Internet security is threatened by all kinds of Malware, data theft or invasion of privacy. The era of mobility, home automation, the smart car, or the Internet of Things has significantly increased the number of devices connected, the ways in which information is hosted and all types of online services and applications that we connect to improves hundreds of millions of users every day, increasing the security risk for consumers and businesses.
The rise of phenomena like BYODDespite its many advantages, it is a challenge for IT departments as the number of devices that connect to corporate networks and have access to corporate data multiplies. In addition, the increase in Teleworking and telestudying Due to the coronavirus pandemic, this has complicated the cybersecurity situation by removing millions of computers from business perimeter networks (generally better protected than home networks).
And what should I tell you about the malware? The “bad guys” are ahead of all protective systems Cyber attacks are becoming more numerous, more sophisticated, more dangerous and more massive. Only ransomware, the biggest threat to computers yet this year, can destroy networks and devices for businesses and consumers across half the world. And we have cyber espionage … as dangerous and massive as malware.
Achieving 100% security and privacy in a global network and in such a connected world is simply impossible despite the improved hardware and software protection implemented by device manufacturers and system and application providers.
However, from the client area We can and must increase protection Note a number of tips that we will remind you of in this article. This includes strengthening online accounts, applications, equipment, and taking necessary precautions when using the Internet and its services. And lots and lots of common sense.
1- Protect browsers
All web browsers contain advanced security features that we need to check and configure when they are enabled, as they are the applications we use to access the Internet and its services. In addition to checking the end-to-end encryption during synchronization or sandboxing (Sandpit) we need to watch out for warnings about unsafe sites. We should also check the installed extensions as some are a common source of malware introductions.
To improve privacy, there is nothing better than incognito mode, a feature that all major providers today offer as a temporary private browsing session where no data is shared with the browser, no information about websites or browsing history stored in the web cache passwords, form information, cookies or other website data that delete these or other temporary files when we end the session.
2- Manage passwords well
Massive breaches of Internet service security are commonplace, exposing millions of passwords. The reality is that passwords are a terrible method in terms of both security and ease of use. However, until more advanced methods that must come from biometric identification are consolidated, we must continue to use them.
The golden rule is to have a secure and unique password for every website. Long, random passwords prevent brute force attacks. Using a different password for each account prevents all passwords from being compromised at the same time if a data breach occurs. Password managers that are able to generate and memorize dozens of passwords are a good tool for reducing human error.
3- Use two-factor authentication
Two-factor (or two-step) authentication provides additional account security as it is not enough to just breach your username and password. The service is available on most major Internet services and should be used whenever possible.
Generally, a verification code is used, provided via a mobile application or SMS, to verify the identity of the user, but to further protect the use of passwords. This method makes cyber attacks extremely difficult, especially those of the “brute force”.
4- Use security solutions
Operating systems such as Windows incorporate the native Windows Defender security solution as a basic protection for a consumer. It’s the minimum we should use or – better – rely on specialized providers that offer a good number of security solutions, many of which are free. Advanced or professional users should consider using a comprehensive commercial security suite as well as other security tools such as a firewall.
Data encryption systems like BitLocker, available in some editions of Windows, are very useful for business users as they allow the data on a computer to be encrypted or “encoded” to protect it from threats like data theft or exposure if lost, stolen or inappropriately Removal of devices.
5- Update operating systems and applications
All operating systems have automatic or manual mechanisms for installing security updates. These are security patches that are deployed from time to time against known threats and must be installed.
Equally important – or more – is to update the installed applications to the latest versions, as these usually contain security patches. If the versions are older, there is a higher risk that they will be attacked by cyber criminals who find vulnerabilities in the program, particularly Java, Adobe Flash or Reader.
6- Look out for free wireless networks
Free access points have been distributed across multiple areas in cities, restaurants, airports, train or subway stations, hotels, and all types of businesses. Several studies have confirmed the intrinsic insecurity of these public wireless networks and the ease with which cybercriminals can exploit them.
They should be avoided if they can opt for more secure dedicated mobile broadband networks. Otherwise, they should only be used for inconsequential and casual browsing without using them to access sensitive services such as online banking or those that require real user authentication.
7- Use VPN to improve privacy
The use of virtual private networks is an option for those looking for more privacy and therefore more security on the Internet, as they hide the user’s IP address and redirect traffic through an encrypted VPN tunnel.
This level of “invisibility” offers direct improvements in security against computer attacks, privacy against data theft and identity theft, as well as other additional benefits such as online protection of identity, protection of electronic transactions and Internet purchases, or enabling security when using public wifi Fi networks.
8- Evaluate the hardware security keys for critical accounts
For critical accounts, especially in business environments, it is worth making an additional investment to protect the accounts with a hardware security mechanism. Generally speaking, it is a pendrive format device that plugs into a USB port and contains a highly secure encryption engine.
The whole process is carried out within the hardware, and while they weren’t completely infallible when using bluetooth connections, they generally add significantly to the security we achieve through software.
9- Use backups
We have already said that 100% security in a global network is not just due to malware, as a hardware failure can lead to the loss of valuable personal and / or professional information. Therefore, making backup copies is highly recommended for users and professionals who want to protect personal and corporate information on a computer. This is not just a maintenance task that contributes to the health of the hardware.
The backup copies must be stored on a storage device outside our team or in a cloud storage service that we can use to restore the data in the event of an attack.
10- Common sense
Smartness is one of the preferred barriers to malware, and it is advisable to be extremely careful with phishing or ransomware attacks, which a little careful attention can prevent as they cause user carelessness.
To do this, we need to avoid installing applications from unsafe sites. opening unsolicited emails or attachments received from social networks or messaging applications; Browsing certain Internet sites; or use outdated operating systems and applications that contain vulnerabilities that can be exploited by cyber criminals in malware campaigns.