Some of the best things in life really are free.
Cyber security, like any form of security, often involves spending money. If, for example, you want CCTV, locks on your doors and a burglar alarm for your business premises, then you’ll have to pay for them. You can expect the same if you want anti-virus, a firewall and a backup system for your IT.
But there are some cyber security measures that cost nothing at all. These are simple actions that can make a real difference to your safety, without affecting your budget. Can they replace cyber security technology? No, but they can complement it and give your organisation an extra layer or protection.
So as part of European Cyber Security Month, here are 10 free cyber security measure you can apply with ease.
Although password managers like Dashlane and LastPass have premium versions, the free ones are fantastic too. By using a password manager, you can easily avoid two of the most significant password mistakes: using weak passwords or reusing passwords. Password managers can generate complex, unique passwords and store them so you don’t have to remember them all. All you need to do is remember your master password.
Tablets, phones and laptops can all be easily stolen or lost, so it is vital to protect them against unauthorised access. All modern operating systems can be secured quite easily with a password or PIN, and some devices also offer biometric security, such as fingerprint readers or facial recognition. Whichever type of security you opt for (and some of them are better than others), make sure it is enabled on all your mobile devices by default. A business-class device management solution like Microsoft Enterprise Mobility + Security is advisable, but in the absence of something like that, this basic security tip can be helpful.
Just because you recognise when something is wrong, that doesn’t mean everyone will. If, say, you receive a phishing email to your work email address, don’t just delete it and forget about it. Instead, make sure to inform whoever is responsible for cyber security in your organisation, before someone else in your business is tricked into giving up personal or business data.
If you’re a TMB managed services customer, you have the advantage of knowing your Windows updates are being taken care of at all times. If, however, you manage your own updates and patching, be sure to keep up to speed with them. Falling behind with the latest security patches will leave you vulnerable to new exploits and malware.
Criminals use email to spread malware in a couple of ways: through an email attachment or with a link to a website that runs malicious code. The best way to avoid being caught out, other than using an email security solution like Microsoft Advanced Threat Protection, is to not download attachments or click links in emails unless they’re from someone you know and trust.
One small click for a man, one giant payday for cyber criminals...
If you’re not using your computer, lock the screen, so it can only be used after entering the password, PIN or biometric data. This is particularly important with laptops and other devices that can used while out and about, but it goes for workplace computers too.
Simply by changing a few settings on your router, you can block access to websites that are known to be harmful. Quad9 is an easy, free way to improve cyber security, and it comes with the backing of IBM, the Global Cyber Alliance and numerous cyber security organisations.
Data has real monetary value to criminals. Stolen personal data is sold on the dark web all the time, and companies can benefit by stealing information from their competitors regarding new products or ideas. It is essential, therefore, to encrypt important data. That way, even if it’s stolen, it won’t be of any use to the thieves. With Windows, you can use BitLocker to encrypt entire disks, including removable drives, and even iOS and Android feature encryption in newer versions.
Although it might take some of your valuable time, it doesn’t cost anything to assess your current cyber security to a basic level. Ask yourself when you last refreshed your cyber security solutions. Has any software or hardware reached end-of-life status? Are your cyber security software licences all valid?
Invoice fraud is popular among criminals, because it’s not that difficult to carry out and it can often go unnoticed by the victim for quite some time. What happens is fraudsters intercept emails containing invoices, and they alter the payment details to their own bank account, before sending the email to the intended recipient. In this way, they can make huge sums of money in a relatively short time. By confirming the payment in person or over the phone with the person who requested, you can avoid this happening to you. It might not be practical to do with every payment, but always do it if something seems fishy.