To help users avoid putting their personal and company data at risk, we’ve listed some common IT security mistakes along with some way you can help avoid them.
Opening email attachments from unfamiliar senders
Phishing emails are a problem experienced by many organisations and individuals. These cleverly created e-mails often contain attached documents loaded with malware. Users should never open or download an attachment from an unknown sender and seek verification through a different channel before doing so.
Using overly simple passwords
From the names of pets and dates of birth to simple sequences of numbers like “123456”, easily guessable passwords help hackers access accounts and networks. The National Cyber Security Centre (NCSC) advises using three-word combinations to keep passwords hard to crack but easy to remember. Also, consider using multi-factor authentication for an additional layer of defence.
Neglecting to keep devices updated and patched
A computer is only protected if is updated regularly. Updates for software, apps and operating systems contain the latest security patches that resolve identified vulnerabilities. When updates and patches are not implemented, threat operators can exploit these weaknesses and acquire access to devices and systems. Always install updates as soon as they become available.
Leaving devices unattended and insecure
Personal or company devices that have not been logged out of correctly and left unattended can leave personal details or company information accessible by unauthorised people. Never leave devices unsecured and ensure you lock your computer if stepping away from your desk.
Using unsecured connections
Using public internet connections that are insecure can put any private communications or sensitive data transfer at risk. Use a Virtual Private Network (VPN) instead. Through the VPN, all data traffic is sent via an encrypted virtual tunnel, effectively hiding your IP address when you’re using the internet and keeping your location private. VPN connections can also help keep you secure from external attacks.
Oversharing on social media
Cybercriminals will use public content shared on social media to their advantage. Social engineering attacks are formed by using personal or company information, allowing them to impersonate individuals in spoof attempts. Users should avoid sharing private information online as this can also give attackers insights into passwords and processes in use.
By being mindful of these mistakes and you can avoid common IT security mistakes. And in doing so, keep your personal and organisation’s data secure from cybercriminals.Find Out More