Cyber Security Tips

Cybersecurity is the process of creating a system of safeguards (using software, tools and habits) to protect data and network integrity. Also known as information technology security or electronic information security, cybersecurity prevents hackers and attackers from harvesting your personal or professional data from your devices.

A good cybersecurity policy for should provide a framework for helping employees become more educated about information security protocols and aware of how to recognize and avoid threats. If your job involves using a computer and the internet, you need cybersecurity measures to protect your data.

Cybercrime involves using a computer or device as an instrument to further illegal ends, such as committing fraud, trafficking in illegal content, intellectual property theft, stealing identities or violating privacy to name a few.

The term “cybercrime” covers a wide range of activities, but they all have one thing in common – cybercriminals use various methods to break into systems and steal data. The first step towards protecting your data and devices is by understanding what kind of threats are out there.

Malware, short for "malicious software," is a term used to describe any program designed to steal information from your computer. There are many different kinds of malicious software, including viruses, ransomware, adware browser hijacking software, fake security software and spyware. Malware is developed explicitly by cybercriminals or "hackers" to intrusively steal your data.

For example, ransomware is malicious software put in your system that will essentially hold your important information hostage until you meet the hacker's demands. A ransomware attack can shut down a victim's computer or encrypt their files remotely, removing them from your control. A different kind of malware, spyware, runs quietly in the background collecting your data and sending it back to the criminal, who can then use it for fraudulent purchases or illegal schemes.

Phishing scams trick users into sharing their personal information, such as usernames or passwords, on fake platforms, such as web pages, that pose as the real thing. Using this method, scammers can acquire sensitive data like passwords or credit card information simply by impersonating a trustworthy source, as long as the victim doesn't look too closely.

Phishing also includes fraudulent emails or text messages pretending to be sent from legitimate businesses in an attempt to collect sensitive personal information. Links in the email will redirect to a fake website owned by the scammer, where your personal data can be collected.

Hacking is the process by which someone obtains and uses another person's personal data in an unauthorized way. Hackers look for weaknesses in computer systems or network security to access sensitive data. Cybercriminals who utilize hacking look for private or restricted information like your bank, social media and email account login information or passwords.

While people might think that cybersecurity is only crucial for large corporations with sophisticated networks and mountains of sensitive data, it's actually a vital measure for everyone and anyone who uses a computer on a regular basis.

Cybersecurity is also important for remote workers since they work with company data, and because their home’s network may not have the same level of protection or security measures as their work’s network.

Working from home or from a remote location can have many benefits, but it also comes with its own set of security concerns. One of the biggest safety risks for someone who lives and works remotely is an attack on their personal computers, smartphones or other internet-connected devices. Because there are often fewer cybersecurity safeguards in place for remote workers than for those who work in an office environment, remote workers can be more vulnerable to cyberattacks using social engineering tactics.

The goal of cybersecurity is to keep your sensitive information as safe as possible by removing vulnerabilities and keeping access away from hackers. Remote workers and freelancers need to take extra precautions to implement cybersecurity measures, especially if they’re working with sensitive information.

There’s an array of cybersecurity tools, habits and software you can use to protect your devices and data from malicious attacks. It’s also beneficial to stay informed. Ready.gov has a wealth of information and tools to help consumers educate themselves on cybersecurity and what to do if targeted.

There are many methods to help safeguard your devices from cybersecurity threats, including:

Keeping personal and company information secure is a vital habit to develop. Below are some cybersecurity tips for remote workers that help prevent identity theft and protect your personal information:

It’s good practice to change your passwords often, randomize them and not reuse them. More ways to keep your passwords secure include:

Encryption technology converts information into secret codes so that only the intended recipient can read the message. Utilizing encryption technology can help you protect data from unauthorized access and potential leaks.

If you are working remotely, keeping an active virtual private network (or VPN) installed on your devices may be recommended. VPNs cloak your device’s location and scramble information transmitted over a WiFi network using encryption technology, protecting your data and preventing hackers from intercepting it.

You may want to also encrypt sensitive data on your mobile device if you use one for work, by installing mobile VPN apps from trustworthy sources.

Multi-Factor Authentication is a security process that makes it difficult for hackers to access your devices by requiring additional identity verification steps.

Two-factor authentication (2FA) is a type of multi-factor authentication requiring two different identification types before granting log-in access. Whenever possible, use two-factor authentication log-in options on online platforms.

