Bringing Cybersecurity Home
By Steve Martino, Cisco
October is Cybersecurity Awareness Month, reminding us that cyber-attacks know no boundaries between work and home, so we need to be diligent about cyber hygiene across all environments. With the abundance of connected devices we all depend on, protecting your digital footprint is no longer optional. But where do you learn what to do?
People who work for larger corporations may receive cyber information and training from their employer. For instance, at Cisco every employee gets basic cyber training and increasingly advanced training based on your role; we even share educational materials on applying best practices at home. But not all businesses have the resources to dedicate to such training. And in the home, most people have limited cyber knowledge at best, and only pay attention if or when they become victims of an attack.
To get you started, here are a few tips that will help you to “own IT, protect IT and secure IT” to stay safe online.
Recognize we are experiencing radical change. With our busy lives, we take technology for granted. But it’s important to realize that technology is changing society faster than any other advance in human history. Adults need to get smart about the implications and actively discuss “today’s digital reality” with their children. Just as you teach a toddler to avoid a hot stove, teach them from an early age about safe online practices.
Ask questions. When you acquire a new connected device, stop and ask where it came from. Who connects with it and/or captures data from it? For what purpose do they collect the data and is that important to me? How do they care for the protection of your data and privacy? The more knowledgeable you become, the smarter your next questions will be.
Maintain your devices. Understand if the device you’re buying has software that will need updated and patched as vulnerabilities are found and fixed. If so, make sure that gets done. Just like not replacing expired batteries in a smoke alarm, using outdated unsecure software won’t keep you safe.
Secure and Protect Passwords. Make your passwords long and complex; change them regularly; don’t use the same password for multiple applications Change default password settings on new devices. We all know multiple passwords can get cumbersome and hard to remember, so use a reputable password manager to keep track for you. Many businesses and institutions provide Two-factor authentication (2FA) as an added step to protect your on-line identity and data. If it’s offered, use it.
Embrace technology, but be aware. If you were walking down a dark street in an unfamiliar city, you’d likely be more aware about who else is around you or may be following you. Treat the internet the same way. Being connected does not mean bad things will happen, but it pays to stay alert and understand best practices and how to apply them. For instance, don’t open email attachments if you’re not completely sure of the sender’s trustworthiness. Don’t click on emailed links that you haven’t asked for. “Stop, think before you click” to avoid the burden of what may come after a malicious attack.
Remember Data Privacy. While security and privacy are different, they’re definitely related. When you’re watching for online threats, also remember that nothing online is really ‘free’ – you’re most likely giving up something (data) to get a “free service/app”. Ask – is the intrinsic value of the “free” thing worth it? When you download an app or sign up for a new service that collects your data, choose carefully what sharing you allow. And remember, when you put personal information online, it stays around for a long time and may come back to you in unexpected, and unwelcome, ways.
It’s time to bring cybersecurity into the greater social consciousness and constructive discussions about changing norms. As new capabilities keep coming to market faster, we should and can have the right social adaptation to embrace technology safely.