August 20, 2020

Simplifying cyber hygiene best practices at home

George Y. Al-Koura, recently accepted media interviews on behalf of  CATA.

https://www.1310news.com/audio/the-rob-snow-show/

Here are some “be digital safe” at home tips he shared. 

By George Y. Al-Koura, CD,  Director of Advanced Cyber, Intelligence & Security at ADGA Group Inc.

We all have the power to improve cyber hygiene for ourselves and for our households. 

Cyber can sound big and scary if all you see are headlines. We can simplify to the core by describing the devices, functions and programs for all things digitally connected in our lives.  To better protect ourselves and our families from cyber risk, we need to first acknowledge that by using internet connected apps and devices, we open ourselves up to the risk of compromise. 

 

That does not mean that we need to shy away or plead complete ignorance to the risks of use, but rather to understand that it all starts with conversation and knowledge. Look into your devices and the apps that you use; ask your kids how they use theirs. By facilitating an open discourse, we can help one another understand our uses and their risks to better protect ourselves without any additional cost but a little attention, time and effort. 

 

What are some of the steps involved in better securing our own personal and home networks? Leading antivirus company Norton gives us 9 easy “best practice” steps that are outlined below:

 

Step 1: Install reputable antivirus and malware software. …

Why?

Specifically, antivirus software provides protection by performing key tasks, including these.

 

  • Pinpointing specific files for the detection of malicious software.
  • Scheduling and performing automatic scans.
  • Scanning either one particular file or your entire computer, or a flash drive, depending on your specific needs.
  • Erasing malicious codes and software.
  • Confirming the “health” of your computer and other devices.

 

Mention AV apps for mobile protection as well (Norton, McAfee) 

 

Step 2: Use network firewalls. …

Firewalls are a basic first line of defense in network security by preventing unauthorized users from accessing your websites, mail servers, and other sources of information that can be accessed from the web.

 

Step 3: Update software regularly. …

 

Update your apps, web browsers, and operating systems regularly to ensure you’re working with the latest programs that have eliminated or patched possible glitches. Setting up this feature to update automatically will help ensure you have the latest protections.

 

These updates are particularly important because they often include software patches. Software developers issue security patches whenever they discover software flaws — flaws that could let in viruses or hackers. Developers may not always alert you when a critical patch has been implemented, because this might give hackers the heads-up, as well. Thus, regular updates will ensure these patches plug any holes in your software.

 

Step 4: Setting strong passwords and better managing them.

 

Setting strong passwords for all of your devices is essential. Your passwords should be unique and complex, containing at least 12 characters along with numbers, symbols, and capital and lowercase letters. Changing your passwords regularly — and never sharing or reusing the same password — will help prevent hackers from figuring them out.

 

Additionally Mention:

Brute Force attacks, password randomizer, Fake Banking applications (stealing login credentials), and keyloggers (usually part of advanced malware that infects systems via common vectors like phishing emails)

 

ProTip: Mention KeyPass password management tool.



Step 5: Use multi-factor authentication. …

 

Two-factor or multi-factor authentication is a best practice that offers an additional layer of protection. Two-factor authentication usually requires you to submit your password and username along with, say, a unique code that is sent to your cell phone. This may be all that is needed for some systems, but multi-factor authentication adds additional layers of security with the use of biometrics, like facial or fingerprint recognition, to make it harder for hackers to gain access to your device and personal information.

 

Mention:

 

FaceID or finger-printing access control on your phone or Google Authentictor



Step 6: Employ device encryption

 

While most companies automatically have data encryption processes in place, you also may want to encrypt your devices and other media that contain sensitive data — including laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage. 

 

In fact, many devices use encryption as the default for data stored on smartphones. Some apps are using end-to-end encryption, and other services encrypt data on your devices and back them up in the cloud. Another option is to use an encrypted USB memory stick for protecting sensitive data.

 

Mention:

 

  • Problems with Zoom video conference app at start of covid, issues with their E2E encryption allowing unauthorized persons to enter active conference meetings or accessing previously recorded sessions after the fact.
  • Use of a Virtual Private Network (VPN). Beyond getting you access to American Netflix, a VPN is virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
  • VPNs are also an excellent way to add a layer of security to your web browsing. I personally use VPNs on all of my computers and mobile devices because it is just one extra layer or data security that a bad actor would have to break in order to compromise my systems. 

 

Step 7: Back up regularly. …

 

It’s also smart to keep your files secure by backing up important files offline, on an external hard drive, or in the cloud. This can help protect against many types of data loss, especially if hackers gain access to one of your devices.



Step 8: Keep your hard drive clean.

 

If you’re selling your laptop, tablet or smartphone, it’s important to ensure your personal or sensitive information doesn’t get passed along, as well. If your device is hacked, a clean hard drive means less information that’s accessed.

 

But merely deleting files or data may not be enough. Part of good cyber hygiene is reformatting and then wiping your hard drive clean. For example, if you want to sell your computer and have used it for online banking, you’ll want to consider disk-wiping to remove software and data from your hard drive.

 

Step 9: Secure your router

Don’t forget to protect your wireless network. This involves turning off and updating the default name and password the router came with from the manufacturer, turning off remote management, and logging out as the administrator once it’s set up. Also, make sure your router offers WPA2 or WPA3 encryption to maintain the highest level of privacy of information sent via your network.

 

Step 10: Beware of the Phish!


Phishing, or “spearphishing” when it is directly targeted at an individual or small group, is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication. If and when you encounter an email from your work, a supplier, your local bank, insurance or credit card agency, take a moment to see if it actually looks legit. If they ask you to do something that is out of the norm, such as accessing a strange looking link or opening an attached file where they normally wouldn’t transmit files like that, you are likely dealing with Phish. Verify with the real sending organization if they sent you this communication first! If it turns out that it’s a real thing, they’ll let you know. Otherwise—don’t fall for the phish!

 

George Y. Al-Koura, CD is the Director of Advanced Cyber, Intelligence & Security at ADGA Group Inc. A leading figure in Canadian Cyber Security, George has served as a communications and digital security professional for 15 years in military and commercial organizations.