10 tips to protect your data 5. PROTECT YOUR IDENTITY
1. SECURE YOUR WI-FI
Securing your Wi-Fi network and Wi-Fi access points/routers is crucial to keeping your data secure. If your network is not secure, it is easy for people to access it and steal data from your devices. It is equally as easy for bad actors to hijack your connection to conduct crime.
To ensure preliminary security, change the default password (it might be publicly known) for the administrator account that allows access to device configuration to a strong password that follows security protocols. Similarly, change the default password and username for Wi-Fi network. Remember that your Wi-Fi username is often publicly visible, so avoid using personal details.
2. DISABLE BLUETOOTH AND WI-FI
Bluetooth and Wi-Fi settings can be exploited if not disabled when not in use. Even with access restrictions and password protection in place, cybercriminals can hack into your device via Bluetooth to gain access to data such as emails, text messages, pictures, and videos. Do not perform online shopping, banking, or other tasks that involve sensitive data when on public Wi-Fi or in a public place.
Often, default device privacy and browser settings are not configured to the user’s advantage. To make devices more secure, customise advanced device privacy and browser settings. Block auto cookie and location tracking. Disable auto-download and autorun of Flash.
3. USE RANDOM PASSPHRASES
The Federal Bureau of Investigation suggests that ‘instead of using a short, complex password that is hard to remember, consider using a longer passphrase’. A random set of letters, numbers, and characters can be daunting to remember and lead to users storing their passwords unencrypted or even writing them down. Instead, use random words and phrases in combination with standard password protocols. Words are easily remembered by the human brain as opposed to a meaningless string of letters. Eg: tH3sky1sc!e@rT0day (the sky is clear today). It is important that the words/phrases are random, at least 15 characters long, and not related to your personal information in any way. Use unique passphrases for every account and device.
Despite this trick, remembering multiple passphrases can be difficult. So safely store them in a password manager.
4. KEEP SOCIAL MEDIA PRIVATE
One place that we often flaunt our information is on social media. We share our birth dates, photos, interests, and hobbies, and even holiday locations. Social engineers may carry out targeted attacks by extracting such information about an individual from their digital footprint.
Identifying spam profiles is relatively easy due to their questionable usernames, but keep a check on every profile you add as a connection on social media platforms. Cybercriminals may impersonate the profile of someone you know to gain direct access to your information. Ensure that your online interactions do not reveal sensitive information about you. In addition to following standard password protocols for all your online accounts, enable two-factor authentication for added security. And regularly check if unknown devices are logged into your accounts. Personally Identifiable Information (PII) such as phone number, birth date, and bank account details can be used to identify, locate, or contact an individual. Refrain from posting such information on publicly visible platforms, storing it unencrypted, or physically noting it down. Although unadvisable, at times we store PII such as passport details on our devices. Password-protect your devices and lock them when not in use. Be cautious of emails or phone calls that ask for sensitive information, even if they appear from a legitimate source.
6. DON’T SAVE INFORMATION
Websites and browsers allow you to save sensitive data such as passwords and credit card information for future use, but do not save it. Store your passwords in a password manager and sensitive information in encrypted files. For additional security of your finances, closely monitor your financial transactions to flag payments that have not been made by you and to react quickly.
7. AVOID UNKNOWN SITES
According to Forbes, ‘Google has registered 2,145,013 phishing sites as of January 17, 2021.’ Cyber criminals create thousands of fake sites, often spoofs of a legitimate site, to spread malware and to carry out spam campaigns and phishing attacks. Check security protocols, certifications, and a secure payment gateway on websites.
Unknown websites may be a gateway to drive-by download attacks that aim to install malicious code on a victim’s computer via unintentional or auto-downloads. While configuring privacy settings, disable the auto-download function to avoid such attacks. Even while downloading trusted files or software, look out for unwanted add-ons or extensions being installed in the background.
8. VERIFY BEFORE YOU CLICK
Links, pop-ups, and downloads can contain viruses and malware. Phishing emails are known to use fear-inducing or enticing tactics to manipulate the victim into submitting sensitive information. Make sure to verify the source before clicking on any links.
9. CAREFULLY BACK UP DATA
Having a data back-up is advisable in case your files are damaged or inaccessible due to a cyber-attack. However, make sure you control where your data is uploaded and stored and who has access to it. Devices such as smartphones may back up your data on remote servers by default. To avoid sensitive data such as photos being accessible by people with the wrong intent, disable auto back-ups.
10. REPORT ANY SUSPICIOUS ACTIVITY
If you notice anything suspicious, report to your cyber security team instantly so that immediate action can be taken to mitigate the cyber threat. Reach out to our forensics team for 24/7 support.