Navigating Digital Risks: Building a Robust Online Strategy
In the previous blog article, we talked about general facts related to cybercrime. We concluded with the statement that Law Enforcement is unable to keep up with Cybercrime in general due to budget restraints, privacy laws and an ineffective international coordination. Furthermore, there is almost no communication between Law Enforcement and Tech companies.
Unfortunately, that leaves us -the users- vulnerable to potential perpetrators… and it comes down to our online vigilance to detect potential threats.
Based on my twenty-five years of experience in ICT, I came up with eight guidelines that could help you to (re)design your online strategy.
Keypoints
- You’re in control
- Keep things simple
- Develop a healthy online/offline strategy
- Remain vigilant and disciplined
- Keep your private online world separated from your professional environment
- Keep a healthy discipline for your financial transactions online
- Divide and conquer
- Courses and professionals
- Summary
The first thing you need to realise is that you are and always will be responsible for your decisions and actions in life, which also goes for your online behaviour.
When you engage yourself to become a part of a social group, online or in real life, remain vigilant of how you interact and employ a healthy strategy to safeguard your boundaries.
In many cases inappropriate actions can, like visiting an unsafe website or clinking on a insecure link install malware on your device. You, the user, are the one who performs the action: opening the page or program. If you’re aware of the potential threats, you gain more control in preventing potential exploitation.
Everything we do in life has its implications. When you engage to connect with others, the strategy you employ will always protect you and all the people that are close to you, even online.
Inform yourself by reading everything through critically or follow a good course to learn about online threats. Furthermore, the best strategy in your online life remains simplicity.
The first step is defining your goals, what do I want to do online? Is it for entertainment, professional, social interaction, …
Secondly, what do I need to do that? The way you connect online needs to be secure, the way to connect to the application involves potential threats, like:
- An insecure connection to a website
- Potential opportunists that might be drawn to your online activity.
- …
Lastly, what are the precautions that I must take to ensure that my online vulnerability is limited? The article already provides more information through the following guidelines, keep on reading. Furthermore, answering these questions will introduce the second step in developing your online/offline strategy that will simplify the way to remain discipled in the end.
Maybe these elements may be common sense, but how many amongst you are keeping track of the following details?
- Implement a decent password strategy. Usernames and passwords are the foundation of your online security. Use passwords of at least 20 characters, containing capitals, little characters, numbers and symbols. Use a phrase or sentence that has nothing to with your daily life! The names of your children, pets, birthdays, or address details can be found online. A good example of a complex password could be: D0n’tWalk@roundTheBush!
- Have an offline list of your credentials. Most people who are active online have access to multiple websites and having only an online list makes you vulnerable. On itself are there two ways to deal with this:
- Keep a handwritten little notebook that you store in a safe place.
- Or create a spreadsheet (like MS Excel), put a password on file and store it on a secure USB stick. Don’t forget to add this stick to your offline backup.
Whether you are using an online password manager or not, keep them synchronised. The secondary goal is that it becomes your checklist in the unlikely event that you might get hacked.
- Use multifactor authentication where possible. Multifactor authentication might sound complicated, but it enhances your online security. It basically means that a website -like Facebook- needs an extra authentication next to your credentials. This can be provided through an app or by sending an SMS to your cell phone (potential telecom costs might be involved).
- Install decent protection software: As long as computers have existed, viruses and other malicious software has been developed to poison our routines and pass on sensitive information to hackers. Especially in this online age, that security remains fundamental. My advice is here is to purchase (avoid free) software that contains the following components:
- Real time anti-virus and malware scans
- A software firewall that monitors your traffic
- Virtual Private Network or VPN connection: The strongest protection for your computer or smart device is provided by a VPN connection. It means that your device creates automatically an encrypted connection to a common gateway to the internet. In normal circumstances each device which is connected to that firewall, provided by a solid security firm, will protect your device better than in an open network.
In normal circumstances the software will warn you when an instruction is actively blocked or you’re about to enter a potential dangerous situation.
- Separate your administrative email address from the address that you use for your social contacts. These days, e-invoicing has become the standard to avoid printing and sending costs for companies. The drawback here is that these documents are ideal for hackers to obtain information about you! If you separate them, the probability that someone is looking into your administration decreases exponentially. Moreover, it creates a clean archive of your documents.
- Plan maintenance tasks for your computer or smart device on a regular basis.
- Always make an offline backup of your data on an external disk. How would it feel if you were to lose those precious photos of warm family moments or a book that you’ve been writing on for months?
- Do a full virus scan on all your files at that moment.
- Remove your browserdata on a regular basis: these files are mostly unencrypted and could be used by hackers to find usernames and passwords.
