Threats 101
Jonathan Crowe
Feb 2016

5 Nominees for Worst Security Habit Putting You & Your Network at Risk

Photo by Source

worst_online_security_habit.jpg

The Oscars may traditionally be a time for celebrating exceptional performances, but there's something to be said for revisiting our flubs, too. In the world of cybersecurity, we unfortunately have plenty to choose from, and with attackers increasingly targeting unsuspecting users as their entry point for breaking into systems, it's important for all of us to learn from recognized mistakes. 

From using easy-to-crack passwords to putting off critical updates, here are five risky habits that can attract the wrong kind of attention from cyber criminals and leave you and your network open to a breach or attack.

1) Using the same password for every account

Award-winning actors and actresses are expected to memorize entire scripts, but for the rest of us, managing to remember a single 8-digit password can sometimes feel like a triumph. The problem is keeping your passwords stored in documents or, worse, using the same one for every account is a recipe for disaster. We've all seen that movie, and it doesn't end well.

Solution: Use a password manager. Not only will it generate random, secure passwords for you, it will encrypt and remember them so you don’t have to. That should free up some brain power for you to work on that new one-man show you’ve been developing, too.

2) Clicking on email links and attachments without scrutinizing them first

We all know we should be careful what we click, but what you may not realize is just how frighteningly good today’s attackers have gotten at crafting messages that look legitimate (we recently broke down a modern phishing attack email here). In a M. Night Shyamalan-worthy twist, they can even appear to come from sources you know and trust.

Solution: Get in the habit of double checking URLs by hovering over links/hyperlinks to see where clicking would send you. If it doesn’t match the link or looks suspicious in any way, don’t click it. Likewise, avoid opening any attachments you aren’t expecting. 

3) Putting off patches and updates

If only we thought of software updates like long-awaited sequels instead of nuisances we'd prefer to ignore. The problem is updates are often created to solve problems and weaknesses that attackers can potentially utilize to infect our machines. 

Once a software vulnerability is discovered and an update is released, it’s a race to users and IT teams to evaluate and deploy it before the vulnerability can be exploited. Stats indicate attackers don’t waste time — nearly half of the CVEs (common vulnerabilities and exposures) exploited in 2014 were taken advantage of within two weeks of being announced.

Solution: Putting off installing updates and patches can put you and your network at risk. Get in the habit of updating as soon as possible, and if you’re responsible for numerous machines consider adopting a patch management solution that helps you automate those tasks. That can help you avoid falling into the “remind me later” routine and keep you secure and up to speed, instead.

4) Using public wi-fi

We’ve all been tempted by the siren song of free wi-fi. Whether it’s at a Starbucks or at the airport, there are times when you just need to connect. That’s when it’s important to remember “free” and “public” aren’t terms typically associated with secure. Signing on for a brief window of connectivity can carry a disproportionate amount of risk.

Solution: Instead of taking your chances, consider using a virtual private network (VPN), instead. Your traffic will be encrypted, and your browsing session will be much more secure. Many employers will make a VPN available, but if your company doesn’t provide one there are also a variety of free and free trial options you can consider.

5) Thinking of security as purely an IT problem

It’s convenient to think there are technical teams and solutions in place to help safeguard our interactions online, but the truth is we’re all still responsible for how our choices impact our personal security and the security of others.

Solution: The majority of data breaches and cyber attacks involve someone like you or me clicking on something we shouldn’t. Because of that, attackers think of us as the weakest link in the chain. By learning more about security risks and how to reduce them, we can show them we’re a formidable first line of defense, instead.

Jonathan Crowe

Jonathan Crowe

Jonathan covers the latest threats and cybersecurity trends from a practical perspective.

lock-white.png

Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo

Comments

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.