Safety for everyone

2021-02-08

A hacker attack can cause many problems, not only in personal but also in corporate environments. It is wrong to assume that we cannot be a target. Anyone can be caught in the crossfire, and the damage caused can mean loss of control over data, customers, and reputation; but also can mean the possibility of being fined.

However, it is not enough to invest in the latest tools. The human factor remains a weak link that can only be strengthened by increasing awareness. To ensure the security of our data and prevent it from being easily obtained, we have collected some useful advice for users.

In companies where an Information Security Management System is in place, standards require the presence of regulatory documents that regulate user activities and work with corporate equipment. Those who have worked in such a place are familiar with the following examples and guidelines to follow. For those who have not even heard of a Clean Desk, Clean Screen policy, we recommend adopting the following advice in everyday life. Whether it is private or equipment and data provided by our employer, especially in the age of the home office, where we prop up the corporate laptop with a cookbook.

Paper cannot be hacked, but it can be stolen or have information read from it

In our work, we have a responsibility to handle data and confidential information with care. Let’s make sure to keep non-essential information carriers or documents that are not related to the job at hand locked away. Why keep the accounting document from two years ago in front if we don’t need it for our current work?

We don’t display our secrets on the kitchen cabinet for guests to see. Why would this be any different for business secrets or confidential information?

When receiving guests, we don’t leave our underwear out in front, except for when they have just been hung to dry. Similarly, in the office environment, any document or paper that is not relevant to the visit and not essential should be locked away when receiving a visitor or guest.

Keep unused documents in a lockable place

It’s also true that at home, documents containing client or personal data should be locked away if we don’t return to our workstation that day. The employer may not accept the excuse that the dog ate the report.

The most appropriate solution for storing documents is a lockable cabinet, which can also keep curious hands away. Although, a child’s drawing on the back of a contract may bring a smile to the client’s face. Unnecessary documents containing confidential information should be destroyed in a document shredder, or at least torn before throwing them away. If we need paper-based materials for our work and bring them home, we should return them to the office when the task is finished and not store them unnecessarily at home.

How to be mindful when using our computer

We need to reinforce the security of our computers from several angles compared to paper documents. As users, we must do everything in our power to keep our data safe. We can say that we need to introduce defense measures that are proportional to the risks. We must examine what data we store electronically and what value they have for us. No one wants to lose or give family photos or medical records to unauthorized persons.

When purchasing devices, choose a reliable manufacturer and use legitimate software during installation. Turn on the security solutions provided by the operating system (e.g., firewall) and install anti-malware software beyond that.

When using the devices, set passwords and create multiple user accounts for family members if necessary.

A weak password is like a key under the doormat

During computer work, keeping efficiency and reasonableness in mind, we should close any document or application that is not necessary. Any malfunction or minor system error can cause problems and data loss in running applications. Just think about how frustrating it would be to lose a day’s work just because we left a text editor open in the background and didn’t save the file.

Especially in busy places, but even at home, we should lock the screen whenever confidential information is visible and we leave the workstation (e.g., using the Win+L key combination on Windows operating systems).

Staying safe on the road

During travel, with a client, or when working in a public place, we should always keep our mobile devices (phone, tablet, notebook) with us and not lose sight of them. If we need to leave them unattended for a longer period, we should use a security lock (Kensington lock). We should encrypt our devices where necessary.

We should protect our mobile devices with screen locks and passwords. We should not use public networks or public computers for work or for accessing personal accounts.

Let’s set up or download software that allows remote tracking of our devices. For example, the “Find My” application on Apple devices includes such a feature for remote wiping in case of loss or theft.

Make sure that our devices, applications, and antivirus software are always up-to-date by enabling automatic updates. Perform a full backup of all devices regularly. You can find more information about backups in this blog post.

Securing our passwords

Password security is crucial. Never share passwords with anyone. Do not use the same password for multiple applications. If we do, and someone gains access to it, they will have access to all our accounts.

Longer passwords (at least 8 characters), with random letters and numbers, and a combination of special characters are the most secure. Therefore, avoid using meaningful words or personal information (such as our birth year or pet’s name).

The security of login and user accounts can be increased with multifactor authentication, so wherever possible, use multi-step (two-factor, 2FA) authentication. With this solution, even if unauthorized persons obtain our password, they will not be able to access the account because an additional password or some kind of procedure (e.g., confirmation email, push message) is required.

Use multi-factor authentication for your user account

It is also important that if we no longer use a user account, we always close, delete, or deactivate it.

It is fair to ask how so many passwords can be memorized. There are already several solutions available in the form of password manager applications. The essence of the function is that we can store the login details of every account, service, application, etc. in a system by memorizing an identifier and password pair. These applications can generate passwords; warn us if we have reused the same password, but they can also indicate if any of our passwords have been exposed for any reason (data theft, system attack).

Just as we do not store the PIN code next to the bank card (right?!); we must be careful not to keep our passwords under the keyboard, and not to store them in plain text format on our computer.

We hope that with the above tips and suggestions, we can contribute to security awareness. If we can help your business with our services, please contact us with confidence at one of our contact details.

Our latest articles

Uncategorized

HU

EN

Why choose Hacktify?

Questions and answers

Bug Bounty

NIS2 - Kibertantv

Platform introduction

Our services

Managed bug hunting

Penetration test

Vulnerability Disclosure

Professional assistance

Bug Bounty Platform

Platform introduction

FAQ

Bug bounty

Learn more

Get first place

Available programs

Join the hacker community

Hacktify International Kft.

Get a quote

Services

Our activity

News and information about cyber security

See the description and supporting materials of our platform and website.

Discussions on the most important issues of cyber security. (Currently only available in Hungarian)

Our company

Learn more about our team and the background of our company

Where you have already met us or heard about us (Currently only available in Hungarian)

Visit us in person or find us online.