Since the pandemic, Our work life has become increasingly digital, if not completely digital, and more and more industries are adopting digital technologies across all aspects of their operations. This trend is fuelled by increased competition, cost pressures and disruptive technological breakthroughs in AI, Quantum computing and others.
Digital workplaces are now distributed. Work has become asynchronous. Workplaces are no longer defined by a compound or a corporate firewall. Staff are working from convenient locations and at varying work hours. Technology is seamlessly integrated into cars, planes, homes and mobile workplaces to make modern work work. Many new businesses and business models have emerged and thriving in this changing landscape of digital economy.
Bad actors are often the early adapters to change. Many threat actors have emerged and new ways of stealing have exploded in the digital economy. Small businesses and large enterprises both have suffered often silently to cyber attacks and it is reported that the Australian economy alone has been losing over a billion dollars each year to cyber crime.
Staying secure online is no easy task. Awareness has to be the core of our defence and I would like to share my top 12 tips that you can put to practice today to stay safe at work.
Tip 1: Don’t stay online unless required
If you do not need to be connected to the internet, let that wifi be disconnected. Don’t be shy and pull that blue cable out of the laptop/PC.
Tip 2: MFA is a must
Ensure that all your accounts are set up with MFA with an authenticator like app on your phone. Go for passwordless or passkey authentication if supported.
Tip 3: Back it all up
Not only data needs regular and secure encrypted backups but also your MFA configurations, passwords, API keys, etc.
Tip 4: Use a Password manager and very complex and long passwords
You need to use very complex passphrase and long passwords. It is best to use a password manager to remember these passwords and also make it a habit to change passwords quarterly.
Tip 5: Use VPN, Content filtering firewalls & secure DNS
All operating systems now come with firewalls and content filtering. Turn these features on. Setup custom DNS and point to quad9 or other Secure DNS service.
Tip 6: Use secure browsers and check browser settings
Use a privacy first browser like Brave or others. Check your browser to ensure most secure and restrictive settings are applied. Always open sites in private windows. Do not save passwords in the browser and do not install plug-ins if you don’t use them frequently.
Tip 7: Avoid clicking on links unless you can see the URL clearly
Whether it is on an email or SMS or a document, do not blindly click on links unless you know where it is going and you do want to go there. Always call and contact the sender and confirm before opening emails or attachments.
Tip 8: Use Anti-virus and anti malware software
Ensure you have these tools installed, updated and running properly. Often your IT or MSP will be on top of these things. But, a regular check is worth doing. Including checking for software updates.
Tip 9: Check for identity compromise
There are secure services and subscriptions you can use to check whether your identity has been compromised. Google and Apple will warn if your password or email has been found in a data leak. Use these services and check them on a quarterly basis.
Tip 10: Do not overshare
Lock your linkedin profile and do not share your personal or contact details. Be diligent about sharing photos, videos or documents that could leak metadata. Wishing your manager on their 50th may reveal their DOB. Trim your email trails and keep them short. Check the recipient list is accurate. Remove attachments and encrypt them if they have sensitive info. You can use password protection with , Onenote, Office documents, PDFs and Zip files. I prefer encrypted ZIP. Use Signal to share passwords and with pictures use the one-time view option (disappearing message).
Tip 11: Clean up accounts
If you are not using a service then delete the account and contact their support to completely wipe your records from their systems. Unsubscribe from marketing databases.
Tip 12: Keep work protected and separate form all other activities
Do not mix work with other activities. Do not use personal devices for work or office related resources for any personal work. Never leave your devices unattended. Never share devices or credentials with EAs. Do not charge your phone or devices unless you are watching them. Do not plug-in USBs or devices from others into your work computers under any circumstances.
Bonus Tip 13: Lock that credit file
If you are not going to be applying for a loan anytime soon, look at banning your credit file for a reasonable period. There are services you can utilise to make this happen smoothly.
Remember, cybersecurity is a shared responsibility. Encourage a culture of security awareness within your digital workplace and report any suspicious activities or incidents to your organization’s IT or security team.
We at predict cyber offer a cyber security awareness training program that teaches concepts and useful tips & tricks. Check it out here: https://predictcyber.com.au Click on Register for Training and pick a time slot that works for you. This is a fee FREE training for a limited time only.
Here’s a video of this content available on the Digital Workplace knowledge bank.
You must log in to post a comment.