There are so many every day things you might do, that could actually put you at risk when using your devices, whether personal devices or work devices. Even the most security conscious individuals could miss or misuse these simple things that could end up becoming a security risk. Here are 6 things you might do on personal or business devices that could put your security at risk.
1. Not Updating Software
• People often delay updating software on their devices as updates can appear at times when there is critical work to be done. However, this puts your device and any connected devices at risk as many updates occur because of recognized patches or vulnerabilities within the previous update of a device. If you do not update in a timely manner this leaves your device susceptible to those cyber criminals who have found the vulnerability and can exploit it.
2. Single-Factor Authentication
• Biometric authentication is important for any and all devices when possible, but the problem with this is that people think single-factor biometric authentication is secure enough. However, despite it being biometric authentication, you should still add a second biometric factor to increase the difficulty of hacking or gaining access to the device. Biometric factors are very strong but not invulnerable or impenetrable – many researchers have shown proof of cyber attacks against plenty of biometric authenticated and protected devices. While they are not totally 100% secure as single-factor authentication, they are still very secure measures and are very useful in multi-factor authentication.
3. Shortened URLs
• This is more relevant on social media where word and character counts are important. If there is a lengthy URL, people will use link shorteners, such as bit.ly, to fit character counts and to make the link look better. However, this can become a cyber security risk. When links are shortened using these websites, you can no longer tell for sure where the link will direct you as there are no identifiers within the shortened link name and you can not hover over it to see where it actually leads. It is important to only click shortened URL’s from trusted sources or to use a URL expander when a link is shortened. The expander will you show the true URL destination, helping you to avoid risky websites.
4. Clicking Any and Every Attachment
• While you might be aware and conscious of most phishing schemes, most people do not realize that attachments in emails or on websites can be just as dangerous as clicking on unsecure links. Other than just not clicking on these unknown attachments, it can help to install more security that will then require extra steps and assurance before the attachment would be opened. Other than extra security systems, email and website filters will help to get rid of suspicious attachments and prevent you from opening or interacting with them.
5. Connecting to Public WiFi
• Almost every store or restaurant we go to, now offers free WiFi. While a lot of people utilize free WiFi most places you go, it is important to be cautious and honestly avoid free WiFi if you can. Anyone can connect to the WiFi if they are in the area and trained cyber criminals can attack your device and anything associated with it through the free WiFi you both would be connected to. The best way to combat this is to not use WiFi you are not familiar with when you are out in public. In addition to this, you should use a VPN everywhere you go, making your personal information secure as well as any information relating to your business when you are remote.
6. Weak Passwords/Authentication
• Passwords are typically included in multi-use authentication and are also unfortunately used as single-use authentication; however, the real security risk lies within people not using strong or complex enough passwords. Password weakness usually happens because people do not want to create an overly complex password that they might end up forgetting. Another problem that often happens with passwords is that people will reuse the same one for all of their devices, accounts and more, which means that if someone is able to figure out your password for one thing you own, they then have access to everything else. The best way to combat this, especially if you are worried about remembering complex passwords or different passwords for every account, is to utilize a password manager. You then only need to remember one password for the password manager, and then all of your accounts are saved within that, and the manager can even generate secure passwords for you.