Great article by our Chief Information Security Office David Willett, on the importance of remaining vigilant and maintaining our cyber hygiene, especially when working remotely.
In 2021, all organisations and individuals are exposed to constant cyber-hygiene in daily life. Passwords, logins and four-digit codes are required to access all sorts of information, from the sensitive to the seemingly mundane.
While the evolution of the totally digital world in which we now live has presented more conveniences and efficiencies than we’d never dreamed of – it has also created issues and increased risk.
For me and my role, this means I cannot afford to be too trusting – even with my closest colleagues. We can be trusting – but mixing that with a healthy level of paranoia, in this digital world, is best practice.
Of course, I trust my colleagues’ integrity, but as an individual or an organisation, you can have all the right safeguards in place, but you are only ever one mouse-click away from catastrophic consequences. Staying alert is even more critical in the COVID-19 climate, with changing work environments and the constant stream of information that is hitting each of us each day.
Both at work and in my everyday life – I exercise a healthy level of paranoia when it comes to all things digital. At what seems like a simple starting point, my top tip for anyone looking to improve their cyber-hygiene is to invest in a third-party password manager that generates and stores your (unique) passwords for every account you hold and activate multi-factor authentication wherever possible. Safely controlling your information is your best defence against potential cyber-attacks.
Keeping your digital work and personal lives separate is key to practicing good cyber hygiene and I also ensure my online presence is secured. The personal attributes you publish online can all be used against you when placed in the wrong hands.
It’s important to remember that cyber-attackers are often part of complex international crime syndicates whose sole intention is to trick people into providing personal information, and often find information to use against you. There’s no shame in being “tricked” – I have been there. In fact, it’s the very reason I started to take an interest in cyber security and, is probably why I am where I am today.
A long time ago, prior to starting my career in cyber-security, I once gave up my PayPal account details to a cyber-attacker. I managed to mitigate the issue by immediately recognising my mistake – but it was enough for me to wake up to the very real danger an easy mistake can lead to. Cyber-attackers have incredibly sophisticated systems they use to gather information, and it can happen to anybody.
My mantra at PEXA is that best practice is really shared accountability, and that security obligations must be adhered to by everyone to level the playing field and ensure we remain safe. It might sound extreme, but reinforcing the importance of remaining ever-vigilant really is key. You can never assume someone is who they say they are online – unless you verify.
We know the benefits of being able to work remotely and stay connected digitally across various devices are significant – but this flexibility must not compromise security. A tune I will forever sing!