Security awareness

Top 20 Security Awareness Tips & Tricks

Infosec
July 29, 2017 by
Infosec

Top 20 Security Awareness Tips & Tricks

Keeping your data safe and far away from the clutches of the hacking community is a need of the hour in today’s world. We have compiled 20 of the most beneficial security awareness tips and tricks that should be common knowledge.

  1. Don’t sell yourself short

Many forensic experts claim that the majority of their victims believed that it wouldn’t happen to them. They were naïve enough to consider themselves unimportant to the extent that they didn’t take any precautionary measures to maintain their devices’ security. Every one of us needs to realize that we are all attractive targets to hackers.

Two year's worth of NIST-aligned training

Two year's worth of NIST-aligned training

Deliver a comprehensive security awareness program using this series' 1- or 2-year program plans.

  1. Make password management a top priority
  2. If there’s one tip that can’t be considered expendable in this list, it’s this one. Setting/generating and then maintaining/storing/updating passwords astutely is something that should be practiced at the personal, as well as the enterprise levels.

    1. Don’t abandon your devices unlocked/unattended
    2. Be it a computer or a mobile phone, the electronic devices that we own contain personal data on them that can destroy us if it got in the wrong hands. Make it a practice to never leave your phones unlocked and/or unattended at any place.

      1. Be extra careful while clicking links and attachments in emails
      2. The threats posed by phishing are real and millions of people find that out the hard way every year. Always be super-wary before clicking on attachments and links because, even though the sending party might look legitimate, there is a possibility that they might not be.

        1. Use VPN connections
        2. Proxy networks or VPN clients can go a long way toward protecting you from the threats posed by the hacking community.

          1. Always keep your applications up-to-date
          2. This is something that we are all guilty of at times. The “Can’t be bothered” syndrome is inherently present in almost all of us and it often prevents us from updating applications that are dying to get a new patch running. Don’t hold off on important updates, as they are often rolled out for the purpose of removing dangerous bugs from the application.

            1. Don’t use the same password twice (or on separate accounts)
            2. This is where our desire for convenience ends up backfiring. If you have used a password once, don’t ever use it again; definitely not on the same account, but also try to never ever use it again on any other account. Imagine a situation where a hacker has cracked the password for a person’s Facebook account. Now if this person uses the same password for their Twitter account too, then guess who just got two of their social networking accounts hacked.

              1. Know what you are downloading and where you are downloading it from
              2. Always download stuff that you can easily deem to be credible; you can do so by verifying the authenticity of the website you are downloading it from and by checking the integrity of the downloaded file. Know that a malware application is often dressed gracefully to trick the victim and you won’t know what hit you (until it’s too late) if you stop being careful.

                1. Anti-virus software
                2. Your smartphones and your computers should all have anti-virus software installed. It’s also of paramount importance to keep these applications updated. If you don’t have an anti-virus application running on your device at all times, then you are virtually playing with fire.

                  1. Trust no one
                  2. The Internet is a very cruel place and you should try not to trust anybody (unless you absolutely have to).

                    1. Maintain backups
                    2. You need to periodically create backups of your computers and mobile phones. Don’t be naïve and tell yourself, “I won’t need a backup” because catastrophes and accidents can happen to anybody.

                      1. Don’t do sensitive browsing on any device that’s not your own
                      2. Sensitive browsing (that includes shopping or financial transactions) should be done only on one’s personal devices. Don’t risk your data getting stolen by doing an urgent transaction on a public computer or even a friend’s phone.

                        1. Know what’s going in to your computer
                        2. Any device that you plug in to your computer should be from somebody that you can trust. If it’s an application installer, make sure that you can verify the credibility of the manufacturing company and, if it’s a USB stick (or any other storage device), only plug it in if you know that nothing on it can affect your computer.

                          1. Think twice before creating what you don’t want to lose
                          2. Once anything starts to exist electronically, there is a possibility of its being exposed if somebody tries. So it’s always thoughtful to think twice before creating anything digital (compromising pictures, malicious emails etc.) that you can live without.

                            1. Control what you post on social media
                            2. A saying goes, “Whatever happens on the Internet, stays on the Internet” (it’s practically true), so be very careful about what you post on social media websites. It doesn’t matter if you delete the post or deactivate your account, whatever you might have said can be retrieved and can be used against you.

                              1. Don’t be a victim of social engineering
                              2. Social engineering is one of the sleekest ways of hacking someone or something. Psychologically manipulating someone to reveal information or perform a specific action is every social engineer’s forte so, before you let anybody in on sensitive details about you, make sure that you can verify their credibility.

                                1. Periodically scrutinize your accounts
                                2. Passive intrusion is also real and it’s highly likely that somebody got access to your account and/or resources without you ever knowing. It’s always a recommended practice to keep monitoring your accounts for any suspicious activity because, as they say, prevention is always better than cure.

                                  1. Avoid clicking on flashy advertisements
                                  2. The Internet is laden with flashy advertisements that will make you feel like clicking on them. It’s okay to click on them as long as you can handle the repercussions. If the ad leads you to a malicious webpage, be vigilant in closing it instantly.

                                    1. Attend security awareness seminars
                                    2. Security awareness is something that there can never be enough of. If there is a pro-bono information security seminar happening somewhere in your vicinity, try to take time out to go there.

                                      1. Two-step authentication
                                      2. Finally, always try to have two-step authentication set up on all of your online accounts. This is a feature supported by the likes of Google, Yahoo and Facebook, etc., and should be made use of.

                                        Get six free posters

                                        Get six free posters

                                        Reinforce cybersecurity best practices with six eye-catching posters found in our free poster kit from our award-winning series, Work Bytes.

                                        Final Word

                                        Information security has to be resolute in the world of today, where one small mistake can become an unavoidable predicament. The aforementioned are some of the most important security awareness tips and tricks that can go a long way in helping people keep their data safe. Want to see industry-leading security awareness and training in action? Request a demo of the Infosec IQ security awareness and phishing simulation platform or start a free account today!

                                        Infosec
                                        Infosec