Keep Yourself Safe from Cyber-Attacks

Cyber securityTips & tricks
Written By Jo Chieng

Whenever you use a device to access work accounts or data, regardless of whether it's on a work or personal computer or mobile, it introduces a security risk.

Here are our best tips for staying safe and more secure online, no matter where you’re working.

Fortify your account

  • Use long, strong, and unique passwords, or even better - passphrases that contain a mixture of letters, numbers, and symbols. This applies to both your work and personal accounts, and your work or personal devices that you're logging onto.

  • Utilise a password manager such as Bitwarden or LastPass to simply and securely generate and store complex and unique passwords. Information in the password manager will be encrypted, so it can only be accessed with your master password.

  • Enable multi-factor authentication (MFA), which requires an additional form of ID verification to access your account. This adds an extra layer of protection and prevents unauthorised use of your login details. Keep your accounts and equipment password-protected, with MFA enabled.

Keep your connection secure

  • Log into company accounts and systems through secure and private networks only and don’t use public Wi-Fi networks, which are vulnerable to cyber breaches.

  • Change the default password on your wireless router, as it’s easy to access and designed to be changed. If you don’t, an attacker within signal range can logon to it and change the password, effectively hijacking your network.

  • Remember that you're accessing work information, so be smart about what websites you're visiting and what files you're downloading. Refrain from accessing suspicious websites or downloading dodgy, unauthorised, or illegal software.

Keep your emails safe

  • Check the sender email address and sender name to ensure they're legitimate and watch out for suspicious or misleading domain names.

  • Be especially cautious when opening emails containing a warning banner to show that it came from an external source.

  • Be wary of clickbait titles and aware of inconsistencies or red flags such as spelling or grammar mistakes, capital letters or excessive use of exclamation marks.

  • Inspect URLs carefully to make sure they're genuine and not imposter sites.

  • Don’t click on links or attachments from senders that you do not recognise, and be especially wary of .zip or other compressed or executable file types.

  • Don’t try to open any shared document that you're not expecting to receive.

  • Don’t provide sensitive personal information (like usernames and passwords) over email.

  • If you can't tell whether an email is legitimate or not, check with the person who it appears to have been sent from, or ask your IT team.

Protect work and personal assets

  • Ensure your antivirus or endpoint security software is installed and up to date, as this is one of the most fundamental security safeguards that protects your computer from malware and other malicious threats.

  • Don't leave devices open or unattended and turn off your screen and lock your device when leaving your work area. Store equipment in a safe and clean space when it's not in use.

  • Install software and system security updates/patches, as these updates often fix vulnerabilities that attackers can find and use to access your system.

  • Don't access company systems from other people's devices, and don't lend your devices to others.

  • All staff are obliged to protect confidential data that is sensitive and valuable like financial records, data about customers, partners or suppliers, patents, or product technology.

  • Avoid transferring confidential data to other devices or accounts unless absolutely necessary, and when a mass data transfer is needed, please ask the IT team to assist.

  • Any data transfer must follow company data encryption and protection standards and should only be sent to authorised recipients who meet the required security policies.

Be vigilant and cautious

  • Report any suspected scams, privacy breaches, and hacking attempts to the IT team as soon as possible, as this will help them to protect business data and networks against cyber-attacks.

  • Report stolen or damaged equipment immediately to the IT team.

  • If you spot a perceived threat or possible security weakness in the company systems, let the IT team know as soon as possible.

  • Keep a "security first" mindset at all times.

Jo Chieng
Previous

Don’t Get Reeled in by Holiday Phishing Attacks
Next

10 Ways to Protect Your Business Against Cyber Crime