October 14, 2016

Posted in:

Tagged:


Cyber Awareness Month

Cyber Awareness

October – It’s fall and time for the Great Pumpkin to come visiting everyone again… well maybe (poor Linus)! More importantly, it is also Cyber Awareness Month. Here are some tips you can use to stay safe online this month and all year round.

  1. Use two-factor (2FA) authentication when it is available. 2FA provides a way to validate who you are with a second form of authentication through a second means, such as a code sent to your cell phone. For a list of major sites that support 2FA, see twofactorauth.org
  2. Don’t reuse passwords. Consider using a password manager and have a unique password for each site. Make sure when choosing a password manager that you have the ability to view those passwords on your phone as well as the world is becoming more mobile and being able to login from anywhere is becoming more common. Another item to consider is whether you want the data to be synced to all devices or local only. There are advantages and disadvantages to both.
  3. Speaking of the constantly connected world we live in, don’t use Public Wi-Fi unless you are sure it is a legitimate hotspot. Even then, considering using a Virtual Private Network (VPN). A VPN is a private network that allows secure connections between two devices as if the two devices were physically connected to one another. There are some free VPNs out there but it is typically recommended to stay away from those as well because, as the saying goes, “if it’s free, you’re the product”. Not to mention using free Wi-Fi, it would be trivial for an attacker to setup a rogue access point with the same name, perform a Man in the Middle (MITM) attack and decrypt your data. Not sure which VPN provider to choose that will suit your needs? Check out net for a list.
  4. Staying on the topic of free Wi-Fi, submitting your credit card or other personal information over an untrusted network isn’t recommended. Anyone with a tap into that line could decrypt your traffic.
  5. If you’re really paranoid, consider using an application like Privacy.com to generate one-time/burner credit cards. It’s free, too! This way if a site gets compromised and your information is stolen, you can easily cancel that card.
  6. Never submit sensitive data over HTTP. Always look for the lock and HTTPS protocol. As search engines push to promote SSLs on all sites (even those not taking sensitive data), we hope this will be a thing of the past in years to come where no site is using HTTP and all are using HTTPS.
  7. Consider putting a credit freeze on your accounts at the major credit bureaus. Even if you have not had your identity stolen before, it may be a good idea to do this and the cost to freeze/unfreeze is minimal and you control who can view your credit. For what it’s worth, the credit monitoring that companies offer after they have been breached does not do much. That is to say, if your credit is stolen after a breach, the credit monitoring will merely let you know. It does little to protect you whereas a credit freeze potentially could. For an excellent write-up on the subject see How I Learned to Stop Worrying and Embrace the Security Freeze by Brian Krebs.
  8. Consider hard to guess security questions when setting up an account. If everyone knows your cat’s name is Fluffy and you were born in Topeka, it’s not really an effective security question, is it? Additionally, these knowledge-based authentication (KBA) answers are often sold online for cheap.
  9. Use common sense! It is often overlooked but if something looks fishy, move on. It’s better to be safe than sorry!

 

Learn about Edge Hosting’s 5 Tier Security and request a security consultation today!

Go back