they once were.
. - Keep a backup. Some attacks now do
permanent damage that cannot be reversed. Whilst most attacks are still
focused on reputation damage or fraud, these attacks can be extremely
damaging. A tried and tested backup procedure can save you severe pain.
. - Make sure you run basic security controls.
Lots of people run severely out-of-date anti-virus software. Whilst
there is no 100% in security, and AV won’t block everything, it remains a
good basic step for keeping your system clean.
. - Make sure you look up best practice for devices other than just your PC. You may have secured your computer, only to put very similar data on your mobile device with no security checks at all. There is an increasing amount of malicious code focused on Android mobile phones. And I find a lot of people don’t bother to protect their iPhone with a pin or lock screen. (It will be interesting to see how many people use the new fingerprint feature.) Check out the security best practices for each and every one of your devices.
No comments:
Post a Comment