The 12 Days of Better Personal Cybersecurity

‘Tis the season – to take cybersecurity
personally and seriously.

Lots of people – maybe even including you and yours – will give and receive connected electronic devices this holiday gift-giving season. From smart speakers to video doorbells to smartphones, tablets, and more, the New Year will see many people engaging with new connected devices, at home and at work.

The problem? Each of these devices
represents a possible entry point for acts of online malfeasance. And bad
actors are always looking for ways to sneak into otherwise legitimate networks.
Once they gain access, they steal private and proprietary information, install
rogue software, enslave other connected computers, and even hold companies or
even entire cities hostage with ransomware.

Fortunately, there are a few simple,
inexpensive steps everyone giving or receiving a connected device can take to
make their devices and their lives more secure online. Here’s a step-a-day set
of recommendations that I’ll be sharing with my friends, family, and colleagues
in honor of the classic song, “The 12 Days of Christmas” (not that you need to
spread all these steps out over 12 days!)

Day 1: Shop Carefully

  • Buy your connected devices from
    reputable vendors, in person or online.
  • Read reviews. Ask your friends
    and colleagues.
  • Make sure you know what you’re
    buying, you get what you ordered, and can count on timely, hassle-free returns
    and refunds.
  • Ensure each connected device
    has a password that can be set and reset by its owner.

Day 2: “Harden” Your Device Security

  • If your device supports apps or
    services, remove any you don’t need.
  • If your device supports
    antivirus and anti-malware tools, turn them on. If it doesn’t come with any,
    find, acquire, and install some, with help from your device provider wherever
  • If your device supports software
    updates, update all software to its current version. Some updates add new or
    improved features. Some add enhancements to cybersecurity. Ensure that you and
    those who receive connected devices as gifts from you know how to acquire and
    install updates. Add reminders to your calendar of choice. Encourage your gift
    recipients to do the same.
  • Make sure you implement and
    follow your device provider’s security guidelines. (If your provider does not
    offer any security guidelines, change your provider.)
  • Remind yourself and all of your
    connected device gift recipients remember to turn off any and all connected
    devices when they’re not in use. It’s almost impossible to hack or attack a
    connected device when it’s completely turned off.

Day 3: Create Separate, Strong Passwords for Everything

  • Start with every new device. Then, do the same for every device you already have but for which you have not yet created or updated a password.
  • Replace weak passwords with strong ones. Strong passwords should, at minimum, be at least eight characters long and include a mix of upper-case, lower-case, numeric, and special characters. Never, ever leave a device with whatever password it comes with, assuming it comes with one.
  • Avoid passwords like “passw0rd” and “12345678.” Attackers see such passwords the same way opportunistic thieves see unlocked cars and homes. Yet every year, surveys conducted by numerous cybersecurity market watchers find these to be two of the most widely used passwords in the United States.
  • Don’t reuse passwords. A poll published by Google in February found that 52 percent of respondents reuse the same password for multiple accounts. This makes those passwords even more damaging if compromised, as hundreds of millions were in 2019. The 2018 edition of the Verizon Data Breach Incident Report found compromised passwords to be responsible for more than 80 percent of all hacking-related data breaches.
  • Make sure you and your gift recipients know how to change all connected device passwords, and do so at least once a year. Christmas, New Year’s Day, or the day you change the batteries in your smoke detectors are all good candidates for easy-to-remember dates for your annual password updates.

Day 4: Manage Your Passwords

Make sure your gift recipients do so as
well. At minimum, store them in your favorite contact management app, and back
them up. For more flexibility and robust security, consider a password
management tool or cloud-based service. A bit of online research or guidance
from your favorite provider of technology advice can help you find a solution
that works for you.

Day 5: Connect and Power Yourself

Public Wi-Fi networks and charging
facilities for connected devices are sometimes irresistibly convenient.
However, they can be hacked to infect connected devices with rogue software
while connecting or charging those devices.

