IT security and privacy are becoming increasingly relevant problems as we store more of our personal information and important data online, protected by tenuous passwords.
The burden of practicing proper IT security lies on the consumers and businesses who use this technology, but in many cases they make elementary mistakes which make them vulnerable to attacks.
While tech-savvy readers might be acquainted with password vaults, two-factor authentication, and biometric authentication, the average consumer still uses a single weak password to secure everything from their social media account to their online banking profile.
It is these people who are most vulnerable to attack, and many businesses are also vulnerable for similar reasons.
MyBroadband spoke to Kaspersky Lab Africa managing director Riaan Badenhorst about the most common IT security blunders committed by consumers and businesses which put them at risk, and how to fix these issues.
Badenhorst said people need to understand that hackers are always on the lookout for new targets and can come up with devious ways of procuring your information.
The first thing people can do is keep things more private, he said.
“Marketers love to know all about you, and so do hackers. Both can learn a lot from your browsing and what you post on your social media networks,” he said.
“As such, make sure you change your social media network settings to ‘friends only’ or ‘my contacts’, as keeping them to ‘public’ may likely attract hackers to steal your profile picture, information on about ‘you’ sections, and a create a fake account.”
He also likened browsing less savoury areas of the Internet to walking through dangerous neighbourhoods, advising caution against visiting them.
“Cybercriminals use striking content as bait. They know people are sometimes tempted by such content and may let their guard down when searching for it.”
“The Internet has a good and a bad side, filled with hard-to-see pitfalls, where one careless click could expose personal data or infect your device with malware.”
Badenhorst advised users to check if their Internet connection is secure – especially when using public Wi-Fi – and to pay attention to what they download or click on while browsing the Internet.
Lastly, he also said that many people simply do not protect their data well enough.
“Strong passwords are critical and should be changed frequently,” Badenhorst said.
“Additionally, while it’s really convenient to keep your credit card number and billing address stored in every website you use to shop for things online, don’t do this as a safety precaution.”
“Security breaches of websites are disturbingly common, so rather play it safe.” he advised.
“It’ll be worth the extra minute it takes to add that information each time you check out.”
“It is surprising when businesses perceive security measures as an afterthought considering how dangerous it is to operate a business in an environment that is embracing digital advancements,” Badenhorst added.
He noted that a business should always have sight of who has access to their network and pay attention to any unusual activity.
“Employees must be trained to never click on suspicious links and always guard their login credentials, even at the office or at home,” he added.
“Remember that all the technological gadgets and defense mechanisms mean next to nothing if you don’t know how to use them.”
Another major mistake businesses make is not testing their security systems.
“It is crucial for companies to run random security tests to check if there are any loopholes in their company security.” A good reaction strategy is also important to minimise the effect of an attack, Badenhorst said.
“In our experience, businesses tend to spend 80% of their security budgets on trying to prevent security breaches, which means that only 20% is then spent on predicting, detecting, and responding to attacks.”
“So, it is critical to devise this strategy with your IT specialist so that you remain prepared at all times,” he said.