Three Quick Tips For Better Security Practices

Watch for the HTTPS padlock, the benefit of password vaults and looking out for keyloggers

better cyber security

HTTPS Encryption

Encryption is one of the most complex and difficult to understand aspects of cyber security. However there are certain aspects of encryption that all users should be familiar with, particularly when it comes to the web browser.

Make a habit of checking your web browser for the following before you enter any sensitive information:

  1. The ‘S’ in HTTPS stands for security. All modern web browsers feature some sort of padlock or the word Secure, usually in green to show the user the currently viewed page is protected by up-to-date encryption mechanisms;
  2. A red padlock accompanying the HTTPS should be met with caution. This suggests the use of outdated or cryptographically weak protocols are in use;
  3. No padlock at all, HTTP (without the S) is entirely unencrypted and insecure. Never submit personal, banking or username and password information to an HTTP only site.

Use a Password Vault

Too many passwords to remember? Consider implementing a password vault. 

Passwords are the bane of many people’s lives and sooner or later, users resort to writing them down. Who can blame them when they have to remember so many? Still, there are bad methods of storing passwords – writing them in an unencrypted text file, and truly awful methods – writing them on a Post-it note and sticking it to the underside of a keyboard.

Opinions differ wildly on the usage of password vaults (all your eggs in one basket?) but I would argue if a significant proportion of your user base is already writing down passwords somewhere it makes sense to make that somewhere as secure as possible.

You may also like: The Problem With Passwords

Beware of the Keylogger

Check your workstation regularly for keyloggers.

So, your password is 20 characters long. It’s a combination of numbers, upper and lowercase letters and has eight special characters? Unfortunately, a hardware keylogger – a small USB device which is plugged in line with your keyboard - can capture every keystroke you make, store reams of input and even transmit it wirelessly to an attacker.

This innocent looking and inexpensive device can bring even the most robust security system to their knees.

Take a minute once a week and check there is nothing plugged in between your keyboard and the computer’s USB port. Better yet, go to Amazon and Ebay and grab pictures of the more common keyloggers available and post pictures of them around the office.

Protect yourself and your business from cyber security threats with XQ Assurance.