Trust but verify
On the Internet, paranoia in healthy moderation is required. Either it is a webpage, a message on a social media platform or an e-mail, always keep in mind that you do not know who can sit on the other side, especially for an “offer you can’t refuse”.
Although the word manager evokes something complicated, it is actually quite simple. A password manager is important at home as well as at work.
It is important to use complex passwords. What does it mean? Strong and hard-to-guess passwords. For example, choose the sentence you have read in the book and is easy to remember. Also use diacritics and spaces, lower and upper case letters. Do not limit the length.
But more important is to use a unique password in each service, and thus avoid compromising all services via leakage of one password. Wondering how to remember all those passwords? For sure, do not place them, written on a paper, on a computer screen. There is a large number of secure and user-friendly password manager programmes.
Even “two-factor” is not rocket science. All major social media platforms as well as applications already provide the possibility of two-factor authentication. Some of them even enforce it.
The principle of two-factor authentication is based on providing another piece of information after entering a password when logging in. Most often it is a one-time passcode, a software-generated token or a hardware token.
There are many options. However, we recommend using other than SMS form for two-factor authentication.
We share a large amount of content on social media platforms, which can also reach unwanted addressees. Therefore, set up what and with whom your social media platform can share. Public contributions, available to anyone, are an excellent source of information for attackers.
New applications and services
Honestly, have you ever read what information the application you were about to install will collect? Certainly, a game in your mobile phone does not need to use your microphone or an e-mail access.
If you want to know which and how the data is collected by a particular application, check the Apple Store website for Apple products (not in the App Store on your device).
Consider pros and cons of installing the application with so many permissions on your phone. If possible, disable privileges that the app does not need. Beware of fake applications. In the past, we have already pointed out that issue and our recommendations can be reviewed here.
Applications and services used
Do I really need so many applications on my phone? Each application collects, even if used minimally, a certain amount of data that increases the risk of its appearance on the Internet.
If you do not use the app, it does not mean that it does not gather information.
Do a general cleaning (not only spring-cleaning) on your phone and computer. Get rid of apps you have not used for a long time or those that you no longer need. When deleting them, do not forget to delete the data they have collected and, ideally, deactivate the account created with them.
Do you like shopping online? If you prefer payment by card, use a virtual single-use card. Most banks already offer this option.
The whole principle is based on the fact that before making purchase, you have to generate a virtual one-time card in the bank application and pay with it, and after that the validity of that card elapses. Therefore, you do not have to worry that in the event of a data leak, the attacker will obtain data about your real card.
Even when browsing websites, you upload a quantity of data that can say something about your online behaviour.
Read what data the site collects about you and do not click on “accept” immediately when notified of data collection via cookies. Here, you can also, at least partially, edit what the site can find out about you.
The golden rule for updates is not to ignore them; and not only in the case of the operating system of your computer or mobile phone.
It is necessary to update also the apps you use as they may contain serious vulnerabilities that the attacker can exploit to access your data and/or control your device.
Secure Internet connection
A secure Wi-Fi network is essential. Connecting to free Wi-Fi networks (even encrypted) is risky. You do not know who can track your communication.
Even if the public network is secured with encryption, it does not increase security. Anyone who connects to such network is able to decrypt any communication on the network because the key is the same for all connected devices.
Nowadays, a standard solution is the use of VPN (Virtual Private Network) — an encrypted tunnel as another layer of security not only when surfing the Internet. However, it is important to choose VPN solutions with a good reputation.
One time use e-mails
Do you need to register for a service that you use only once or it does not matter what e-mail you use for registration?
Use a so-called disposable e-mail. It is a service based on a one time use or temporary use of an e-mail (for example for 10 minutes). So, in the event of a data leak, you will not care that the attacker has got the information about your e-mail — it will no longer exist.
« Späť na zoznam