Computer viruses are often introduced into a computer or network and spread without detection, performing unwanted and malicious actions that affect the computer’s performance and data. Antivirus software generally works in several ways – detecting viruses in computer systems, removing them, and preventing them from infecting your computer in the future. Like a house with an open door, a computer that is left unprotected by antivirus software or a strong firewall may attract intruders and thieves. 

How much damage can viruses do? A few examples include:

It’s important to keep the software and operating systems on your devices up to date. If you’ve been ignoring those update reminders, the antivirus software provider Norton offers these 5 tips:

You probably have more important data on your computer hard drive or phone than you might realize, and a good portion of it may be irreplaceable. According to the folks at Norton, nearly a third of computer users have never backed up their device, and 70 million cell phone are lost each year. By backing up your devices you are already a step ahead of cyberthreats that might cause data loss.

What should you back up?

Viruses and malware are often spread through links in email messages. Even if the message appears to be from someone you know, you should be extra cautious and avoid clicking on any links in the message unless you’re absolutely sure the message and the link it contains are both legitimate.

It may be tempting to save your credit card information with ecommerce websites or in your web browser, but this added convenience could also be putting you at risk for fraud. The company storing your credit card information could be vulnerable to a data breach. Manually entering your card information each time you make a purchase might be less convenient, but it also might substantially reduce the chance of it being compromised. Consider the “kid factor” as well. Children who have access to your laptop or tablet may accidentally or intentionally make purchases without your consent using your much-too-easily-accessed payment information.

Fake websites are commonly used in phishing scams where cybercriminal imposters trick you into submitting personal information like passwords and account numbers. For example, an email message that looks like it’s from your bank tells you about a data breach and asks you to click on a link to reset your password. In this case, the crooks are wolves in sheep’s clothing, creating a false sense of urgency and exploiting your natural tendency to protect your account.

What’s really going on here? That link goes to a fake website where the crooks are waiting for you to hand-deliver your personal information right to them. To protect yourself, find out about the ways to identify fake or unsecure websites.

Take extra security precautions and avoid over-sharing on social media. It’s a good idea to use a different password for each social media platform you use. Turning on two-factor authentication will add an extra layer of protection by requiring a code to be sent to your phone or generated by an app like Google Authenticator. It’s also a good idea to lock your phone if you must leave it unattended.

Avoiding clicking on clinks from people you don’t know in social media feeds, as they could lead to malicious websites. Over sharing on social media can get you into trouble. Be careful what you post, as cybercriminals could gather information about where you live and/or work, or when you’re not at home.

Viruses and malware are commonly delivered through downloads. Excessive or careless downloading is an easy way to turn even a brand-new computer that’s running smoothly into one teeming with spyware, malware and other nastiness. While searching online for free software such as iTunes or Adobe Flash Player, for example, it’s easy to be redirected from their official sites to imposters that stealthily install software on your computer that you don’t want or that may be carrying a secret payload of malware.

Websites often ask you to download information or images that will help you to learn more or entertain you in some way. The simple rule here is don’t download anything to your device unless you trust the source and are sure of what you’re getting. 

Social engineering defines a category of tactics used by cybercriminals to gain the trust of their targets by using the psychology of persuasion as an old-school grifter or con man would. In a typical social engineering attack, the cybercriminal will present themselves as someone from a trusted organization – say your bank or credit card company. They will encourage the victim to take further action, like clicking through to a website where they urgently need to change their password or submit personally identifiable information.

What makes attacks using social engineering so dangerous is that fooling a single victim into taking a single action can provide enough information to enable an attack that could compromise an entire organization.

According to Cisco, types of attacks using social engineering include:

The Federal Trade Commission offers sound guidance on this aspect of cybersecurity for businesses. They say if you don’t have a legitimate business need for sensitive personal information, don’t even collect it. If you do need it, keep it only as long as it’s necessary.

In addition to scaling down, properly disposing of information that you no longer need is a good policy. If you no longer have it, criminals can’t take it. Deleting files using simple keyboard or mouse commands usually isn’t enough because the files could still be retrieved from the computer’s hard drive. When disposing of old computers and portable storage devices, use software called “wipe utility programs” to wipe them from a computer’s hard drive and make them no longer recoverable. 

Begin or continue your education at DeVry, with our Undergraduate Certificate in Cyber Security or our Bachelor's Degree Specialization in Cyber Security.

Our cybersecurity programs are designed to help you develop the skills you need as you prepare to pursue your career. Earn your degree on your schedule, with flexible options like our 100% online classroom structure. Classes start every 8 weeks.