Why It’s Important:
-Assume that you will be breached
How to Stay Protected:
-Multi-layered approach
Are You Compromised?
-Pro-active monitoring

Without a cyber security strategy for your business, you could quite easily become a victim of fraud, theft and even property damage. Security and awareness are imperative when it comes to keeping you safe. While the Internet has transformed communications, its accessibilities and uses come at the price of new dangers. It isn’t just individuals who are at risk of cybercriminals. It’s everyone, from private corporations to government bodies.

Cybercriminals can gain access to your email through social engineering without the end user even being aware and gain access to valuable personal and corporate information. It’s vital you have a strong, unique password per account, so if cybercriminals steal the password for one of your less significant accounts, they won’t be able to get into your primary email account.

While the Internet has enriched the way we do business over the last 20 years, it has quite a few disadvantages which all users need to be aware of to avoid online dangers. It’s vital to keep your information and network safe. In fact, malware is more common these days and comes with different methods that wreak havoc on computers, servers, clients and PC networks.

Essentially, our society is more technologically dependent than it has ever been before – and there is little sign of this trend tailing off. For example, people post personal data on their social media accounts which could result in identity theft. In fact, confidential information such as credit card information, social security numbers and bank account details are now saved in cloud-based storage platforms like Google Drive or Dropbox. The fact is, that most popular cloud products available at the moment are not secured out of the box and unfortunately its most likely that you will be tricked into giving away your password.Here is our list on how to stay protected!

There are loads of ways to stay protected online. The two most fundamental methods are your choice of password and applying multi-factor authentication.

Passwords are the digital keys to our network of loved ones, work colleagues and our banking and payment systems. Multi factor authentication increases the robustness of the password by requiring a second form of authentication by app, sms or phone call.

The two most important passwords include those of your email and social networking accounts. The most recent security best practice advises users NOT to change passwords frequently as you are more likely to write it down or make it less complex, therefore easier to break. A complex password would follow these rules:
– Includes upper and lower-case letters
– Symbols and numbers (or special characters)
– No less than 8 characters
If you use a very common eight-character password, it can literally take a matter of seconds for this to be broken. Choose a phrase that is long, unique and easy to remember. Something like ‘simonatthezooo180DOG’ would work well. The key to producing a strong, unforgettable password is to use three random words. You can still use symbols and numbers if you like, for instance, ‘4yellowcargoats86’. Be inventive and use words that mean something to you, so a hacker can’t possibly guess your password. What’s more, your social media accounts can reveal vital information about you, so avoid using words like your pets name or child’s date of birth which are easy for cybercriminals to work out.

The next best way to secure your account is two-factor authentication, or 2FA. This is an exercise that grants web connected services secondary access to the account owner (you) in order to authenticate a login attempt. Normally, this requires a phone number and/or an email address. Essentially, when you log into a platform, you use your mobile phone to validate your identity by receiving a code on a text or email – or by typing in a code sent by an authenticator app.

Other protection methods:
– Training and awareness
– End Point protection
– Disable access to removable storage devices (USB memory sticks)
– Password managers
– Security Information and Event Management (SIEM)
– DNS protection (Open DNS or Cisco umbrella)
– Google Chrome Password Check-up extension.

So, you’ve created a tough-to-guess password, added two factor authentication and frequently scan your computer for viruses. However, that may not be enough, and your systems may already have been compromised.

It’s important to be aware of the warning signs that suggest your system has been compromised.
Warning signs include:
• Missing emails
• A computer that’s unresponsive yet working hard
• Redirected internet searches
• Unwanted browser tools
• Ransomware messages
• Fake anti-virus messages
• Regular, random pop-ups
• Colleagues receiving social media invitations from you that you didn’t send
• Your online password not working
• Experiencing out-of-the-blue software installs
• Registry editor, anti-malware or Task Manager being deactivated
• Your online bank account missing money
• Sensitive data being disclosed
• Experiencing odd network traffic patterns
• Seeing your credentials in a password dump

If you think your PC has been hacked, here are some immediate measures you can take:
• Enable 2 Factor Authentication. If this feature is available on your account, enable it immediately. If you start receiving authentication messages on your phone that you haven’t initiated, you know your account has been compromised.

• Reset your passwords. Perhaps the most essential exercise you can do once you’ve been hacked is to update your passwords on the affected accounts as well as any other accounts that use comparable usernames or passwords.

• Update your security software scan. Go into the settings section of your security software and pick an update to ensure the latest virus threats are in its database. Then, manually choose to run an in-depth scan of the whole system. This process ought to detect anything that’s contaminated your PC and allowed cybercriminals in.

• Check your email for compromise. If your email account that you use to login to services like LinkedIn have been compromised as part of a breach, then you can check and see very quickly using the following website: https://haveibeenpwned.com/

Simple cyber security tips such as the above can go a long way in stopping an online disaster, but they’ve only scratched the surface of how your users can be educated and protected. You may need an IT company to help keep you safe – or if you think you’re compromised, you might benefit from a consultation with the team at Reflective IT.

Reflective IT is one of the leading providers of IT support in London, offering a comprehensive cyber education platform designed for all types of users, from beginner to advanced. The company specialises in a range of award-winning, all-inclusive services, such as outsourced IT support, remote support, consultancy, cyber security, infrastructure and much more. Contact us today on 0207 317 4535 to see how our customised solutions can protect your users so you can have happy and also safe browsing!