Cyber security may seem like a concern that is meant for only large corporations or telecom giants, but that could not be further from the truth. To put it simply, cyber security is about protecting your sensitive data from unauthorised access, theft, or damage.
In today’s highly connected world, almost everyone has some form of online account, making it essential to know how to protect one’s digital identity.
Knowing how to protect one’s online accounts is not restricted to individuals but also to small or medium businesses.
So how can you stay protected? Here is a practical checklist for individuals and small-to-medium businesses based on expert suggestions:
Cyber security checklist for individuals
Use strong, unique passwords
Strong passwords play a big part in cyber security. It is always best to not use the same password for multiple online accounts. For generating a strong password, some of the pointers that one can follow is to have a combination of letters, numbers and special characters. Even better if you can alternate between capital letters and small letters.
A quick pro-tip: ‘password’ is not a good password
Enable Two-Step Verification (Multi-Factor Authentication)
Add an extra layer of security to all your important accounts by enabling two-factor or multi-factor authentication wherever possible. You will be able to find the option in the app settings.
What this means is that, for example, after entering the password, you will have to enter a verification code sent to your mail or phone.
Be cautious with email attachments and links
Avoid clicking on any links or downloading attachments from links or emails that you are not sure of. It is important to verify where the link or email came from.
Be cautious about the personal information you share online
Cyber criminals often exploit publicly available details to carry out social engineering attacks where they pretend to be someone you know, your employer, or a company you’ve interacted with. Always think twice before sharing information on social media or other online platforms.
Avoid using public wifi for sensitive activities
When handling sensitive information, such as online banking, avoid using public wifi or shared hotspots. Instead, use your mobile data connection or, if possible, set up and use a virtual private network (VPN) for added security.
Exercise caution when using AI tools
Before uploading sensitive or confidential information to AI tools such as ChatGPT or Claude, think of the potential risks. Avoid using untrusted or unsecured platforms, check their policies to understand how your data might be shared, and be mindful of the types of information you share with these tools.
Use encryption for sensitive information
Encrypt personal files and sensitive communications to protect them from unauthorised access. For example, you can set a password for your document in Microsoft Word by selecting “Encrypt with Password” under the “Info” tab in the “File” menu. This ensures only people with the password can open or modify the file.
Stay informed about cyber security threats
Keep up with cyber security news and trends to know what types of attacks are becoming common. You can do this by subscribing to news articles on scams.
Cyber security checklist for small and medium businesses
Much of the advice for individuals also applies to business owners. But there are other things you should keep in mind when it’s not just your personal data that’s at stake.
Evaluate how long to keep information
Determine how long to retain information and data and assess if it’s valuable for the organisation. For example, an accounting firm may retain client tax records for five years, but delete older records no longer relevant to current business.
Remove unnecessary information and data
Remove information that no longer serves a purpose to reduce the risk of exposure during a breach. For example, retail businesses should periodically delete outdated customer email lists.
Keep software and systems up to date
Keep all systems, applications and devices updated. Software may contain vulnerabilities that cyber criminals can exploit, and updates are a way to patch these up and keep your systems secure.
Keep an eye on who can access what
Limit access to information based on roles within the organisation. For example, at an accounting firm, only the relevant employees should have access to the financial records of its clients, and they should be protected with multi-factor authentication.
Have reliable data backup procedures
Regularly back up essential data to a secure location. Having reliable backups allows for recovery in the event of data loss or ransomware attacks.
Conduct regular security audits
Regularly audit systems and networks to identify vulnerabilities. For example, an accounting firm that stores sensitive client data like financial records should conduct quarterly security audits to ensure the data stays safe and nobody has gained illicit access.
Train employees on cyber security best practices
Employees play a significant role in cyber security. Regular training can help them recognise phishing emails, suspicious links and other tactics used by cyber criminals.
Create an incident response plan
Develop a response plan for cyber security incidents that outlines the steps to take in case of a cyber incident or breach. If something happens, having a plan in place will help you react quickly and efficiently.
Consider investing in cyber security insurance
Cyber insurance can help mitigate the financial fallout from a breach, covering aspects like data restoration, legal fees and public relations efforts.
In a world where almost everything is connected, protecting your digital presence is no longer optional, it is essential.
Cyber threats are becoming more evolved, and no one is too small or too insignificant to be targeted. Whether you are securing your personal accounts or safeguarding your business data, consistent awareness and proactive precautions make all the difference.
Cyber security is not just a one-time effort but it is a continuous practice of caution, learning, and awareness. Your first line of defence against cyber threats is yourself.
(With inputs from The Conversation)
