Privacy

Maintaining privacy whilst online is essential to avoid identity theft and fraud. However, there is likely also personal information about you which you do not want to reveal to certain other people. 

 

It is surprisingly easy to inadvertently give away your personal information online, especially when prompted to do so by an email, on social networking sites or on company websites requesting information which they do not necessarily need to do business with you.  


Listed below are a number of steps/measures that you can take to maintain your privacy whilst online:

  • Ensure you always have effective and updated antivirus/antispyware software.
  • In a public or work environment, check your computer physically for any unusual devices that may be plugged in, especially on the keyboard cable.
  • Use secure websites when shopping or banking online. 
  • Do not access personal information such as online banking when using public networks.
  • Log out of secure websites when you have finished your transaction, as closing the window may not automatically log you out of the site.
  • Use strong passwords, change your passwords regularly and never reveal them to other people.  
  • Use a Virtual Private Network (VPN) to encrypt your data when browsing.
  • Ensure all your devices are updated to the latest software - as well as user improvements, these updates will also include the latest security patches and updates.
  • Avoid using a work email address for personal use. Instead, have a separate, private email address for private business.
  • Make sure your home/office WiFi network is secured. 
  • Organisations should consider installing a firewall, which will restrict access based on certain criteria, such as the source and destination.  Additionally, organisations should review staff security levels to ensure that these are appropriate, and should ensure that access is revoked when an employee leaves an organisatin
  • Store personal and financial documents securely.
  • Shred unwanted personal or financial documents. 
  • Be careful to whom you disclose personal information. 
  • Be cautious about who is trying to befriend you online including via email and social networks/dating sites.
  • Be wary of disclosing personal information on a work or personal web site.
  • Set clear guidelines for children about when and how they can reveal information. 


Passwords

Your passwords are the most common way to prove your identity when using websites, email accounts and your computer itself (via User Accounts). The use of strong passwords is therefore essential to protect your security and identity. 

  • Always use a password.
  • Ensure you use strong passwords, and do not disclose them to anyone else. If you think that someone else knows your password, change it immediately.
  • Don't enter your password when others can see what you are typing.
  • Do not send your password by email. No reputable firm will ask you to do this.

It is an annoyance for most, but when you realise how easily your password can be found out / hacked / cracked, you realise why we are so strict and encouraging of effective password policies. 

Just so you can see how a person may get hold of your passwords:




  • Using personal information on social media.
  • Using personal information registered to your domain (if you have a website and do not have domain protection).
  • Buying your credentials on the black market.
  • Reading unencrypted data in internet networks.
  • Infecting your device with malware.
  • Accessing your device remotely if allowed.
  • Phishing (asking for your information / passwords from emails etc.).
  • Brute force - many people use common words, so hackers may simply run a program that plugs in all words in a common dictionary and see which one works - or they have advanced programs:
Did you know there is advanced software from an expert that can crack most passwords in hours? The software can test 350 billion passwords a second... Here's the info!
The basis of it is, a hacker will use any information they have about you, will have software that will do the hard work for them, and they can even be bought on the black market.

So here are some useful tips for creating effective passwords for all your devices that can keep you one step ahead at all times.

Do's
  • Change the password regularly (at least every 90 days is best).
  • Use at least 8 characters, but many may recommend that at least 12 is needed now.
  • Use a mix of letters and numbers that are both uppercase and lowercase.
  • Use multiple words - uncommon ones if possible.
  • Use information that you might only recognise.
  • Use non-dictionary terms.
  • If you store passwords, use a secure and encrypted password manager.
  • Regularly check your account for unusual activity and change your password if you notice anything suspicious.
  • Use a reputable antivirus on your devices. Some even have excellent email spam filters.
Don'ts
  • Use the word 'password'.
  • Use sequential numbers or letters (12345 or QWERTY).
  • Use the same password you have used for years (they can buy this information from old websites)
  • Use your name or birthday.
  • Use easily identifiable personal information.
  • Use common letter substitutions
    • anyone can guess that 2019 might be 2k19 or STAR might be ST@R
Handy Ways to Generate Passwords
  • Use a strong password generator such as Avast's Random Password Generator.
  • Take a sentence that you recognise or remember, and take the first 1 or 2 letters from each word and use that as your password
    • No Luke, I am your father! becomes NLIAYF!
  • Connect multiple random words (this may go well with a visual image).
    • Cat in the Hat is NOT random.