Phone Number +1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

Cyber Security Awareness Month: 6 Simple Steps to Online Safety

Written by Joseph Carson

October 3rd, 2017

Why do we continue to see so many cyber breaches in spite of our heightened awareness?  When we examine why many of the breaches in recent years have occurred, we can identify three major culprits: the Human Factor, Identities and Credentials, and Vulnerabilities.

As a digital social society we are sharing more information publicly, causing ourselves to be far more exposed to social engineering and targeted spear phishing attacks. The ultimate goal of these attacks is to compromise your devices for financial fraud, or to steal your identities in order to access the company you are entrusted with protecting. This has the potential to damage your own personal data in the process. Once your identity has been stolen the attacker can easily bypass the traditional security perimeter undetected.  And if that identity has access to privilege accounts, they can easily carry out malicious attacks under your name.

Both individuals and businesses risk becoming victims of cyber attacks when they access online services

As people—or businesses—power up devices and connect to the internet to access online services, they risk becoming a target of cyber criminals and hackers.   It is critically important to know how cyber criminals target their victims, what you can do to reduce the risk, and how to make it more challenging for the attackers to steal your information, your identity or your money.

Cyber threats can come from attackers using many different techniques, though what is clear is that people are on the front line. It’s crucial that you know how to identify the threats, or know what to look for to determine if something is authentic or suspicious.  It’s important to learn these techniques—being able to quickly identify a threat can make the difference between the destruction of your sensitive data and averting a major catastrophe.  Yes, you can be the ‘HERO’ that prevented a cyber catastrophe, so let’s help you be prepared.


#1 Back up your files—often:

Make sure you make regular backups of your important files as this is the fastest and best way to recover from nasty malware, like ransomware, which encrypts all your files and makes them unavailable until you pay up in bitcoins.  With a recent backup you can quickly get back up and running with little impact to your digital life.

#2 Keep applications and systems up to date

Allow your applications and systems to get those much-needed security updates, and then allow your system to restart.  This is one way to keep common cyber threats from easily accessing your devices and stealing your information, your digital identity and your money.

It’s your responsibility to protect your account so protect it wisely.

#3 Use $rOng3r & 5m@rt passwords & passphrases

When choosing a password/passphrase make sure you choose a strong password that is unique to that account, and change it when you suspect suspicious activity may have occurred.  The average age of a social password today is years, and social media does a lousy job of reminding you how old your password is, how weak it is, and when it’s a good time to change it.  It’s your responsibility to protect your account so so protect it wisely.  If you have many accounts and passwords use an enterprise password and privileged account vault to make it easier to manage and secure them.  Never use the same password multiple times.

#4 Use two-factor or multi-factor authentication

Make it difficult for cyber-criminals to easily access your online accounts and steal your information by enabling and using two-factor or multi-factor authentication.  Do not let a password be the only security control stopping cyber-criminals.  Two-factor and multi-factor deter cyber-criminals end encourage them to move onto an easier target. (You may find this post on the future of authentication interesting)

Nearly 30% of people will click on malicious links

#5 Beware of hyperlinks

We are a society of clickers; we like to click on things. For example, hyperlinks.  Always be cautious of messages with a hyperlink and ask yourself: Was I expecting this? Do I know the person who is sending it? If in doubt, ask the person if they actually sent you something before clicking on a link which might be malware, ransomware, a remote access tool or something that could steal or access your data.  Nearly 30% of people will click on malicious links, so be more aware and cautious.  Before clicking, stop and think.

#6 Be aware of what you do over Public Wi-Fi.

Avoid using public Wi-Fi network without VPN.  Rather use your cell network (3G/4G/LTE) when security is important.  When using public Wi-Fi ask the vendor for the correct name of the Wi-Fi Access point and whether it has security. It is common for hackers to publish their own Wi-Fi SID with similar names.

Disable Auto Connect Wi-Fi or Enable Ask to Join Networks. Hackers will use Wi-Fi access points with common names like “Airport” or “Cafe” so your device will auto connect without your knowledge.  Do not elect to remember the Wi-Fi network.

Use the latest web browsers as they have improved security for fake websites. This prevents someone from hosting their own look-alike websites, like Facebook, waiting for you to enter your credentials.  Do not click on suspicious links even via social chats, like videos that have your photo, and beware of advertisements that could direct you to compromised websites.

Use a least privileged user or standard user while browsing, as this will significantly reduce the possibility of installing malicious malware.  Use a VPN service.  Always assume someone is monitoring your data over public Wi-Fi.  Do not access your sensitive data like financial information over public Wi-Fi.  Do not change your passwords and beware of entering credentials while using public Wi-Fi.  If you have a mobile device with a personal hotspot function use this over public Wi-Fi where possible.

Stay safe online with these best practices and avoid becoming the next victim of cyber-crime.

Also Cyber Security Awareness Month:
Cyber Security in the Workplace is Everyone’s Responsibility

Browser-stored passwords make it easy for hackers to get inside your network.

Pinpoint risky stored passwords in minutes

Our free Browser-Stored Password Discovery Tool finds those sneaky passwords


Like this post?

Get our top blog posts delivered to your inbox once a month.