Happy International Computer Security Day everyone! While it’s arguably not the catchiest sounding day, there’s never been a better time to catch onto good security. Technically every day should be computer security day, but realistically things can slip a little, so today is the day to stand back and take a look at our top five tips for staying safe!
It seems like there are new breaches splashed across headlines every day – even today the National Lottery may or may not have been hit (no one’s a winner in that scenario) and there will be many more companies out there today that have suffered less high-profile but still devastating consequences because of an attack.
Unfortunately there’s no dead set way of avoiding an attack, but there are definitely things you can do to minimise the risks. Here are our top five tips for protecting your own systems, and for when you’re out and about in the WWW (which of course stands for the Wild Wild Web).
We bang on about this a lot but in terms of protecting your account it’s generally accepted as one of the best things to do. When 2FA is enabled you will be asked to provide your password as well as another method of identification when logging into an account; this could be a code sent to your mobile phone or something you have on you like a USB key. If you have a site you can set this up for your customers too – for example, MyUKFast users can enable this on their account now!
Another oldie but goldie – it’s crucial to have long, strong, unique passwords. Yes, it’s a faff remembering all the different ones but it’s worth it. For example, recent attacks on Deliveroo and the National Lottery alone have taught us that if you use the same password across multiple accounts attackers can hack any one of your accounts and use that password to access the rest. Help is at hand though. A password manager stores and often generates long strong passwords for you so you only have to remember the one password. Dreamy.
Updates might just seem like an exercise in how to ignore pop-ups, but they’re actually a vital way of security fixes being pushed to your system. Make sure you’re automatically allowing updates – or at least staying up to date with them! – and keeping antivirus up to date too.
Oh, and while we’re talking staying up to date, make sure you know what the current top threats are (tip: ransomware is a big one for this year). Newsletters are an easy way to stay in the know; for example, at UKFast we send out a security newsletter the first week of every month with all the latest major threats and advice for staying safe (you can sign up in MyUKFast). Don’t forget to educate the rest of your team too; you’re only as strong as your weakest link!
Encrypting your emails and systems means that your data is completely protected even if it is stolen; for example, a file encrypted with 256 bit AES would take a hacker more than a lifetime to crack using current technology. If an attacker gets into your system then encryption is pretty much your last line of defence, so you’ll want it to be a good one; again although probably not foolproof it might be enough to put would-be attackers off. There is lots of good encryption software out there that you can download.
More and more companies are realising the need for constant monitoring within their systems. Things like vulnerability scans and penetration testing which check your systems for weaknesses are still great and necessary, but having a tool in place that will constantly check your system for changes can be vital for catching lurking attackers that quietly nick your data or mess with your system. Think of it like an alarm around the perimeter of your property – as soon as it’s triggered you’ll know something’s wrong.
At the end of the day, every day, security needs to be a priority for your business and your personal life; and with the dawning of the new cyber era, it needs to be treated just as seriously as physical threats. If you need a bit of help seek expert advice – 2016 has been stressful enough; don’t add bad cyber security to it!