In today’s digital society, just about everything you do leaves a trace—your digital footprint is a part of modern life. That said, October is Cybersecurity Awareness Month and the perfect time to reflect on the importance of protecting your personal information online. Fortunately, there are several ways to lower the risk of a security breach and minimise damage in the event one were to occur. Here are five important cybersecurity tips you can take toward protecting yourself online.
The security of your online accounts relies on the strength of your password but, most importantly, where you use them. Let’s say you have a very strong password for your online banking account with a reputable institution, but you use that password on some other unrelated and less-than-secure website, like a free online game. Once that game is compromised and your login credentials are revealed, it won’t be a problem for cybercriminals to at least try to log in to your banking information with the same username and password combination. The well-worn myth here is that passwords stored on websites are encrypted. In fact, more often than not, they’re hashed. Hashing is a one-way cryptographic process that takes your plain text password and turns it into a character string. Once it’s hashed, there is no way to get it back to the original password, rather like you can’t turn hash browns back into a potato. When you make an account, your password is hashed and then stored. The password entered when logging in is hashed again and then compared to the stored hash. This opens, however, the door to vulnerabilities: where hackers are able to gain unauthorised access to a database of hashed passwords, they use precomputed tables for reversing cryptographic hash functions, known as rainbow tables, for revealing possible original passwords. Although some websites would use something called salting, which is meant to make passwords even more secure by adding a random value to each password before it gets hashed, you cannot assume that these measures are taken by a particular site. Always employ different passwords to secure your account. Consider utilising a password manager to securely generate and store unique and strong passwords for you.
Two-step factor authentication represents one of the most important things one could do to enhance security for an account. Not all websites support it, but when available, it is a layer that should not be ignored. You might be given an option, when you sign on to your bank, for example, to receive a one-use code via SMS text message, a phone call, a push notification via the bank’s app, or even email. But while this extra step is a bit of a pain, the security payoff is pretty big. Requiring that second factor is assurance that even if someone manages to get your password, they’ll also have to have that code to get in. Be particularly aware of how you are assigned this code; if you can, choose an authenticator app instead of a text message or email as those can be intercepted more easily. Two-factor authentication does not just safeguard sensitive information but sends a warning when anybody tries to log in, without your permission, therefore placing extra awareness in online security.
It is powerful in that a VPN encrypts any of your Internet traffic; therefore, all information from your device to the VPN server is just tuned for your protection. This can help keep sensitive data such as passwords and personal details from possible hackers or any nosy people, especially when you connect through public Wi-Fi networks. By masking your IP address, a VPN also adds an extra layer of anonymity when online, making it much more difficult for websites and advertisers to track your browsing habits. While most people might be aware of VPNs from advertisements that make a big deal about how they can access streaming services from other regions, their main purpose is actually to enhance general cybersecurity. This is especially true while connecting to unsecured networks, like in cafes or airports, where your data is vulnerable. It’s a small and simple step that reduces the chances of falling prey to any other online cyber threat by quite a large degree.
One intelligent, easy thing you could do to make your cybersecurity even better is to rename your phone. When you introduce yourself to other people, you may give away the name of your phone unwittingly, which in most cases includes your personal name and model of the device, hence making it rather easy for any ill-intentioned person to look for you. For example, keeping your phone’s name as “Jessica’s iPhone 14” or “Tom’s Galaxy S23” might not be the best idea. Instead, you may want to use some sort of generic name that isn’t linked back to identifying you. You could even call your phone “Smartphone” or “Device” in setting it up.
You can further enhance your cybersecurity by configuring another device dedicated to financial transactions, such as a high-trust machine. That would be a separate machine or tablet computer used only for banking and other financial transactions. You could, for instance, buy a cheap laptop or a tablet and just use it to access your accounts. You would then use this ‘segregated’ computer to check on bank statements, to transfer money, or to pay bills, or whatever you may want to do online with your money. You’d also open a separate email account, to be used exclusively for communication about finance. This would confine it in financial institutions only, therefore reducing the risk of a phishing attack since you are limiting the places whereby such sensitive information could be spread about. You should only check this e-mail on your dedicated device further compartmentalising your financial activities from your regular online interactions. This practice enhances security and allows one to be more caring with his online activities by reducing impulsive actions that may breach securities.
The bottom line of these five tips underlines the fact that cybersecurity is all about finding a delicate balance between security and convenience. The list above will add a few more steps into your online routine, but believe it or not, these measures contribute a great deal of protection that any person would be longing for. Remember, a little pain today definitely leads to major security gains later on in securing your personal information within an increasingly digital world.