Why have I chosen these topics this month? Let me tell you a story of what made me think about cyber security essentials and password security.
Learning means a lot to me. It’s not just my job (as a computer coach). I enjoy taking courses to give me specific and speedy information.
Recently I found a course that I was curious about, and I decided to purchase it.
I paid the money and completed the steps to sign up, including creating an account with a password.
As with most learning platforms I got an email – in fact I received 3.
I was horrified to discover that one of these messages had the normal – name and email address. But also the password that I had just created.
It was the full and clear password in a completely unsecure manner.
I immediately logged back into this account and changed the password.
One of the options in the account were payment details used. Fortunately I had used Paypal, so no bank details were available.
If you’re wondering – yes, I did contact the course creator. I let them know what had happened, with a few suggestions to improve things on their site.
But what I want is for you, dear reader, to have the same immediate reaction to this type of situation, plus some of the others that appear day after day – to help keep you safe and improve your data security.
Strong Password
I’m not going to go into depth of this, because there’s going to a post dedicated to passwords, and there’ll be more details there.
You should be using strong and unique passwords for all your accounts.
It’s a lot but you need to be using a different password for each system or account.
This was another part of the horror of my password being sent through an unsecured email – many hackers will always try a password that they’ve found on other accounts in your name, as we try to make life easier for ourselves by reusing passwords again and again.
Two-factor Authentication (2FA) or Multi-Factor Authentication (MFA)
More companies are using this option to help secure your accounts. In fact you may already be using this without realising.
Simply put, you sign into a website with your username and password (first factor). Then you need to enter another code, that is different each time, to confirm your identity and authenticate (or verify) that it’s you.
This is often done by sending you a code (numbers or letters and numbers) to your phone.
There are also programs that generate random numbers on a regular basis, often your phone. You tell the website that you’re using it (often they suggest which apps to use) and through the magic of tech, when you enter the code they match up and let you in.
You’ll notice in the image that there’s a countdown – the codes or tokens are set to be available for a set and often short period of time (around 30 seconds).
If you use something like this, don’t leave it for too long, if it’s close to ending, wait for the time to run out and a new code generated.
Do you have a Microsoft Account? Do you need to get a code or approve something after your password?
Then you’re using multi or two factor authentication.
Emails – Downloads and Links
It’s not a new thing, but you still need to be careful of links and attachments in emails.
While our email service providers (ESP), like Google Mail, Microsoft Outlook, Apple Mail, do a lot to help us, we still need to take responsibility.
There’s going to be a post dedicated to what to look out for around emails, but here are tips:
- For unknown senders, don’t click on any included links
- If you’re not expecting an attachment, don’t open it!
- Don’t take the senders details at face value – check the email address
Text Messages and Phone Calls
While you think cyber means computer – these tips can also relate to your phone.
Let’s face it, most phones are smartphones basically equalling a small computer in your pocket.
Text Messages
Often they can contain links to websites – which your phone can easily go to through its web browser.
As with emails – if you aren’t expecting a message or it’s from someone that you don’t recognise don’t click on it.
In a text message this is even more important, as they use a shortened link so you can’t see where it will actually take you.
It’s better to make a phone call to the person to check that it’s really from them instead of clicking.
If it’s a company that you are familiar with, if you’re not sure, don’t click the link. Instead head over to their website to check or even sign into your account.
Phone Calls
There are a lot of companies that are paid to call you to get personal details or money from you.
If you haven’t read it, take a look at my post Are you using the right language?, because knowing the company name – rather than a product – it’s a good starting point to realising if it’s safe (or not) to continue the call.
For computer programs, make sure that you know what’s the program and who’s the company. (Just repeating myself as this is such a simple and useful step.)
It’s an easy red flag when the speaker is using the application name instead of a company.
Additionally make sure that you know the name of your provider e.g. your internet service.
If you’re not a customer then someone from the real company isn’t going to call you offering tech support. đ
And I can say without a doubt – if you haven’t called a company about a technical problem first, their technical or customer support won’t be calling you up!
Next Steps
The best tool that you have is to have in your cyber security essentials ‘pack’ is common sense when using the internet.
Be cautious of suspicious websites, emails, and messages. If something seems too good to be true, it probably is. Trust your instincts and stay safe online.
Know the companies that you have accounts with, so it’s easy to spot when a different company calls you up.
If you want to learn more, there are lots of training and courses out there but a good place to start is National Cyber Security Centre (NCSC) for the UK or Cybersecurity and Infrastructure Security Agency (CISA) for the US.
Other Data Security Posts
Let’s talk basic cyber security essentials (current post)
How to stay safe from email scams
What are good password practices?
Do you really need a password manager?
How many email addresses do you need?
Recent Posts
- Do you want computer peripherals with that?Youâve sorted out the hardware, the best device and software but have you thought about any additional computer equipment that you might need for your business a.k.a. the computer peripherals? The first thing is to agree on what is a âcomputer peripheralâ. The definition that appears when you google it, is: A peripheral device, or⌠Read more: Do you want computer peripherals with that?
- Improve your results with these advanced search techniquesWeâve now looked at searching, and hopefully youâre finding your files easily. But how often are the ones that youâre looking for at the top of the results list? Let me share some advanced search techniques with you. Wildcard symbols How often have you remembered part of the filename, but not all of it? There⌠Read more: Improve your results with these advanced search techniques
- Are you searching your files to save time?How often have you spent hours looking for a file that you know is saved somewhere? Then my question is why? Searching your files is a quicker way to find what youâre looking for! OK, OK, I can hear you saying âI already know how to search Michelle!â But do you? Really? Iâm talking about⌠Read more: Are you searching your files to save time?
- Talking without the video = podcastMaybe youâve got a lot to say (not just supercalifragilisticexpialidocious) but you donât like seeing or recording yourself. In this case take a look at the podcast option. Sure youâre recording your voice but thatâs it! Whatâs a podcast? Well a dictionary definition is âa digital audio file made available on the internet for downloading⌠Read more: Talking without the video = podcast
- Is a video channel more your thing?Maybe your expertise is better shared through a video channel? If your skills are best when you show or demonstrate things to people then this may be the perfect channel option for you. Iâm not going to insult you by explaining what a video is, but letâs talk about a few things related to a⌠Read more: Is a video channel more your thing?
cyber security essentials, cyber security, cyber security for beginners
2 thoughts on “Let’s talk basic cyber security essentials”
Pingback: How to stay safe from email scams
Pingback: What are good password practices?
Comments are closed.