Cybersecurity

Let's assume for a moment you have received a message. Perhaps it was an email, but it might have been a text (SMS) message or something on Signal or WhatsApp or some other chat platform. The message has a link in it, something sounding urgent (or perhaps not) but it has a link to click (or touch) either important or urgent or enticing... so what now...

Cyber-criminals frequently purchase domains that look very similar or are common typos for real sites to trick you. Using a bookmark ensures you always go to the real site.

Giving a Presentation? When you share your entire screen you risk accidentally sharing incidental information that you never intended to share with the people on the video call. Instead share the specific application you actually want people to see.

QR codes have become mainstream (finally) and so we see them everywhere. Unfortunately, cyber-criminals are also looking to abuse QR codes to take advantage of placing too much trust in them. QR codes, by their nature encode information. This may be a link to a web site but it also may be code that joins you to a WiFi network, downloading an app, verifying information, creating a contact, sending an email or message, or dialing a phone number. Blindly scanning a QR code can be dangerous - think before you scan!

Imagine this situation, you're in the middle of something important... perhaps a meeting or a lunch out and your phone just keeps constantly sending you "push" notifications asking you to approve a login. (Push notifications typically come from some sort of app on your phone like Duo or your banking app) It's becoming really annoying because they just won't stop! The only problem is, you're not trying to login to anything right now. What do you do now?

The benefit of enabling multi-factor authentication is that even if someone manages to get your username (which in many cases is your email address) and your password, they still don't have enough information to access your account and since the 2nd factor is ideally something that you have in your possession or are (a bio-metric) such things are very difficult from a criminal to get!

For the most part we can all easily understand the importance of securing our usernames and passwords. However it can be easy to overlook all the other information that can sometimes be used to access our accounts. From your email and birth date to sometimes seemingly innocent reference numbers. It's just as important to secure this information as it is to secure your password.

If you follow the rather important good practice of having a unique password for every account. You will immediately be challenged by the sheer number of different credentials that will be needed to authenticate with all these accounts. With these many hundreds of credentials (passwords etc...) you wind up with in our modern lives, password vaults/managers are effectively an essential. They also provide a host of other useful features. In fact, once you get used to having one it will usually save you so much time, you'll wonder how you ever lived without one.

One of the single most important good cybersecurity habits is to use a unique password for every different account. While the concept is simple, the idea of using a unique password for every single account may seem daunting if you have never done it before. Keep reading for more information about why this is so important and how to do it without breaking your brain!

Knowing what to do when something goes wrong can be just as important as working to prevent it. Anyone who has ever worked in any sort of first responder role (medical, fire fighting, or in my case Search and Rescue) will be familiar with the idea of following a well practiced protocol as a means to take appropriate action when an incident occurs. One of these protocols called SAPP (Stop Assess Plan Proceed) is just as applicable to a cyber security incident as it might be in the search and rescue context.