We all know we should be doing better with cyber security and I understand that it can seem overwhelming for most people.
It should come as no surprise that any expert in any field did not get it all sorted out in one go. Experts spend plenty of time working on their skills and knowledge over a period of years.
But how can you keep yourself and others safe when skilled attackers are out there looking for ways to trip you up, cost you thousands and cause problems.
The good news is that many experts in their field are only too happy to help and understand that this is a gradual process. I will give you a simple list of 4 week-by-week tasks to help you find ways to stay safe.
Week 1: Passwords
This is one of the first areas to address as many people do not use good password practice including making the following mistakes:
- Reusing passwords
- Using weak passwords
- Incorrectly storing passwords
- Not using multifactor authentication
The key item that will make your life easier is to start with a good password manager like Lastpass (my recommendation) or Dashlane. There are free plans for these services so you can get comfortable with the managers to find the best one for you before having to shell out for a paid version.
Having a password manager means that I:
- Only have to remember 1 password to open the manager
- Automatically generate very strong passwords
- Use the password manager to automatically log me in to various apps and websites
- Store more than just passwords (Passport numbers, tax file numbers etc.) securely
Good password management thwarts a large number of breaches as attackers often use stolen or reused passwords to break into services and systems.
Week 2: Security Updates
Software updates are used to close security holes which are often exploited by attackers so keeping on top of your software updates for everything you use is very important.
Start with your main devices like computers, tablets and phones by checking for software updates at least once a month. A good way to keep up on what software has updates waiting for you is to subscribe to my free cyber security newsletter. You will be advised when to check for updates and what to expect.
The same goes for your applications from PDF viewers to phone and tablet apps.
This week will also be a great time to look at the programs you have installed and remove any programs or apps that you have not used in the last year. Outdated apps are also often exploited to compromise systems.
Week 3: Backup
This is one of the most vital parts of any cyber security strategy as this is the tool that will help you bounce back from when things go sideways. Regardless of how it happened be it hardware failure, ransomware infection or accidentally fat-fingering a key that deletes a folder it is vital to have a good copy of your valuable data somewhere safe.
There is a simple rule that can help you work out your best backup strategy called the 3,2,1 backup rule.
- 3 Copies of the data (One copy is your “live” data with two copies of the same)
- 2 Different mediums (External hard drives, DVD discs, cloud storage etc.)
- 1 backup is offsite (An external hard drive at another location, a copy of your data stored “in the cloud”)
Once you have these backups you should also test your backups by restoring data.
- Create a dummy file or folder
- Take a backup of all your data as per usual
- Delete the dummy file or folder
- Restore the data and check to make sure the dummy file has been restored.
There is software available to buy to manage your backups or you can look at the backup utilities that are often bundled with your Windows or Mac system.
Week 4: Attitude/Awareness
This is one of the best tips that most people forget. Cyber Security is not a set-and-forget deal. It takes a mindset that is constantly asking why and never taking what you see on the internet or in your email at face value.
90% of all cyber security incidents are a result of user action. This means that by simply taking a breath before you click on ANYTHING you can significantly reduce your exposure.
This is why attackers try to create a sense of urgency in their scams because people do things they normally wouldn’t when under pressure. Taking your time before deciding to follow any instructions can buy you the time you need to think about the risk and stop it from succeeding.
Bonus Week: Multi Factor Authentication
If you really want to step up your security you can enable 2 factor or multi factor authentication on services that support it.
Using an app on your smartphone (like Google Authenticator) you can use a rolling code to step up from just the username/password combination and make it nearly impossible for anyone to crack an account even if they do have your username and password.
If you have made it this far, you are probably looking at this list feeling like this is a lot to take in. This is why this post is broken down to week-by-week steps so you can take your time and come back to this post.
Cyber security is really about building good habits. The difference is that we are doing this on a shortened timeline. I can remember a time where home security systems were not a big deal but now we have constant surveillance systems for our homes, businesses and cars connected to our phones without even thinking about it. We have adjusted in the past so there is no reason we can’t adjust with a little guidance from people offering to help.
Offer to help your friends and family by sharing this post with them because when people you know are compromised, you are also put at risk.