How to Enhance the Security of Your Data and Devices Online?

In our quest to gain and disseminate knowledge, we tend to put our devices and data at risk online. If we understand the importance of security, we need to accept that it’s a constant process of applying best practices and mitigations intended to diminish the risk of data or device compromisation.

If you are always on the latest version of operating system, web browser and other software, you make it tough for the attackers. By keeping your devices and software updated, you can prevent hackers from massively using publicly known exploits to breach your data or device.

Make it harder for hackers to breach your data/device by keeping your software up to date. If you have your web browser, operating system and other software kept up to date, then you can prevent hackers from using publicly known feats in a massive way to attack your computer. There are no hard and fast rules for cent percent safety against phishing, malware, ransomware or spyware attacks. However, I will be sharing a few tips below, which I have followed and benefitted to a great extent:

Use Powerful Antivirus Software

 

Invest in a powerful Antivirus software. Installing a good Antivirus software that is capable of scanning HTTPS traffic as well, will safeguard your data and devices against some phishing attacks. Antivirus scanning of your encrypted web communication will analyze the content of websites you visit and try to match them to signatures of behavioral patterns of potentially malevolent websites. This will safeguard your devices from downloading files from unknown sources. A modern Antivirus software is also capable of defending data and devices against some types of ransomware attacks, so keeping this software up to date and using a renowned vendor is very pertinent to the context.

 

Follow Browsing Best Practices

Awareness about online security aspects is necessary so that you take enough precautions while browsing the internet or plugging any device into your computer. You need to understand that Antivirus or any defensive software is just an additional layer of protection to your sanity. This includes being extremely cautious while following links in emails received from unknown senders, accessing only those e-commerce websites that support HTTPS, not downloading pirated software, and so on. Additionally, you should develop the best practice of using strong passwords and a password manager that enables you to create very strong passwords without the need to remember all of them.

Enable Two-Factor Authentication

 

It’s a good practice to enable Two-Factor Authentication wherever possible, so in case your password somehow leaks or gets hacked, you still have a second layer of protection. This significantly increases the effort of a successful attack when an attacker must steal your mobile device or a YubiKey to access the service.

Use Encryption

Encrypt your hard drive, so in case your laptop is stolen, the data inside cannot be accessed. All modern operating systems and hardware support have some sort of default and safe encryption mechanisms that no longer slow down your devices. So feel free to use it to the best extent possible, including your smartphone.

Keep Data Backup Regularly

It’s an ideal practice to keep backup of your data in regular intervals, and test your backups. This will save you a lot of stress and unnecessary hassle if you are challenged by a possible ransomware attack, which renders all your encrypted data immediately unusable, or simply kills your hard drive.

Never Connect to Untrusted Networks

You should never connect to untrusted networks because these networks can perform intermediary attacks against you by intercepting the sensitive data you may transfer online.

 

Always Lock your Devices

You should always remember to lock your devices when you leave them alone, so no one can peep onto your screen, look into your emails or store passwords. It takes only a couple of seconds to plug in a malicious USB device which may compromise the security of your computer.

Increase Knowledge and Create Awareness

You should constantly educate yourself and people around you on novel security risks by reading security blogs, articles or news magazines. Any information on security is better than no information at all, so don’t worry that you need to learn a lot. A bird in hand is always better than two on the bush.

With regards to keeping your online data safe, the security hygiene practices mentioned above are some of the fundamental practices to consider. You should govern access to your online data by a strong password with enabled Two-Factor Authentication as well as connect to data repositories only from secured devices you control and can trust. You must also look at this challenge not only by securing yourself but making sure everyone who collaborates with you on the data is aware of the best security practices as well.

 

It’s great if you have it all safe and sound, but if those you are coordinating with are performing risky activities like downloading pirated games, and not using some sort of Antivirus software and they use weak passwords, then your data and devices are in for a toss. So ensure your personal investments in safety do not get compromised due to those interacting or transacting with you.

You need to be wisely judgemental in choosing the appropriate platform used to store your data. You need to be smart about who you delegate the responsibility of handling the safety and privacy of your data, because once it’s gone from your computer, you are putting your trust with the third party to deliver what they had promised you.

This doesn’t imply that your computer is the safest place to store your data, because in the case of most Internet users, it is not. However, there are things you should be aware of while sharing your data, so let me share with you my top takes and concerns I follow that work well:

• Ask yourself, is this company known in the market and has it been stable for at least 4-5 years? You are better off entrusting a company (with your data) that has been tried and tested for years, rather than getting attracted to a startup offering best of services and features that appear to be exactly what you always wanted.

 

Find out whether the company (processing your data) experienced any security breaches in the past? And if so, how did they handle it? Security breaches may happen, but that’s not really how we judge security maturity of companies. The most important part is how a company responds to the breach, how it was communicated to customers, how much time it took them to recognize the breach, how much data was lost, was it properly secured, and what’s the scale and severity of the damage?

• If you are dealing with a vendor, find out if the vendor is compliant with relevant industry standards such as HIPAA or GDPR? It is vital for you to ensure that they comply with industry best practices and invest in continuous security enhancements that had been actually verified by an external auditing entity.

• If you are opting for a platform, you must know if it has relevant security features. You want to know if they are two-factor authentication supported, cases are well documented, and it supports to use the product safely, etc.

• Before you decide on the vendor, find out how is your data processed and stored by the company. If a vendor can’t answer these questions in a clear form, then you better not trust them, because you must know what they are doing internally with your data. If they can’t answer it, then it’s a good indicator they don’t have sufficient protective measures in place. This type of compliance will be also regulated by GDPR.

• Another important point is to know how many other companies or individuals use this solution. Although it may not be the best predictor of how good the product actually is but in general you are better off using a solution for which you have similar use cases.

You should find out if this company has a dedicated security team. With the amount of risks and demands companies are facing nowadays, there is no chance they are secure without investing in internal or outsourced security operations. Lot is being written, discussed and debated about Data privacy, security, safety and protection, but it’s tough to get right in one shot. So keep reading, learning, implementing and sharing best practices on keeping your data and devices secured online. Though you may not be able to achieve cent percent perfection, prevention is a better option.