Connect With Us Today!
1. Don't Borrow Or Share Charging Cables
“There are certain things in life you just don’t borrow”, says Charles Henderson, Global Head of IBM’s X-Force Red. He’s not talking about undies – he really wants you to stop sharing charging cables. What has driven a specialist in device penetration and vulnerability research to give us this advice?
At this year’s DEF CON Hacking Conference in Las Vegas, he watched a hacker take control of a MAC computer and implant malware through a modified iPhone lightning cable – in other words, the hacker used a cheap USB charging cable.
This type of malicious technology is currently not widespread. A hacker would need access to your device or convince you to do a cable swap. So, stick to using your own charging cables and don’t share, and you can take this type of attack off your ‘watch’ radar.
But there is one place perfect for this kind of malicious technology that can catch you unawares – USB charging stations in public places, like airports. It’s not worth the risk! If you’re a frequent traveler, take a spare power brick with you to cover times your devices need extra juice.
2. Mix Up Passwords On Your Different Online Acconuts
Passwords are critically important to good security! Weak passwords are the primary method used by cyber criminals to access your device, your email server, send out mass spam emails and steal or encrypt your data and lock you out until you pay a ransom!
The good news is you can master control of your passwords quite easily. Check out the simple tips Nathan Warnecke, Director at itro, gives in his article, ‘What’s a Good Password?’.
3. Keep Your Device Current With Security Updates
Security updates give your devices the latest, most effective defense ‘tools’ to keep them safe from cyber criminals. Every day hackers are releasing new malware and malicious code to infect devices, and every day software developers work on creating security updates to protect their clients. So, it’s very important to keep all your devices – computers, laptops, smartphones, etc – current with security updates.
Office computers are easy to keep updated. Your IT Administrator (should be) automatically managing your user accounts, installing specific programs and security updates without you needing to think about it. But if you use a mobile laptop like I do (I have a Microsoft Surface and I love the flexibility it gives me), you need to give your device security a little more attention.
Whilst your laptop may be configured to download security updates when you’re in your office, it’s important you develop the habit of checking for updates on a regular basis when you’re away from the office. I recommend you check at least twice a week, and this is really easy to do. The hardest part to adopting this tip is remembering to do it until it becomes your habit!
Security updates are accessible through your device’s Settings. For example, to update my Surface I click on the ‘Start’ button – ‘Settings’ – ‘Update & Security’ – ‘Windows Update’ and then ‘Check for Updates’. Easy!
If you’re not sure how to access your device’s security updates, ask your IT person for help. They’ll love to know you’re taking the security of your device and business network seriously.
4. Think Before You Click
The Internet is a gateway: a two-way connection to services, people, products, ideas, and more, which is why it’s such a valuable business tool. However, it can be difficult to qualify if a person or website offering you connection is as publicised – legitimate – or malicious.
The simplest way for you to manage your ‘gateway’ and control who you contact, and who gets access to your device, is to check a link (also called hyperlink) before you click.
And it’s easy to check a hyperlink! All you need to do is hover your mouse cursor over a link to view and read its full pathing. Usually the pathing is a good way to check legitimacy, and what domain a link will redirect you to.
For example, an ad or article invites you to click on a link to access discount mail services from Australia Post. You hover over the hyperlink and see the pathing (the route it will redirect you to) is: ‘[email protected]’. Would you click on this link?
In this case, the domain is your giveaway that the link is malicious. Legitimate companies have their own domain names. Anything from Australia Post will come from their own domain (@austpost.com.au) – not Google, or Yahoo. If any link path seems odd, then don’t click on it.
5. Be Selective When Adding Apps To Your Device
Not all apps are safe, and some are malicious, so think twice before you download an app. Before you download, take a moment to read user reviews. If you’re still unsure, get advice from your IT team. And this is my big tip… please don’t assume an app is safe because it’s available on a big platform, like Google Apps, Apple iStore or Microsoft Store.
Now I’m not saying Apple or Microsoft apps are dodgy. Apps developed by well-known software companies such as Apple or Microsoft are fine. However, App stores are open marketplaces for developers with varying motives, so be cautious with apps created by unknown designers.
6. Lock Your Device Before You Leave Your desk
Ok, for most of us our office is a safe work environment. In safe offices the biggest risk to leaving your device unlocked and unattended is having an office ‘joker’ send out a funny (ha-ha) email supposedly from you.
However, it’s a good idea to lock your device before you walk away, particularly if you work in a common-traffic area or hot-desk space where you don’t know everyone. This simple step protects you against emails and files being sent from your device that you didn’t write, know about or authorise.
7. Get A Carry Bag That Suits Your Travel Habits
A great way to protect your device on route is to get a carry bag or pack that best suits your travel style. Be practical about what you need and be prepared to spend a decent amount to get something good. Something that costs a lot but protects your device (well padded, secure location and room for your own charging cable and spare power brick) and protects you (comfortable to carry and use) is worth the expense.
You may even need two options: one you’re happy to take on public transport or travel, and one for business functions and meetings.
The best security starts with you. If you’re cyber-security aware, and adopt these tips, your give your devices the best protection.