The National Cyber Security Alliance (NCSA) observes its annual Data Privacy Day on January 28, 2021, highlighting the state of the global data privacy landscape. This year, the NCSA is leading the Data Privacy Day 2021 as an international effort to empower users to “Own Your Privacy” and encourage businesses to “Respect Privacy” for safeguarding data and enabling trust.
To mark the same, Nir Chako, the security research team leader at CyberArk, has recommended security measures for individuals to enhance their data privacy online.
1. Update Your Router
Cybercriminals can easily break into home networks by exploiting vulnerabilities in out-of-date firmware on Wi-Fi routers. Outdated firmware often contains multiple unpatched flaws that can be easily exploited by hackers, so it is important to keep it regularly updated. Making sure your router is up-to-date not only reduces the risk to your personal information and devices on your home network, but also helps safeguard against attacks on your employer that might inadvertently come via your home network.
2. Update Your Device
The proliferation of working made us more vulnerable to cyberthreats. Cybercriminals targeted the remote workforce, trying to exploit loopholes in the corporate networks to break into employees’ work devices and eventually pilfer sensitive corporate data. Updating work devices (laptop or desktop computers) and activating anti-virus software on them helps defend against unauthorized intrusions. Whether you have Windows Defender or security software from a third-party, make sure that the antivirus you are using is active and updated with the most recent security fixes, so you are best placed to proactively identify and rectify any security issues before data becomes at risk.
3. Think Before You Click
Users must be vigilant about threat actors misusing the User Access Control (UAC) feature while installing a new program or software. UAC can be used for malicious purposes. It asks the users whether they want to change something on their computer by manifesting itself as a pop-up tool window. This feature is often spoofed by attackers to either install malware or steal credentials to infiltrate an employee’s device or a company’s corporate network. When permission is granted, the software is allowed access to a user’s computer. If in doubt, do not do it, and flag any suspicious activity to your company’s security team.
4. Avoid Malicious URLs
Cybercriminals often use malicious URLs to phish users into giving login credentials or other sensitive information. Malicious URLs are specially crafted links that host viruses and malware that could infect users’ devices or redirect users to fake login pages to pilfer private data. These types of URLs are a constant threat to both personal and business devices but are easy to avoid. Be wary of clicking on something unexpected or use security services to check the safety of files and weblinks before you visit them.
5. Secure Your IoT Devices
The proliferation of the Internet of Things (IoT) in consumer, health care, and other enterprises, and their internal vulnerabilities, has created a security blind spot where adversaries can launch Zero-day attacks to break into connected devices like smart TVs, webcams, routers, printers, and even a smart home. IoT devices are Wi-Fi-enabled and, if compromised, can be used to access data, credentials, and passwords from other areas of our home networks — to steal information or plant malicious software. Never use easy-to-guess or weak passwords for your connected devices. Also, make sure to update them often to fix known and unknown security flaws.
Cybercriminals continue to innovate their hacking techniques and never miss a chance to exploit a vulnerable resource. When it comes to safeguarding critical data, it is our responsibility to secure all the endpoints and networks against online intruders.
