Each October is National Cybersecurity Awareness Month (NCSAM) in the U.S., an occasion to become more knowledgeable about security best practices. For NCSAM 2019, the themes are personal accountability and proactivity.
Even a strong password is not necessarily enough to protect your accounts from unauthorized access.
The National Initiative for Cybersecurity Careers and Studies (NICCS), part of the U.S. Department of Homeland Security, has already published a series of helpful guides on these particular themes, leading up to NCSAM 2019. The NICCS guides are divided into three main categories: “Own It,” “Secure it” and “Protect It.”
Let’s look at one of their tips in each of these domains in more depth, to see how it can help you stay safer in an increasingly complex threat environment.
Own It: Being Smarter on Social Media
Social networks like Facebook and LinkedIn are useful for staying up-to-date with family, friends and colleagues and building an online presence. However, it’s prudent to limit the types of information you post on any of these sites, for several reasons:
- What you post or search for is never really deleted: Even Facebook’s recently launched “clear history” tool doesn’t really delete anything, underscoring the importance of being careful about what you share.
- You might be giving away sensitive info without even realizing it: Posting photos from a vacation could reveal your location and the fact that you’re not home. Pictures of ID cards or other unredacted documents are also inadvisable.
- Frequent social media activity can make you a target of scams: Phishing is a risk on social media sites, as are connections to third-party apps and services that might be trying to harvest and sell your data.
Secure It: Set up Multifactor Authentication
Even a strong password is not necessarily enough to protect your accounts from unauthorized access. Passwords are only as good as the security of where they’re stored. Forced password resets in the wake of data breaches are very common, as a recent security incident with a popular PDF reader demonstrated.
Multifactor authentication (MFA), also known as two-factor authentication in some contexts, is the best way to ensure that you’re not at the mercy of either a weak or stolen password. It requires anyone attempting to access your account to supply multiple pieces of information, typically something they:
- Know, such as a password or PIN.
- Have, like a verification code or hardware key.
- Are, for example, a unique fingerprint or facial scan.
By requiring these items, MFA dramatically decreases the chances of your account being accessed by anyone except you.
Protect It: Shore up the Security of your Wi-Fi Network and Smart Home
As the Internet of Things (IoT) continues to emerge, the stakes are high for ensuring that all apps, devices and wireless networks in your home are secure. From thermostats to doorbells, many in-home appliances can now connect to the internet, meaning that there’s also the risk of them becoming infected by malware or otherwise attacked.
The KRACK exploit in WPA2 security from a few years ago shows how this can happen. The best recourse is to make sure that none of your Wi-Fi routers still use factory default logins and that none of them are reliant on outdated security protocols like WEP.
Also, periodically review the smart home apps you have installed on your phone or tablet. These programs may require extensive permissions to communicate with your other devices and send data to servers, which can be potentially risky. Check on what actions they can perform and whether you still need or trust them.