2 minute read

Privacy and security always start from the personal level. While it is the organizations’ responsibility to keep your data safe and secure, you need to ensure no one else can access your account by having unauthorized access.

This post will briefly point out the best practices to keep your information private, secure, and safe. You can consider the tips as a checklist in your daily life.

Machine Safety

  1. Keep computers up-to-date with security updates or patches.
  2. Keep anti-malware programs updated all the time.
  3. Log out of devices when not in use.

Information Safety

  1. Backup files on a regular basis.
  2. Using strong password or a familiar password management tool.
  3. Always use two-factor authentication or any other multi-step verification.
  4. Log out from social media accounts in public devices.
  5. Avoid storing SSN, credit card information, or other sensitive information on individual computers.

Password Management

  1. Password should be at least 8 characters long.
  2. Should contain the combination of upper case, lower case, numbers, and special characters.
  3. A long phrase or sentence can be used as these are easier to remember and usually are longer.
  4. Should change your passwords every few months (typically 4-6 months). This method works well against bruteforce or dictionary attacks.
  5. Use different passwords for different accounts.
  6. Avoid using names, mobile numbers, birth year, or other identifyable personal information within a password.

Email Security

  1. Avoid opening attachments sent by unknown senders.
  2. Avoid replying to the spam messages.
  3. Make sure the sender has an official contact information that you can verify.
  4. Never put username or passwords even if you accidentally clicked on a phishing link. Remember, companies will never ask for username, used emails, passwords, or any other account related information (e.g., security questions).
  5. Verify the websites certificate (secure sites use SSL/TLS and the URL contains https:// rather than containing http://).

Avoid Remote Social Engineering

  1. Avoid receiving calls from SPAM/unknown numbers unless you use that number for business purpose. You can use a good spam filter.
  2. Never share SSN with anyone.
  3. Never share account information with unknown numbers. Companies or service centers will never ask for account password, security questions, or other access tokens.
  4. Always ask for contact information, designation for verification. You can also ask for ID.
  5. Always double-check the email address and mobile number of the sender.
  6. Don’t go too fast. Wait and think carefully before speaking out any personal details.

Please let me know if I have missed any point. In the future posts, I will talk more details regarding everyday security.

Leave a comment