November 28, 2018 CYBER SECURITY

How I Protect My Personal Data From Cyber Threats

I’ve resisted writing for the blog for almost six years now, for the simple reason that I simply did not believe I had anything of value to share with our readers. How could I when there’s Pierluigi with his years of perimeter security experience and tech know-how, and Nour with her knowledge of what’s happening in the market in terms of cybersecurity trends. But then, just the other day, I was reflecting and thinking that perhaps I might after all have something pertinent to offer. That perhaps being a non techie working within the cybersecurity industry has its merits, particularly when it comes to safeguarding my personal data.

And so here we are, my pilot post.

T A D A H

This being an age where practically everything is connected, we are increasingly managing our lives digitally. Essentially, we’re walking around having our most sensitive information literally at the tips of our fingers. And given how smart devices are now so closely woven into all aspects of our every single day, there really is no excuse for anyone, in any sort of profession, to not know and implement several basic protocols when it comes to keeping security up to par. It’s astounding how a few simple rules can make all the difference when it comes to whether or not you’re phished or your personal information ends up in the hands of unsavory characters.

I’m not an expert by any means but here are my three commandments when it comes to proactively protecting myself.

1. Passphrase not Password

I have different login credentials for practically every website, every app, every online presence. By passphrase, I mean a combination of words (comprised of letters in both lower and uppercases), numbers, symbols, and spaces.  It’s like a password on steroids. Also, given that I’m from Malaysia, I throw in a foreign language word for good measure. The length and complexity of a passphrase makes it nearly impossible for hackers to breach by computation, algorithms or even brute-force trial and error. The best passphrases are easy to remember but contain a personal connection or detail that make them unique to me, so long as it’s nothing predictable such as first car, favourite teacher, or mother’s maiden name.

And when it becomes a bit too much, I either delete apps or housekeep which URLs I’m a member of because, in truth, how many webinars can one really listen in on?

2. Stop Clicking

S E R I O U S L Y ,    S T O P

I have a general rule of thumb for every email I receive with an attachment. Firstly, I check the file extension. We’ve been taught that 85% of all malicious emails have a .DOC, .XLS, .PDF, .ZIP, or .7Z attached. Seeing an email “paper-clipped” with any of these extensions should always tell you to proceed with extreme caution.

Assuming it passes the muster, I then inspect the sender’s email, very meticulously. A period could be the one tell tale sign that not all is well. I’ve seen some very legitimate-looking emails purportedly sent from PayPal which, upon closer examination, had an extra character in the sender address which immediately raised the red flag.

This is where it starts to get tricky. Even if everything seems hunky dory up to now, if it still doesn’t feel quite right, it probably isn’t, to be honest, since those are things an attacker can fake. At this point, I review the subject and the message itself. Are they written in the way that person or organization normally writes? And, if I’m still uncertain, I give the sender a ring. As simple as that, yes. All these steps do add a little bit of extra time to my routine but the potential harm it has saved me (and safeguarded my personal data) is immeasurable.

3. Update, Update, Update

Too many people ignore the importance of keeping their AV software up to date, at their own peril. Basically, the longer an OS version exists, the more time cybercriminals have had to identify and exploit its weaknesses. With regular updates, I’m effectively reducing my exposure to security threats from malware, hacking and other data breaches. Yes it can be pesky, these operating system updates but clicking on “remind me tomorrow” is really asking for trouble.  I have mine set on automatic so I don’t forget.

T H A T ‘ S    I T

Those are basically the golden rules which have kept my personal data safe all this while.

In fact, in the span of my 20-year career, I’ve never once fallen prey to hackers. Nor have I ever been breached. It is my sincere hope that they may be of some use to you. Until next time.