26 January 2022
Data security: 10 tips in the battle against cyberattacks
Data Protection Day is a reminder to be vigilant every time we turn on our laptops or phones.
Cyberattacks are on the rise
The ‘what was the name of your first pet?’ question that does the rounds on social media may seem like a harmless bit of fun, but for IT and data security professionals it’s exasperating. Phishing is a common tactic by scammers. We’ve all seen enough ‘I’ve been hacked’ posts to know that perseverance is rewarding the phishers and hackers.
Cyberattacks have increased dramatically in recent years with attempts to breach personal and business security becoming increasingly sophisticated. Held annually on 28 January, Data Protection Day was established to raise awareness, highlight risks, and promote best practice. A robust approach to data security plays an important part for organisations in an overall, broader approach to data protection.
Cost and harm
In 2021, 39% of UK businesses and 26% of charities reported cyber security breaches or attacks. As in previous years, the attacks were aimed more at larger organisations – medium-sized businesses (65%), large businesses (64%) and higher turnover charities (51%). Hackers have increasingly targeted the education sector.
The cost to fix ‘successful’ breaches can be significant according to the government’s Cyber Security Breaches Survey 2021. Some organisations have reported seven figure losses. But it’s not just the cost of a data breach that can harm an organisation. There’s the reputational damage too.
What can you do?
So… what can you do to protect against cyberattack? Here are 10 tips.
1: Treat privacy online the way you would in ‘real life’. You’ll immediately cut down on some of the possible ‘entry points’ to your private data.
2: Listen to IT and data security people; they know what they’re talking about.
3: Be careful with incoming emails and particularly any attachments. Only open them if you know they’ve come from a trustworthy source.
4: Being wary of attachments also applies to incoming messages on your phone. Don’t know who it’s from? Don’t open it. A common current mobile hacking ruse is a message saying you have a parcel waiting to be delivered, inviting you to click on a link. Don’t.
5: When it comes to choosing a password, think security first and foremost. Three random words would be very hard to guess or break. And if you have ever mentioned your favourite city or the name of your first pet on a social media site don’t, on any account, include it in your password!
6: Introduce multi-factor authentication on devices and at work consider monitoring broad user behaviour such as log on and off locations and regular usage times.
7: If you’re transporting a laptop and/or other work materials or information between premises get it to the destination as quickly and directly as possible.
8: We all leave a digital trail – everywhere we take our phones and every time we click ‘Accept Cookies’. You’re not obliged to ‘accept all’ cookies when you visit a website. And of course, you can turn your phone off.
9: Unless it’s completely unavoidable, don’t use easily accessible public Wi-Fi when you’re working. Working in public places such as cafes or libraries and using publicly accessible Wi-Fi can lead to potential security breaches.
10: Tread warily when visiting an http website. The layers of security added to https websites mean they are much more secure.
In essence, the key to helping keep your information and data (business or personal) more secure is ongoing vigilance. It might be unrealistic to talk about being ‘100% secure’ or ‘never’ having a security breach, but there are many things that can be done to significantly reduce the risk.