Cybersecurity has become a common issue for those using new technologies. From now on, professional life and private life are no longer really distinguishable. They are linked to the use of the internet, social networks and connected objects. In addition, the advent of telework and digital nomadism makes this border even thinner, so many professionals use the same tool for private and professional use. In Switzerland, it is nearly 40 % of the population[1] who works from home.
From now on, cybersecurity concerns both the IT department of a company, but also each of its employees.
This is all the more true since cybercriminals do not have precise criteria for their victim. Every Internet user can be a potential target, whether it's a teenager following Instagram or a senior executive reading his emails at the office.
Growing cyber risks to company data and personal information
During a work day, an employee can easily navigate between personal and professional applications, and sometimes by switching from one device to another. Indeed, many users access the Internet on their personal phone to use applications provided by their employer. Phone which is, in most cases, unsecured. As a result, cyber risks are increased tenfold as they can affect both personal information and company data.
Moreover, the favorite target of cybercriminals is professional users. Indeed, they are a means of reaching the computer systems of large companies. Professional users are on the front line. Cybercriminals start by reaching for personal information by stealing banking data, for example, and then gradually intrude to access your company data. Thus, the primary objective of IT departments is to find effective solutions to protect sensitive data.
Therefore, it is necessary to ensure the cybersecurity of one's personal data in the first place to counter cybercrime. Here are 5 tips to protect your data.
1. Reduce cyber risk by protecting your passwords
Protecting your login information is the most effective solution to reduce cyber risks and limit the negative effects of an attack if it occurs.
First, you can start with your social media passwords. Our Geeks give you 3 essential rules for a strong password.
- Bet on the length of passwords, at least 12 characters
- Mix lowercase, uppercase and special characters
- One password = One social network. We prefer the unique password!
Then try to change regularly your passwords for each account. When did you last change them?
Cyberfatigue of passwords
You are certainly aware of this, but the list of passwords we need to remember can quickly become long! In general, cyber fatigue appears after five passwords. Indeed, it then becomes more and more difficult to remember, so we choose the easy way. Reusing old password or adding a single character at the end of the existing one. We are looking to simplify this process to avoid any inconvenience when we need to access applications. However, cybercriminals are well aware of this practice. Intelligent algorithms have therefore emerged to crack this kind of predictable password.
For your personal passwords, you can use a password manager like the one from Google orApple. It will allow you, among other things, to track the age of passwords, to generate complex ones and to apply security checks. In addition, these passwords will be saved and you will not have to type them each time you need to connect.
If you want to create a password yourself, but you have no idea, you can also use password creation software. The CNIL has implemented a very effective tool for this.
For work-related passwords, be sure to leverage business tools set up by your IT team to store and manage passwords. Often, users no longer need to create their own password, as this is managed by the IT department.
Enterprise password managers similarly include approval flows and auditing capabilities that IT teams need to meet compliance requirements.
Avoid storing your passwords in your browser
It is true that storing passwords in your browser is a way to make logging in easier. However, they are that much easier to steal.
In the event that you use the same password for a personal application and a professional application, the consequences of an attack are even greater. If a password is stolen and is identical to the rest of your applications, the entire computer network of your business and your home is at risk.
To avoid risk, companies are implementing password management tools that allow IT to manage browser-based credentials. For users, it is easy to access the tools they need by going through the necessary authorizations defined by the IT teams.
2. Limit the use of social logins
As you know, it is now possible on almost all applications to connect with a social network account. We call this SSO (Single Sign-On). For example, you can use your Facebook or Gmail account to create an account on a game application, social network or other. Rather practical method, because it avoids having to remember multiple passwords, it should still be avoided as much as possible. Indeed, if your Facebook or Gmail account is attacked, cybercriminals can then easily reach the rest of your accounts. Then try, as much as possible, to use unique accounts to ensure the confidentiality and security of your various applications.
Some apps require access to everything.
When using SSO, most applications request one-to-one access to your basic information. Others require full access, i.e. to your emails or application information.
3. Be careful of public Wi-Fi networks
Always assume that someone is monitoring your data on a public Wi-Fi network. Therefore, when using a public Wi-Fi network, avoid accessing sensitive data such as your banking information. Do not change your passwords on this network, and carefully check the information you will be asked for when you are asked to authenticate.
When possible, use a cellular network (4G/5G) or go through a VPN like Cyber Ghost when you need to connect to a public Wi-Fi network.
You can also disable automatic Wi-Fi connection or activate the “Ask to join a network” function. Often, cybercriminals use names like “Airport” to make your device connect automatically.
4. Think before you click
Cybercriminals know how to do it, and it happens to receive, for example, attractive emails on which you just have to click on a link to access a shock promotion in your favorite store. However, these links may simply be the means of a well-crafted cyberattack that will cause you to lose everything. Have you ever clicked on a malicious link? Pay attention to advertisements and ask yourself these questions when you receive a message:
- Do I know the recipient?
- Was I expecting this kind of message?
5. Cybersecurity for devices at home and at work
Telecommuting has become a common practice, especially since the pandemic. But it is necessary to find ways to ensure your cybersecurity and find the limit between private life and professional life. Remember: your passwords should be very different for your work and personal applications. Use tools that are appropriate for the job, and put others in place specifically for your personal uses. By creating these limits, you most certainly reduce cyber risks and ensure the security of your data.
You wish a diagnosis of your IT security ? Contact Geekworkers!
