Currently, most computers are connected to the network, and various information is exchanged beyond national borders. Mobile devices such as smartphones and tablets have also been used in business, personal entertainment and productivity are way more than desktop PCs. In addition, the IoT (Internet-of-Things) technology that connects machinery and equipment used in production processes, social infrastructure, homes, etc. via the Internet is spreading like wildfire.
Cases of cyber attacks have also become conspicuous behind the convenience due to the spread of such networks. It can be said that enterprises have not only taken measures against leakage of personal information but also have to protect the network and all the systems and computers connected thereto from the threat of cyber attacks, but the reality is the corporate world has deep pockets to fund credible cybersecurity defense systems. What about the ordinary everyday Internet user?
Here are some of the tips for common users in order to keep themselves secure and private online:
- Using plain passwords alone no longer cut it when it comes to securing and identifying oneself online for a particular web service. This is because of the constant push of the threat actors with their phishing attempts and virus development. Many websites right now have started to offer two-factor authentication for their users, but not enabled by default. It is prudent for users to take advantage of this in order to lessen the chance that someone else will log in to their accounts without their consent.
- Operating systems are constantly being updated to fix bugs and security vulnerabilities. Same goes true for the application software running on top of the OS, as long as the version is still supported, the developers are regularly patching them to be safe. Internet-facing apps like browsers and extensions are the most exposed applications that need constant patching, and these should never be ignored.
- It is a good habit for everyone to encrypt their data before uploading to a cloud storage provider. Yes, many if not all the current players in the cloud storage market have AES encryption implemented, but just to be safe it is better for the files to be encrypted first before uploading. There were instances from the past that the storage drive was accessed by someone else, luckily the user uploaded encrypted files, hence they are rendered useless without a password.
- Never trust random links seen in email and instant messaging applications. Most especially if the links posted came from a URL Shortener service. URL Shortened websites are convenient to use, especially when users want to communicate it to a limited communication tool like Twitter. However, the bad about the use of a URL shortener website link is the non-transparency of the actual destination site. The user has no way to determine if the destination site is safe or not with URL shorteners.
- Never trust claims from a random person, it may be from an instant messaging on Facebook, a random phone call or an SMS message. The parents’ advice to their children of “don’t talk to strangers” is also applicable and helps people keep themselves online.
