With more and more businesses committing to a full online experience, cyber-security is more important than ever. Every 30 seconds, 1.2 million dollars is moved through purchasing and selling online. And each transaction is a weak point for penetration testers to try and exploit.
The amount of personal data that crosses over the same lines is magnitudes larger than the cash transactions mentioned above. So with each step outside, you are becoming subject to such attacks every day. When your phone pings off any cell tower, it’s leaving you open to signal interception multiple times.
These are inherent weaknesses that are designed into the current networking infrastructure just to make sure it works. That’s because at the time they were developed, they weren’t really weaknesses but actually considered features of the software.
Until a new system is designed, the average consumer must be aware of security cyber tactics that they can adopt under their daily cell phone usage policies. Here are five just to get you started, but please independently research this information after you read the following 5 foundations.
Wear a Real Watch
The less times you move the cellphone the better. And as you know, we often take out our phones just to see the time of day. So right now, usually I’d be taking my phone out just to see that it’s 8:04pm.
And each time your phone goes from sleep to awake, it starts to look for nearby connections. Your phone is doing this because it’s trying to make life easier on you, to speed up connection sessions that usually take up a lot of memory and time.
But if it’s in sleep mode, it’s pretty much default on all phones to not actively seek out connections. So the more you leave your phone asleep during the day, the less unsolicited connections you will subjected to. And a way to make that happen is by wearing a watch, because you will utilize your phone less since you know longer need it for such things as exact time, day, month, date, etc.
Connect to a VPN
Connecting to a VPN will ensure your network connections are as secure as possible. That’s because a connection is first sent to your VPN, before it makes any other requests. Usually, the connection would happen like your phone’s antenna looks for the nearest router, makes a request to the router, and from the router to the website, and then the website returns back to you through the reverse process.
But with a VPN the only connection your phone makes is to your VPN. Everything else is managed directly by the VPN. So instead of having 10 different points of weaknesses for each website request, you only have one. And that connection is sure to be encrypted. So really, there’s zero points of weakness, but any connection is really considered a weakness, so it’s considered one.
Don’t Use a Enterprise Password Manager
The password managers that reside within your browser are the most targeted password caches on the internet today. That’s because it’s just plain-text list of your usernames and passwords all in one place. Also, the password manager companies fund a lot of bug bounties, therefore incentivizing the act of penetration testing against their specific products. So old exploits and new can be compared, and then combined to make a zero day exploitation and sell on the black market for way more money than the companies could ever reward responsible disclosures.
And lot’s of times the data dumps that actually make it to the public arena are reported months after a substantial data breach. So instead always keep a rotation of three to four passwords within your mind, that can be applied based on the applications importance. For example, my Linux user password is different than the root user.
So I’ll take the root password apply it to my bank account, and then use my sudo password in order to login into Facebook, Twitter, etc.
And I’ll use the last most common password I had in the rotation in other places for purposes of familiarity. I update the passwords once every month to ensure that they are in always in rotation. I do this because leaving your whole password list in one place will make an easy target for cyber criminals, since it’s considered a jackpot.
Stay Up To Date With Current Tech Trends
Making sure you have the most recent information available to you that concerns your devices, is a key step in keeping yourself safe. So following good news sources about tech is a great way to stay ahead of the curve. So articles like these are great ways for you to see what security flaws are making the headlines.
Paying attention to the news in general, a little each day, will allow you to make sure no massive security breaches or mandatory updates that you are unaware of. And the more up-to-date information you receive, the quicker and better you’ll be at installing security updates that put your data at risk. Good sources of information about tech are very easy to find, so most of them are pretty informational. Just pick a source you like, and monitor it for breaking news and headlines.
Turning your WiFi off at night.
Your Wi-Fi will have to be on pretty much all day since society has become pretty dependent on mobile devices. Browsing the web, developing websites, answering emails, writing blogs, and watching YouTube all happens over Wi-Fi.
But at night if you live alone or if you have a timer on your WiFi, setting the timer to disconnect itself when you are asleep is a good way to cut down on unnecessary connections.
The less times your phone exchanges information, the less vulnerable your information becomes.
Many common routers today offer this feature as a default, but make sure to use it if you don’t already. With more direct control of the Wi-Fi you have, the more you can stay on top of your network as a whole, since you will be constantly in touch with your wifi network.
These five tips can apply to small networks like the ones in your home, or they can be applied to large international companies, because they are effective and easily implemented by the end user. It’s a common sense approach to encapsulating very complex issues that every average day user might not be aware of, and those subjects for discussion are out of the scope of this article. For more information in-depth security practices, make sure to visit OWASP and study their content.