- Change the passwords regularly of your most crucial accounts like mail, computer accounts (MS Office 365), websites of financial institutes, …
This last step might be time-consuming, but it’s worth it! Image how frustrated and powerless you would be when your device is hacked because you neglected this step?
Check your mail addresses frequently for error messages, just to keep yourself in the loop about potential changes or threats.
When your work provides you with a computer to work at home, don’t mix the two. Use the office computer for professional purposes and use your home computer for personal stuff, how tempting mixing might.
It doesn’t imply that you can’t expand your personal social circle at work and become friends with colleagues on social media and in real life, just keep strict logical boundaries in place.
That discipline works more advantageous than you might think:
- When you work on your office computer, you’ll be more focussed on your job and be more productive than when you’re distracted by the messages of social media from your personal life. Being focussed as such, also helps to prevent overstimulation.
- It also prevents a potential infection risk between the two environments. If you were mix them and there’s a security breach at work, you might be held responsible for the financial consequences.
Most malicious hackers are opportunists and are always on the look-out for an easy way to ‘earn’ money on your account. Maybe the following tips could enhance that online security.
- When you do your online transactions, do this in an incognito or private browser window. It might seem inconvenient, but all the cached cookies are immediately removed when the browser window is closed.
- Prioritise the use of prepaid cards like gift vouchers above debit or credit cards online.
- Lastly, if you need to use a debit or credit card online, prioritise websites that offer a validation through an app or biometric of the online payments.
This all might seem complicated, if not overwhelming, but once you get used to it, they really provide a better security.
In the previous tips, I have already suggested the following things:
- Separate your work and personal atmosphere.
- Create separate mail accounts for your administration and social interactions.
- Use incognito or private browser windows for financial transactions.
- Prioritise the use prepaid cards to debit or credit cards.
Furthermore, I would like to suggest the following strategy if you would consider integrating multimedia appliances like smart tv’s, voice activated controls like Google Assistant or Gemini, Alexa (Amazon) or Siri (Apple) into your home.
- Create again a separate mail account, that links the registration of most devices.
- Link only the credentials that are related to multimedia like streaming services as Netflix, Spotify, Amazon Prime, … to this account.
In this way, you can share them with your family, having an easy way to manage the interconnection.
Most Domotica appliances these days also offer an easy integration into one app like Google home… Just be aware that this centralisation could compromise your cyber safety if unethical hackers were able to access the main account.
If you’re using an online password manager, be aware that this is also a single point of failure. If hackers were to access it, they will use your credentials. If you apply a decentralised strategy where your booklet or protected spreadsheet is the backbone of your system, hackers will only see the passwords that you’re using online and the strategy will shorten the checklist if you need to reset everything.
Lastly, the emphasis of this thinking strategy is linked to alarm systems. These apps on your phone should have an isolated sandbox, like most banking apps. Verify this with your security provider before you install them on your devices!
IT security can be a complicated matter and there is no doubt in my mind that these tips might require a deeper understanding for some amongst you.
If that’s the case, study the matter before you implement measurements. Follow courses (online or otherwise) or contact a professional to assist you in your strategy.
I also offer these services and plan an online course in the following months.
Using online services has definitely its advantages but has also its drawbacks and the only way to truly deal with it as a human is to become aware of the risks and develop a healthy strategy and see that through.
The following eight tips can help you to do so:
- You’re in control. Everyone is responsible for their thoughts and actions. When you maintain healthy boundaries, that will influence your online behaviour.
- Keep things simple. Before you go online, reflect on the following three questions:
- What do I want to do online?
- How will I do that?
- What are the precautions that I need to take?
- Develop a healthy online/offline strategy and stick to it. Read through the different tips to inform yourself.
- Remain vigilant and disciplined after you’ve implemented your own online/offline strategy.
- Find a healthy balance between your professional and personal online environments.
- Always be cautious when performing financial transactions online.
- Apply a decentralised strategy when implementing a more complex IT structure. It will improve your cyber security.
- Consult a professional of follow a course if you don’t possess the knowledge to design and implement your online strategy.
Taking precautions is only the first step. There is and always be the potential that all measurements could fail, and you can get hacked. If that should happen, remain grounded. Only a cool head can make a healthy logical assessments of the intrusion and implement the appropriate measurements.
The next blog article will delve deeper into the recovery process of devices if a hacking should take place.
If you would like more information about the mentioned guidelines or you would like guidance in the development of your online strategy, let me know on the contact form on the bottom of this page or contact me over the different media.
These blog posts are also part of the Cybercrime Series. I recommend that you study them all to get a better grasp of cybercrime and the various measures you can take.
