Cyber Security. What does this mean exactly? Well, to some it means everything, and to many it means nothing at all. The real question is what does cyber security mean to you?
To me, it means making sure that all of my family, friends and co-workers are safe and secure when online. This could range from password complexity all the way up to disabling Remote Desktop Protocol (RDP) on your home computer. All of these are equally important, and yet many people tend to ignore the importance of all of it.
One of the reasons I hear they ignore it is because “It's too complicated for me.” I’m here to tell you it really is not as complicated as you would think. There are many small things you can do that are very simple that can really improve your safety online.
Protect yourself with a complex password.
To start: Password complexity. To me, this is one of the most important things you can do to keep yourself safe, and it's incredibly simple to do.
As an example, imagine I have the password “thisisatest.” This password can be cracked in a single day. But, if I were to change my password to “thisisatest%”, it would take 17 years to crack the password and to go even further if I had a password that was “Thisisatest%” it would take 6,000 years to crack.
As you can see, these small changes make a very large difference in time that it would take to crack your password, and that's not even following best practices when making a password!
If you were to follow the best practices when making a password (16 or more characters, combination of letters, numbers and characters), to create a password such as “bestPracticeT3st!”, it would take 93 trillion years for a PC to crack it. By crack it, I mean to “brute force” the password, which, in short, means systematically going letter by letter as the machine tries to create the password through a logical process (aaa, aab, aac, aad, aae, aaf, etc.).
That being said, it doesn't matter how complex and amazing your password is. It could be 128 characters with 40 different special characters and numbers in it, but if your password gets compromised from a data leak or you enter your password into a phishing email, it's all for nothing.
Test how long it takes to crack your passwords using Security.org's How Secure Is My Password? tool.
Don't take the phishing bait.
This is where another major aspect of cyber security comes into play, and that's keeping your personal information safe from phishers. Not fishers, who are more interested in landing a large mouth bass than stealing your information. Phishers, on the other hand, are only after your personal information. This information can range from your name and phone number and, ideally for them, your passwords.
You may be thinking, “Why are they called Phishers?” That’s because they are essentially doing the exact same thing that fishers do. There's bait for you to swallow, but, in this case, the bait is a fake email that's asking you to enter your personal information.
Phishing is the most popular way for malicious actors to acquire your secure information. I can almost guarantee that if you have been online, you have come across multiple attempts to steal your data. The best way to mitigate these attempts on your personal information is to be informed and to be diligent — much easier said than done.
Being aware that people are after your information is the best first step towards keeping your data secure. Always be wary of emails that have a sense of urgency such as “IMPORTANT NOTICE: Your payroll information needs updating.” This is a common tactic for phishers to use as they try to make you act quickly, and when you are acting quickly you're not thinking. It's incredibly important to always think before you click.
Stop, think and look before clicking email links.
Stopping, thinking and really looking at emails before clicking anything is a great tactic for cyber security. For instance, stop and think: Are you expecting this email? Odds are if you aren't expecting an email regarding something as important as your password being compromised, needing to update payroll information or an updated company policy that needs to be dealt with right at that moment, it's probably bogus.
Another thing to keep in mind is how the email looks. These days it's harder than ever to spot phishing emails as some of them are almost perfect, but there are still quite a few ways to spot these “phishy” emails. That being said, security breaches do happen, and companies will send out emails about passwords being compromised.
You might be wondering, “If I can't tell if this email is legitimate or not, how can I differentiate the information I am receiving?” The simple answer to that is sometimes you just can't, but there are things you can do if you receive an email you're unsure of.
Let's say you get an email from your bank with your account number showing within the email, but there is a sense of urgency to the message. The email looks perfectly fine and the links are redirecting to the proper site, BUT you’re still unsure. What do you do?
This one step is very simple yet incredibly effective: Go to your bank's website and log in. You don't ever need to click on any link that is in the body of an email. Although this is the most convenient way to get to exactly where you need to go, this is also how to get your information stolen. To me, logging into my bank and navigating to the required section is always worth it and one of the best ways to avoid getting phished. They can never steal your information through the body of an email if you don’t ever click the body of the email.
Now it's your turn: Put these simple cyber security tips into action.
There are many more methods and tricks you can do to keep yourself safe, but they're a little more in-depth and have less to do with the human element of cyber security that phishing preys on. What we've covered are a couple very basic ways that you can get your information stolen and a few of the simplest ways to keep yourself safe in this rapidly evolving landscape called the internet.
Looking for more security tips? Level up your account security with two-factor authentication.
About the AuthorFollow on Linkedin More Content by Aidan Corsi