Five Measures for Your Cyber security
1. Translate Security Answers to Another Language
Many times, security questions such as “What is your favorite book?” are much easier to break than passwords because they are susceptible to social engineering. Consider translating your answers to another language by using free online translation tools. Switching this up can serve to deter a hacker who may assume you’re sticking to only one language.
2. Start Passwords with a Space
Many modern password cracking tools, like Cain & Abel, do not take spaces into account simply because they aren’t common in passwords. Adding one to your password can throw off complex hacking software. Spaces carry other benefits, too. If you need to write your password down, only you will know a space is also needed at the front or end of it.
3. Don’t Depend on Just AES 256 Encryption
With just a few clicks, AES 256 encryption allows anyone using a PC or Mac to encrypt their files and protect them with a password. That said, there are holes, because AES 256 encryption is only as strong as the master password being used for the encryption. For example, if no randomness is used on data encrypted with AES 256, it is susceptible to the TLS CBC IV attack.
4. Do not use NTLM if the Underlying Protocol is Insecure
If you are accessing a site via HTTP or FTP — both protocols for exchanging files over the internet — never enter your credentials in a Windows authentication popup. Unlike HTTP or FTP, HTTPS and SFTP ensure data being sent from the host computer to the receiver isn’t available in plain text. HTTPS and SFTP ensure the entire transmission is encrypted, so no outside eyes can access usernames and passwords.
4. Do not use NTLM if the Underlying Protocol is Insecure
If you are accessing a site via HTTP or FTP — both protocols for exchanging files over the internet — never enter your credentials in a Windows authentication popup. Unlike HTTP or FTP, HTTPS and SFTP ensure data being sent from the host computer to the receiver isn’t available in plain text. HTTPS and SFTP ensure the entire transmission is encrypted, so no outside eyes can access usernames and passwords.
5. Use Drive Encryption Software
Use drive encryption software such as BitLocker on all machines. Even if you format your hard drive, sensitive data can easily be recovered from a machine if it is lost or stolen. Drive encryption software is a simple way to prevent this from happening, because it encrypts every bit of data on a storage volume.
0 comments:
Post a Comment