Keep These in
Mind While Using Internet- Internet Security
The
Internet
security is threatened by all kinds of malware, data theft or invasion of
privacy. The era of mobility, home automation, the smart car or the Internet of
Things, have greatly increased connected devices, the way of hosting
information and the way to access online services and applications of all kinds
with which we connect to hundreds of millions of users daily, increasing
security risks for consumers and businesses.
The
rise of phenomena such as BYOD, despite its many advantages, is a challenge for
IT departments as the number of devices that connect to corporate networks and
have access to corporate data multiply. Furthermore, the increase in
teleworking and tele-study due to the corona virus pandemic has complicated the
cybersecurity situation by taking millions of computers out of business
perimeter networks (generally better protected than home networks).
And
what to tell you about the malware. The "bad guys" are ahead of all
protection systems and cyber attacks are becoming more numerous, sophisticated,
dangerous and massive. Only Ransomware, the main cyber threat so far this year,
is capable of destroying business and consumer networks and equipment in half
the world. And we are left with cyber espionage ... as dangerous and massive as
malware.
Achieving
100% security and privacy on a global network and in such a connected world is
simply impossible despite the improved hardware and software protection
implemented by equipment manufacturers and system and application providers.
However,
from the client section we can and must increase protection by observing a
series of tips such as those that we are going to remind you in this article
and which include the strengthening of online accounts, applications, equipment
and the precautions due in the use of the Internet and its services. And a lot,
a lot of common sense.
1- Protect browsers
All
web browsers include advanced total
security features whose activation we must review and configure
because they are the applications with which we access the Internet and its
services. In addition to reviewing end-to-end encryption in sync, we must pay
attention to warnings about insecure sites. We should also review the installed
extensions because some are a frequent source of malware introduction.
To
improve privacy, nothing better than using incognito mode, a function that all
the major providers offer today as a temporary private browsing session that
does not share data with the browser, does not save information about web
pages, or browsing history, web cache, passwords, form information, cookies or
other website data, deleting these or other temporary files when we end the
session.
2- Manage passwords well
Massive
violations of the security of Internet services are the order of the day and
with it millions of passwords are exposed. The reality is that passwords are a
horrible method both in terms of security and usability, but until more
advanced methods that have to come from biometric identification are
consolidated, we have to continue using them.
The
golden rule is to have a strong and distinct password for each website. Long,
random passwords prevent brute force attacks, and using a different password for
each account avoids having all of them compromised at once when a data breach
occurs. The password managers that are able to generate and remember dozens of passwords
are a good tool to reduce human error.
3- Use two-factor authentication
Two-factor
(or two-step) authentication provides an additional level of account security
as it is not enough just to breach the username and password. The service is
available on most major Internet services and should be used whenever possible.
Generally,
it uses a verification code served through a mobile application or SMS, as a
mechanism to confirm the identity of the user but adding additional security to
the use of passwords. This method makes cyber attacks extremely difficult,
especially 'brute force' ones.
4- Use security solutions
Operating
systems such as Windows include the native Windows Defender security solution
as basic protection for a consumer. It is the minimum that we should use or -
better - bet on specialized providers that offer a good number of security
solutions, many of them free. Advanced or professional users should consider
using a comprehensive commercial security suite and also other security tools
such as a firewall.
Data
encryption systems such as Bit Locker, available in some editions of Windows,
are very useful for business users, as they allow the data on a computer to be
encrypted or "encoded" to keep it protected against threats such as
data theft or exposure in the event of loss, theft or inappropriate removal of
equipment.
5- Update operating systems and applications
All
operating systems have automatic or manual mechanisms for installing security
updates. They are security patches that are delivered from time to time against
known threats and must be installed.
As
important -or more- than the above is the update of installed applications to
the latest versions since these usually include security patches. When the
versions are older, they have a greater risk of being attacked by
cybercriminals who find vulnerabilities in the program, with special incidence
in some such as Java, Adobe Flash or Reader.
6- Beware of free wireless networks
Free
access points have been spread over multiple areas in towns, restaurant areas,
airports, train or metro stations, hotels and in all kinds of businesses.
Several studies have confirmed the intrinsic insecurity of these public
wireless networks and the ease of cybercriminals to exploit them.
They
should be avoided as long as they can be opted for dedicated mobile broadband
networks with greater security and failing that, they should only be used for
inconsequential and occasional browsing, without using them for accessing
sensitive services such as online banking or those that require real user
authentication.
7- Use VPN to improve privacy
The
use of virtual private networks is an option for those who seek greater privacy
and thus greater security on the Internet, since they hide the user's IP
address and redirect traffic through an encrypted VPN tunnel.
This
degree of "invisibility" offers direct improvements in security
against computer attacks, privacy against data theft and identity theft, and
other added advantages such as protecting identity online, safeguarding
electronic transactions and Internet purchases or allowing security in the use
of public Wi-Fi networks.
8- Evaluate the hardware security keys for vital accounts
For
vital accounts, especially in business environments, it is worth making an
additional investment to protect the accounts using a hardware security
mechanism. Generally it is a device in pen drive format that connects to a USB
port and contains a high security encryption engine.
The
whole process is carried out within the hardware and although they have not
been totally infallible when using Bluetooth connections, in general they greatly
increase the security that we achieve through software.
9- Use backups
We
already said that 100% security in a global network does not exist and not only
because of malware, since a hardware can error cause the loss of precious
personal and / or professional information. Therefore, making backup copies is
highly recommended for a user and professional who intend to protect personal
and corporate information on a computer equipment in addition to being a
maintenance task that contributes to the health of the hardware.
The
backup copies must be stored in a storage device external to that of our team
or in a cloud storage service that in the event of any attack allows us to
recover the data.
10- Common sense
Prudence
is one of the preferred barriers against malware and it is advisable to be
extremely cautious against phishing or ransomware attacks that a little bit of
attention can prevent, because they use user carelessness.
To
do this, we must avoid installing applications from unsafe sites; the opening of
unsolicited emails or attachments that arrive from social networks or messaging
applications; browsing certain Internet pages; or use outdated operating
systems and applications, which contain vulnerabilities that can be exploited
by cybercriminals in malware campaigns.
No comments:
Post a Comment