Allstate NI: Stay cyber savvy with these top tips

Written by Victoria Logan, Cybersecurity Communication and Awareness Specialist, Allstate NI

Allstate NI’s Cybersecurity Communication and Awareness Specialist, Victoria Logan shares her top cybersecurity tips to help you stay more secure online.

My role at Allstate is to raise awareness and inspire change in employees across Allstate’s global organisation.

I focus on the human element of cybersecurity; creating materials to reinforce secure habits in employees’ personal and professional lives. This month, I’m sharing my top 10 cybersecurity tips to help you stay more secure online.

Top causes of security breaches

Phishing and malware incidents are the top causes of security breaches, and the bad guys are getting more sophisticated every day. But what’s more troubling is that successful hacking attempts are often the result of human error. Education and awareness are critically important in the fight against cybercriminal activity and preventing security breaches.

By following the tips below and remaining vigilant, you are doing your part to protect yourself and others.

Tip #1 - Realise you are a target to hackers

“It couldn’t happen to me” is a dangerous frame of mind. In a world where information is currency, we are all at risk and everyone has something to lose.

Tip #2 - Practice good password management 

Today, everything is password protected. With so many passwords to remember, it's easy to take short-cuts. However compromised credentials are a hacker’s bread and butter – once they are into one site there’s a good chance they can get into other, more important sites.

Here are some general password tips to keep in mind:

• Use long passwords and consider using a passphrase – words or phrases with 20 characters or more are recommended
• Use a strong mix of characters - did you know using the space bar creates equal complexity to a letter
• Never use the same password for multiple sites q Don't share your passwords with anyone and don't write them down
• Update your passwords periodically, ideally every 90 days
• Use two-factor or multi-factor authentication when offered

A password manager application can help you to maintain strong unique passwords for all of your accounts. These programs can generate strong passwords for you, enter credentials automatically, and remind you to update your passwords periodically.

Tip #3 - Beware of suspicious emails and phone calls

Phishing scams are a constant threat - using various social engineering ploys, cyber-criminals will attempt to trick you into divulging personal information such as your login ID and password, banking or credit card information.

• Phishing scams can be carried out by phone, text, or through social networking sites, but most commonly by email
• Be suspicious of emails or phone calls that ask you to respond immediately with personal or financial information. Check where it came from and if there are grammatical errors
• If attachments or links in the email are unexpected or suspicious for any reason, delete the message immediately
• Malicious links can come from friends who have been infected too, so be extra careful. That friend requesting you transfer her money because she’s stuck in Bali probably isn’t true! 

Tip #4 - Update, update, update

Installing software updates for your operating system and programs is critical. Always install the latest security updates for your devices so intruders can’t take advantage of holes in security.

Turn on Automatic Updates for your operating system

Use web browsers such as Chrome or Firefox that receive frequent, automatic security updates

Make sure to keep browser plug-ins (Flash, Java, etc.) up to date

Tip #5 - Don’t use public Wi-Fi without a VPN

Don’t use public Wi-Fi without using a Virtual Private Network (VPN). With a VPN, the traffic between your device and the server is encrypted, meaning it’s much more difficult for a cybercriminal to access to your data. If you don’t have a VPN, use your mobile network.

Tip #6 - Be careful what you click

Avoid visiting unknown websites or downloading software from untrusted sources. These sites often host malware that will compromise your computer. Sensitive browsing, like banking or shopping, should only be done on a device that belongs to you on a network you trust. Don’t forget to logout of these sites when you've completed your transactions.

Tip #7 - Never leave devices unattended

The physical security of your devices is just as important as their technical security. Safely store when not in use and don’t leave unattended.

• If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it
• If you keep sensitive information on a flash drive or external hard drive, make sure to keep these locked as well
• For desktop computers, shut-down the system when not in use

Tip #8 - Protect sensitive data

Be mindful about what information you share. Don’t share confidential information outside of trusted sources.

• Keep sensitive data (e.g., credit card numbers, passport information, client credentials, etc.) off your workstation, laptop, and mobile devices
• Securely remove sensitive data files from your system when they are no longer needed
• Always use encryption when storing or transmitting sensitive data

Tip #9 - Use mobile devices safely

Considering how much we rely on our mobile devices, and how susceptible they are to attack, you'll want to make sure you are protected:

• Use a strong mobile passcode (not your birthdate or bank PIN) - and never leave it in public
• Only install apps from trusted sources
• Use Apple's ‘Find my iPhone’ or the Android Device Manager tools to help prevent loss or theft
• Never use public USB charging stations - cybercriminals can modify those USB connections to install malware on your phone or download data without your knowledge

Tip #10 - Back up your data

Backup your data regularly using iCloud or enabling backup and sync from Android. If you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and re-install the system.

Here are some additional tips to help keep you safe and secure online:

• Use smart devices safely in your home by applying the same tips, just like a smartphone, laptop or PC, smart devices can be hacked to leave your data and privacy at risk
• Use a firewall, Mac and Windows have basic desktop firewalls as part of their operating system that can help protect your computer from external attacks
• Be conscientious of what you plug into your computer as flash drives and even other smartphones can contain malware
• Be careful of what you share on social networking sites
• Monitor your accounts for suspicious activity

Allstate Cyber Safety for Kids

My passion for cybersecurity led to my involvement in the award-winning Allstate Cyber Safety for Kids program/ The program involves cybersecurity professionals delivering an interactive session on how to stay safe online to children ages 5-9.

For further information, including how to book a session for your school or community group visit allstate.com/cybersafetyforkids

This article first appeared in the Women in Tech special edition of the Sync NI magazine. You can download a FREE copy here.