pixel

Five healthy IT security habits it’s worth getting into

Thursday, April 23, 2020
Five healthy IT security habits it’s worth getting into

IT security may sound daunting, but it really comes down to sticking to good habits. Here are our five top tips to keep your IT security in good shape.

Build up your password strength

At one time or another, we’ve all used ‘that one’ password across multiple apps and websites. By now, you’ve probably heard what a bad idea this is. It’s really not rocket science – if a hacker discovers one password, they instantly know them all. So you need a unique and strong password for each and every account.

Here are a few ways to make your passwords stronger:

  1. Mix up lower- and upper-case characters, numbers and symbols. This increases the variety of combinations that a hacker has to work through when trying to guess your password.
  2. Use a password that’s at least 10 characters long. As with the previous point, the longer your password is, the more potential combinations there are. If your password is a mix of at least 10 lower- and upper-case characters, it will take hackers approximately one month to run through every combination, using today’s technology.
  3. Use a different password for each of your accounts. Stolen passwords are used to attempt to break into other accounts. So even if the account that gets hacked isn’t so important to you, you may find that your Amazon or eBay account with the same password is also hacked shortly afterwards!
  4. Avoid obvious passwords. ‘Password1!’ meets all the above criteria – but everyone uses it! Hackers will often work through a list of common passwords as their first port of call. This is known as a dictionary attack. If your password is common, they’ll crack it more quickly than if they had to guess it letter by letter.

Take up multi-factor authentication

Even the strongest password is useless if it’s stolen. However, there’s a protective measure you can put in place to prevent a hacker accessing your accounts, even if they do discover the password. It’s called multi-factor authentication (MFA), and more and more websites and apps are now offering it.

With MFA, you go through one or more additional security steps after entering your login details. They usually involve entering a number that has been sent to your device by email, SMS text message or an app – or even generated by a purpose-built electronic device or fob.

With MFA, a hacker can’t break into the account without access to one of these devices in your possession – even if they do have the password. That gives you time to reset your password and protect your account completely.

Give up public wi-fi

Free wi-fi seems like the greatest gift a public space can give you. But when it comes to your device’s security, it’s a gift you can do without.

Most public wi-fi is set up in such a way that you openly share the network with every other device that’s connected. If one such device belongs to a cyber-criminal, or even an unwitting victim of a virus or other malicious program, you’re giving them access to your own device. 

Throw out those suspicious emails and texts

Phishing emails are a very common problem for everyone. They often take the form of endless spam emails pretending to be from PayPal, eBay or perhaps a colleague in your accounts department.

The main goal of phishing emails is usually to persuade you to enter your bank or email account details into a forged version of a reputable website. However, some try to get you to download a virus or other malware, or to steal your identity. The quality of forgery in these messages and websites will vary, but there are some common clues you can look out for:

  1. The email or web address don’t match up with the apparent sender
    For example, an ‘eBay’ email coming from ‘buy-gucci-adidas-bargain144@gmail.com’, or a ‘Barclays Bank’ email from ‘online_mortgage_best_credit-tltw022@trackstar.tk’
  2. The message or linked website just doesn’t look right
    For example, it’s littered with spelling or grammatical errors, written in broken English or is more or less formal than expected for the sender
  3. The message has unexpected attachments
    Opening any attachment is risky, even if you know the sender. If you didn’t expect to receive that file from that sender, be very wary. Check with the sender by an alternative means of communication that they really meant to send it, in case their email account has been compromised and is sending out malicious files.

Keep on top of your updates

If you have to accept or schedule updates to your device or software, make sure you do it promptly. Updates very often include critical security improvements that prevent your devices from being hacked. The sooner you can install them, the less likely you are to run into someone trying to exploit this weakness in your device’s security.

-
Share this article:

Manage Cookies