Meistri 16, Tallinn, Estonia
24/5
info@lucreds.com

Simple security tips

for Everyone

Lucreds helps you to prevent cyber attacks by detecting weak links on your web application

and help you to fix them before some evil-intentioned bad actor does it for you.

Smartphones

Nowadays smartphones have become an integral part of our lives. They contain more information about us than we know ourselves. We must stay cautious and protect our information from bad actors.

Having an encrypted phone means that your data will not be readable to anyone when your phone is powered down and even if a copy is made of your phone data, it won’t be readable without your code. This requires using a pin or passphrase to unlock your device, which might seem like a lot of work at first; but it’s worth it, and you will get used to it.

Change your settings so your phone locks immediately after sleep, and immediately after you press the power button. While this doesn’t encrypt your phone (it’s always unencrypted while it’s on, especially on Android), it will prevent anyone from accessing and using your apps.

Prevent your SMS apps from showing the full text of a message while the phone is locked. No one should be able to read your communications with friends, or two-factor auth codes, without opening the app first.

Set a PIN to control access to your SIM data and cellular network use. A SIM card may still be unlocked by your carrier, but locking it locally protects against people who grab your card from you. Note that when you first start this process, you will first need to enter the default passcode that is etched into your SIM before you can enter your desired passcode. You may not know what that default passcode is, and risk locking your SIM card after 3 incorrect attempts. So, before you start to set up SIM card lock, do a quick search online for the default PIN for your carrier. For example, Verizon’s default PIN is 1111.

Use strong passphrases, two-factor authentication, different passwords for different accounts with the help of a password manager.

Take the time to properly lock-down the account you have with your mobile carrier. Some people think of it as an afterthought, but it’s alarmingly easy for anyone to take over your phone number, SIM card, and eventually, all mobile communications if such accounts aren’t secured. Visit your provider’s website to create a strong passphrase and/and back-up PIN for your account. Then call your provider and have a representative put a “Security Notice” on your account, saying something to the effect of “No one can make any changes to my account unless they give you the passphrase/PIN first.”

Keep a list of all the accounts that are important to you. Having a list of accounts that need to be addressed in the event of compromise will save you time and worry.

Frequently delete your browsing history from your web browsing apps via their settings. If you’re a Google services user, prune (or better yet, disable) your “Web and Web Activity”. iPhone users must prevent messaging apps from syncing data to iCloud. We know it might seem scary, but unlinking your phone and mac computers from iCloud is the best way to protect your data from prying eyes. Journalists, activists, and concerned citizens usually want to sync photos and videos to the cloud as soon as they take them, and that’s OK! However, consider using another cloud-based service that gives you more control over how, when, and where you sync your data — something better than iCloud.

Tips by Freedom Press

 

Remote Working

As more employees work from home, basic security measures need to be taken to protect the individual and enterprise from cyber criminals who are taking advantage of lax telework security practices.

Cyber criminals are taking advantage of people seeking information on COVID-19. They are distributing malware campaigns that impersonate organizations like WHO, CDC, and other reputable sources by asking you to click on links or download outbreak maps. Slow down. Don’t click. Go directly to a reputable website to access the content.

Create long and unique passphrases for all accounts and use multi-factor authentication (MFA) wherever possible. MFA will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-time code sent to your phone or mobile device.

So your company devices are on their own WiFi network, and your personal devices are on their own

Keep devices with you at all times or stored in a secure location when not in use. Set auto log-out if you walk away from your computer and forget to log out.

Only the approved user should use the device (family and friends should not use a work-issued device).

To collaborate and complete your tasks. Don’t substitute your preferred tools with ones that have been vetted by the company’s security team.

Before connecting to your corporate network, be sure that all internet-connected devices ‒including PCs, smartphones and tablets ‒ are running the most current versions of software. Updates include important changes that improve the performance and security of your devices.