The 3 Cyber Security Categories Everyone Should Care About

Ate lunch with a co-worker on Monday. This co-worker has never focused on security, and asked the same question I’ve heard a ton over the years. He said, “Security is overwhelming, so I usually don’t pay attention. I know I need to start caring, but where do I start?”

It’s a great question, and it’s actually the reason I’ve started this website and company.

Here’s how I answered him:

  1. Protect personal information. Best places to start:
    • Password management. Use complex, non-repeated passwords. Consider using a password manager (we love Dashlane!), and change your passwords regularly
    • Phishing smarts – being very careful about clicking links or blindly following email / popup / ad alerts. Learn about how to spot Phishing emails and Web Spam. You won’t be able to identify every threat, but you’ll miss most of them
    • Education: Make sure that family members don’t post revealing, embarrassing, or privacy-threatening information online. Don’t over-share online. Don’t post pictures that will come back to haunt. Remember that everyone from bad actors to governments to potential employers are looking at online personas now
  2. Protect your devices. Best places to start:
    • Patch and update device software. Upgrade to the latest software version (unless there is a known compatibility issue with a business-critical application). Don’t ignore vendor alerts
    • Strongly consider using OpenDNS and potentially use VPNs for privacy and security. OpenDNS also allows filtering and monitoring, so every parent should love it
    • Don’t purchase IoT (Internet of Thing) devices from dodgy manufacturers. It seems like everything is Internet-connected these days. But, before you purchase a device, ask yourself if you really need that toaster to send statistics or that fridge to display the weather. Not all IoT devices are bad, but better to be careful and safe than lazy and hacked
  3. Protect against Social Engineering. Remember, Social Engineering, at its most basic, is an attack method that involved tricking people into breaking security procedures. IMPORTANT: When we do business training, this list is really different. Please note that this is the home version of the Social Engineering discussion.
    • Be careful about who you and your family friends on social media. It’s easy to spoof a social media profile. Just remember that the 16 year old that friends your kid might be an old dude, a hacker or malware distributor, or might actually be a 16 year old. Best rule of thumb is to be wary of friend requests. Teach your family to not blindly accept every follower request
    • Remember that on social networks, we are the commodity. Social networks don’t charge for access because they don’t have to. We, the users, are their money makers. So, be wary of targeted advertising, and don’t get taken in
    • Be scam aware. Remember that the IRS doesn’t call ahead, Nigerian Princes don’t actually need to park money in your account, Microsoft isn’t proactively calling when you have a virus, your grandkids don’t need urgent Western Union transfers… this list can go on and on. Just don’t fall for well known and well documented scams

If you have questions about these items, please contact us. We can help either via the website, or in a more indepth live training. Stay safe out there!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s