Cyber security expert’s tips on keeping you and your business safe from cyber attack
Archant Norfolk 2015
Cyber security expert David Higgins, managing director of cyber security advisory firm 4ITSec, shares his top tips to keep you and your business safe from cyber attack.
Be careful using Google, Twitter, Apple, Yahoo, AOL, Skype, Microsoft, YouTube and Facebook – All these sites (and more) are thought to collect huge amounts of data on you, which they sell to advertisers and allow access to government agencies. Limit or stop all use of these services. Instead of using Google to search, try DuckDuckGo.com, a free software project that doesn’t profile or track search queries.
Change your internet browser to Firefox – There’s not much difference between the big browsers, but Firefox is the most open. It is open source and it’s not owned by a giant corporation that’s part of the PRISM surveillance program like Apple (Safari) and Google (Chrome).
– HTTPS Everywhere: A web browser extension for Google Chrome, Mozilla Firefox and Opera. Its purpose is to automatically make websites use the more secure HTTPS connection instead of HTTP.”
– Blocking software: Ghostery allows users to detect and control web bugs which are objects embedded in a web page – invisible to the user – that allow the collection of data on the user’s browsing habits. Disconnect, similar to Ghostery, is an add-on that blocks web trackers from gathering your personal information. AdBlock Plus is aimed at automatically blocking ads and also blocks ad servers from tracking you.
– Blur (formerly DoNotTrackMe): One of the best add-ons for protecting your data. Not only does it block companies from collecting information about you, it also manages and protects your sensitive details like password credentials and payment information.
Don’t install random or dubious software – If you’re downloading and installing random software, there’s a VERY good chance it’s either back-doored or has some level of spyware attached to it. If you don’t need it, don’t install it, don’t risk it.
Use a password manager – Password managers are great for generating and storing long, complicated passwords so you don’t have to memorise them all. The idea is that you can generate a brand new password for every single service or account you use, reducing any risk. Make sure you have a strong, memorable master password – some use 2FA or digital media along-side the master password. There are plenty around – search the web for review sites and use the one that suits you.
Use a VPN or a “multi-hop” VPN – A VPN or virtual private network encrypts your network data through a server (or servers) and makes web requests on your behalf. This means when you visit websites, your IP address will appear as wherever the VPN’s server is making the request from. They’re good for stopping automatic ISP snooping, but they are not a magic bullet. Remember you are placing your trust in the VPN service and some may not deserve it.