Jan van Vliet, VP and GM EMEA at Digital Guardian
Keeping passwords, financial, and other personal information safe and protected from outside intruders has long been a priority of businesses, especially for those in the financial services industry. But it is increasingly critical for individuals to heed data protection advice and use sound practices to keep information safe and secure at home too, especially as people from all industries, including those that are heavily regulated, are working from home.
There’s an abundance of information out there for consumers, families, and individuals on protecting passwords, adequately protecting desktop computers, laptops, and mobile devices from hackers, malware, and other threats, and best practices for using the Internet safely. But there’s so much information that it’s easy to get confused, particularly if you’re not tech-savvy. Here is a top 10 list of simple, straightforward best practices and tips for keeping information private, and protecting devices from threats.
1. Encryption
Data encryption isn’t just for technology geeks; modern tools make it possible for anyone to encrypt emails and other information.
2. Backup your data
One of the most basic, yet often overlooked, data protection tips is backing up your data. Basically, this creates a duplicate copy of your data so that if a device is lost, stolen, or compromised, you don’t also lose your important information.
Additionally, while you should use sound security practices when you’re making use of the cloud, it can provide an ideal solution for backing up your data. Since data is not stored on a local device, it’s easily accessible even when your hardware becomes compromised.
3. Use two-factor authentication
Two-factor authentication is an additional layer of security that provides protection in the event that a hacker guesses or cracks your password. Two-factor authentication requires a second verification step, such as the answer to a secret question or a personal identification number (PIN). You should opt for two-factor authentication when given an option.
4. Turn your computer off
You’d probably never think twice before logging off for the day and just putting your computer into sleep mode. But when you’re finished using your computer or laptop, you should power it off. Leaving computing devices on, and most often, connected to the Internet, opens the door for rogue attacks.
5. Encrypt data on USB drives and SIM cards
Encrypting data on your removable storage devices can make it more difficult (albeit not impossible) for criminals to interpret the data should your device become lost or stolen. USB drives and SIM cards are excellent examples of removable storage devices that can simply be plugged into another device, enabling the user to access all the data stored on it. Unless, of course, it’s encrypted.
6. Don’t forget to delete old files from cloud backups
If you’re diligent about backing up your data and use a secure cloud storage service to do so, you’re headed in the right direction. That said, cloud backups, and any data backups really, create an added step when it comes to deleting old information. Don’t forget to delete files from your backup services in addition to those you remove (or overwrite) on your local devices.
7. Use secure passwords
It might seem like a no brainer, but password hygiene is the simplest, but often most overlooked, layer of protection. Passwords can be easily cracked by hackers, particularly if you don’t use sound password-creation practices. The best passwords contain uppercase and lowercase letters, numbers, and special characters. You should also avoid using easily guessed words or alphanumeric combinations, such as the names of children or pets, birth dates, addresses, and similar information that can be easily guessed by someone looking at your Facebook profile or through a Google search.
8. Be overly cautious when sharing personal information.
This tip applies to both the online and offline worlds: there are many impostors who attempt to trick the unsuspecting into giving out sensitive information by pretending to be the bank, credit card company, or other reputable entity. This can happen by phone or online, via phishing emails or websites designed to mimic the authentic company’s look and feel.
Be vigilant and ask: Who is asking for your personal information, such as your national insurance number or credit card information? Why do they need it? How will they use it? What security measures do they have in place to ensure that your private information remains private?
9. Don’t forget to sign out
Signing in to online services is necessary when you need to access your personal accounts, but many users forget to sign out when they’re finished using a service. Even the Google Safety Center warns,”But when using public computers like in a cybercafe or library, remember that you may still be signed into any services you’ve been using even after you close the browser. So when using a public computer, be sure to sign out by clicking on your account photo or email address in the top right corner and selecting Sign out. If you use public computers often, use 2-step verification to help keep your account safe, and be extra careful to sign out of your accounts and shut down your browser when you have finished using the web.”
10. Don’t open emails from people you don’t know
This is 101 but it is also so easily accidentally done. If you receive an email from a source or individual you don’t recognise, don’t open it, and definitely avoid clicking any links or file attachments. Almost everyone gets the occasional email from their bank, financial institution, or similar accounts and services. But to be safe, you should always open a browser window and type the URL in the address bar, rather than click on links in emails. Why? Phishing emails are one of the most common ways hackers obtain personal information, tricking users into inadvertently handing over their login credentials to bank accounts, credit cards, and other accounts where they can glean further information, make unauthorised purchases, or even steal your identity.
