Security Tips For Everyone

In today’s world where your personal data is dependent on your own and the security of companies. It is important for you to take steps to ensure the probability of breaches is minimized or your identify is stolen. These security tips are here to help mitigate risk. 

Security Tips:

1. Never have words in your password. Passwords should be as random as possible. If you have trouble remembering passwords try creating a random sentence. E.g. I like to create 20 Passwords every second! Becomes iltc20Pes! Make sure you write it out to make sure it doesn’t accidentally have common words. You can also have your own algorithm, instead of choosing the first letter in each word you could choose the first, then the second, then the first again, resulting in “iitr20Pvs!”
2. Have strong passwords that are at least 10 characters in length with at least one special character, one number and one upper case. Most sites will enforce 8 characters, this is not optimal. They are easier to guess and brute force attacks. 
3. Set two-factor authentication with any web application where you would care if someone maliciously gained access to (especially your bank account and your email address). You can usually do this in the settings area of the application.
4. Secure your email account. It is the linchpin in your accounts. People can use “forgot your password” to gain access to almost anything you use, unless you use two-factor authentication. 
5. Do not fill out those “what kind of x are you” on Facebook. They are most likely gathering information on you that could be used for security questions.
6. Use a security passcode or thumbprint on your phone. Although annoying, if someone gained access to your phone they potentially have access your a lot of sensitive information. You can turn location-based security so if you are at home you do not have to enter your code. 
7. Social engineering is defined as “the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.” Question people wanting to access anything on your property or at your work. You don’t want to be the person who lets the fake IT person in your place of work and let them put fake stickers on the backs of your work phones so when something goes wrong you call the wrong IT department. Or you get an email that asks you to send x amount of money for the CEO right now (yes both of them have happened).
8. Be careful of tiny URLs. They can easily hide malicious sites. 
9. If someone sends you a link, make sure you look at the link, not the link text. Take a second to hover over the link. For example www.google.com. Note that is going to www.baddsite.com!
10. If someone sends you a link out of the ordinary, do not click it. Send them a message using another method asking them if they actually sent it. 
11. Sites that send you your passwords if you use the “forgot your password” functionality is not storing your password correctly. They should be using one-way encryption so even they can not decrypt it and tell you it. 
12. Avoid using public wifi. Public wifi where any unknown person can use. It is easy for a hacker to see any sensitive information. If you must then use a VPN