  • Avoid pubic Wi-Fi networks as
    much as possible.
  • If your connected device
    supports virtual private network (VPN) connectivity, implement and use it
    wherever public Wi-Fi is the only option. Also use your VPN features whenever
    dealing with unencrypted web sites or online services.
  • Explore “hotspot” options for
    your smartphone with your chosen carrier, so you can connect your tablet or
    laptop to the Internet securely wherever you can get cellular service.

Consider getting or giving a portable
battery, sometimes called a “portable charger” or “portable power bank.” Some
are equipped with multiple ports, to charge more than one device at a time.
Some can be charged via a power outlet or connection to a computer. And they
all work anywhere – as long as you remember to keep them charged, of course. As
you doubtless do with your smartphone, tablet, e-reader, and laptop.  

Day 6: Drive Yourself

Almost every connected device provider offers some cloud-based storage service for your photos, other files, or files created by the particular device itself. But not everyone is familiar or comfortable with accessing and managing cloud-based services. And those services can sometimes get costly. A perfectly fine alternative is a high-capacity portable hard drive or other type of storage device. Drives that hold up to 5 terabytes of data are available for prices starting at around US$100 online – and you can access your data even when you can’t go online. (Click here to learn how we keep Huawei Cloud secure.)

Day 7: Trust, but Verify

If you haven’t already, you’re likely going to get emails, phone calls, and/or letters claiming to be from legitimate sources – but they’re not. Never click on a link you don’t recognize. Never return a call that claims to come from US Social Security, the Internal Revenue Service (IRS), or any other agency that never calls people. Never give any personal information or wire money to anyone who claims to be a business partner, boss, or relative without confirming the identity of the sender and legitimacy of the request. When in doubt, just say “No.” Legitimate actors will help you confirm their veracity.

Day 8: Validate Your Vendors

Extend the cautions you exercised while shopping on Day One to all the technology vendors you deal with. Don’t just take what vendors tell you as gospel. Validate their certifications with issuing bodies. Go online to read news releases, blog posts, and information about past security incidents. Encourage your gift recipients to do the same.

Day 9: Know Who To Call

Sometimes, you can’t get online to read the online help or engage a support agent in an online chat. You need to have a phone number and an email address for everyone upon whom you rely to keep your technologies running. This could be a paid support provider, your favorite IT person, or even the relative or colleague who gave you the connected device bedeviling you. But the time to capture the contact coordinates for that person or those people is now, before you have a problem that requires their help.

Day 10: Learn the Basics

You may have a person or some people you can call, but let’s face it: self-sufficiency is gratifying and empowering. It almost always also takes less time than calling and waiting for help. Read the instructions that come with your new connected device. Highlight or capture and store the most critical details, such as how to restart the device if it freezes up. Do the same with those bits of advice you find yourself using or requesting repeatedly. At the very least, know what operating system your smartphone, tablet, and/or computer runs, what browser software you’re using to surf the web, and the names of the apps you use most. (Yes, there are people who use computers every day who don’t know these things. Help. Don’t judge.)

Day 11: Never Stop Learning

Your journey toward greater familiarity and facility with your connected devices doesn’t stop once you learn the basics. Your devices and the software that powers them will continue to evolve, as will the apps and services you use. Your sources of knowledge will evolve as well. As will best practices for cybersecurity, as defined by industry analysts and experts. Think of every device you own or gift as an opportunity to extend lifelong learning for you, a colleague, a friend, or a family member.

Day 12: Practice Good Cybersecurity Hygiene Every Day

Cyber threats, like connected devices, evolve. Your cybersecurity must do the same. This means you should pursue all of the steps outlined here continuously, and never fail to follow all of them. This list is a floor, not a ceiling. Reach higher and further for better cybersecurity. Your connected devices and your life online will become ever more safe, valuable, and enjoyable, for you and those connected to you.

Before you switch off your devices and
screens to spend time with your friends and family during the festive holiday season, make sure you read up on how Huawei devices do the
heavy lifting when it comes to protecting your data

Got any stories about being hacked or phished? Or do you have any additional ideas about how to improve cybersecurity? Leave a comment below and we’ll share the best ideas in a future piece.

Article Source: HuaWei

Disclaimer: Any views and/or opinions expressed in this post by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Huawei Technologies.

Leave a Comment

Your email address will not be published.

You may also like