Cyber Security Awareness Month

Theme 3 – How do you act now to stay secure?

Good cyber security practices can help reduce your risk of becoming a victim of cybercrime.

They also make it easier to recover accounts and data.

Here are some simple steps you can take now to protect yourself.

Update your devices 

Software and operating system updates can fix flaws that cybercriminals exploit to gain access to your device or bypass security measures. 

This means that outdated applications and devices can leave you vulnerable to cyber-attacks.

Wherever possible, enabling automatic updates is recommended. This is an easy ‘set and forget’ step you can take to keep yourself safe.

Learn more about these updates here

Turn on MFA (multi-factor authentication)

MFA requires two or more actions to be taken to verify your identity. 

This adds an extra layer of protection which makes it much harder for cybercriminals to gain access to your accounts.

These actions should combine multiples of the following types of authentication:

  • Something you know (e.g. PIN, password or passphrase) 
  • Something you have (e.g. a smartcard, verification code sent via SMS, email or authenticator app) 
  • Something you are (e.g. biometrics like fingerprints or facial recognition) 

MFA is sometimes also called two-factor authentication (2FA) or two-step verification.

While it can seem inconvenient at first, MFA provides a strong defence against the majority of password related cyber-attacks. 

You can find more information about multi-factor authentication here.

 

 

 

 

 

Set and perform regular backups

Having a copy of your important information in a secure location is a useful precaution. 

This can be on an external storage device or in the cloud. 

It means you won’t lose them if your device is damaged or stolen. 

It is recommended that you perform backups regularly, though what information and how often you back up can depend on your device and file usage. 

More information and guides for setting up automatic backups on iPhones, Apple MACs and Windows PCs can be found here.

Use secure passphrases

Passphrases are made up of random words and can be made longer than traditional passwords because they are easier to remember.

If you do have trouble remembering long passphrases (or traditional passwords), a reputable password manager may help. 

 

 

 

 

Stay informed and learn how to look out for common cyber threats

Lastly, being aware of common threats and recent scams can help you identify them before they become an issue, or reduce the harm of a successful attack.

You can find more information on the ACSC website about common threats and phishing scams

Then, try testing your knowledge with the Can you spot a scam (phishing) message? quiz.

A Note on Personal vs Company Cyber Practices

The steps listed above are generally applicable.

When dealing with work devices, accounts or data it is important to be aware of and follow any company cyber security policies (which may be governed by industry specific threats or regulations around data privacy).

Password Policies 

Your organisation may have certain requirements for password complexity or storage.

For example, you may be required to use an approved password manager, have a business account assigned to you or there may be restrictions on what passwords you are allowed to store.

Data Security/Privacy Policies 

There are many industries (such as aged care and health care) that have strict regulations on the protection of personal information. 

Other industries (like software providers) may have intellectual property to protect.

Care should be taken if you do need to copy or backup work related files to ensure all company data policies are followed.

These policies may limit what files can be copied, where these copies can be stored or impose encryption standards for external storage.