Unfortunately, there is no such thing as 100% security. In both the analog world and the digital world, there is always minimal risk somewhere. Of course, that doesn’t mean you should simply forego your security. We have put together a series of tips that you can use to strengthen your online security or that you should simply consider.

You may know the cliché you once heard at a family gathering or at the café counter: “Oh, if she If you want to be inside, strike she inside.” Although clichés often contain a grain of truth, in this case we would like to add some nuance to this statement.

It’s true that security is never 100% and completely impenetrable. But you don’t open your front door wide either, because it doesn’t matter anyway. We have put together a series of tips and suggestions for your digital security.

Public Wi-Fi networks and hotspots

We recently published a whole article about it, but there’s nothing wrong with an additional warning. Public Wi-Fi networks may seem like a quick and convenient solution when you don’t have access to mobile data, but they are not without risks.

Networks without registration are particularly vulnerable. Hackers can easily carry out an attack, install ransomware and steal data through such a network. Only connect to networks that you really trust and certainly not those that require registration.

Another reason to avoid unsecured public networks like the plague is that hackers can easily set one up themselves. In this hectic world, it’s easy to be convinced that you’re finding a network somewhere and clicking on “TeelenetFree” can’t do any harm, can it? The message is always to be careful.

And this also applies to someone else’s mobile hotspot. Only use those from someone you trust. That one unknown, friendly person at the conference offering you a network may have more evil in mind than you first think.

Regular checks

Is that recognizable? You are busy at work, in the zone and in the corner of your eye suddenly this pop-up appears: whether you might want to run a virus scan. Annoyed, you click away the annoying box; you’ll do that next time. And so on and so on.

Before you know it, you’ve already gone through X number of security scans and a few updates and your device is suddenly at a much greater risk than it should be. Therefore, run a scan regularly, especially if your system suggests it. It never takes long and you feel a little more comfortable.

Outdated software

We could have easily copied the intro from the previous tip here and it would undoubtedly be recognizable. On both mobile devices and desktop computers, the question always arises as to whether you want to update later or not. How often do you just click or swipe that so it’s no longer visible? For many people, the answer is undoubtedly “more often than is correct.”

Providers don’t send these messages for free. These updates often also include patches for possible vulnerabilities and upgrades to your security systems. If an update is available, it is best to do it as soon as possible. Yes, it can sometimes take a few minutes and leave you twiddling your thumbs for a while, but it’s better than having your entire system fail permanently.

Free programs

Most goods and services cost money. This is an established fact and a logical given in a commercial world. For something that appears to be free, you often pay in other ways.

Free VPNs and antivirus programs are a good example of this. Chances are, they are full of adware that will bombard you with unwanted advertisements when you use these “free” programs. It can even go so far that such advertising makes a dangerous connection with a free VPN that turns the world upside down.

Another way these programs make money from you is by selling your data. Free program providers often have a commercial agreement with a third party that wants to know where you browse and what products interest you. For example, a Czech company was sued in the Netherlands at the beginning of the year.

Unknown or suspicious links

This one is so obvious that it’s a real surprise that it’s even mentioned. And yet many people still get caught. The human link remains a vulnerable part of the security chain. We don’t want to know how many IT teams are still disappointed in their colleagues after another test email was sent with a fake link.

However, this is no longer done exclusively via email. Anyone who has an account on various social media knows that a lot of attempts are made there via private messages. This usually comes in the form of sexually explicit messages or enthusiastic promotion of a digital currency that is too good to ignore. No, this is not really a young lady who wants to get to know you better by sending you a few photos and the only thing new AwesomeCoin You will bring bad luck.

Even messaging apps such as WhatsApp or the tried and tested SMS are not spared. Just think of the now classic message from your son or daughter whose phone is broken and asking you for some money for a new number.

The basic rule is simple: Don’t click on an attachment or link if you don’t know or trust the source. If you are really unsure, check with the sender through another channel if possible to make sure nothing is wrong. A message via Teams, Slack or WhatsApp is sent quickly. Better safe than sorry.

HTTP sites

Back when Jeeves was still speaking, Hypertext Transfer Protocol was the standard for websites. However, this is now long out of date and these URLs are therefore extremely vulnerable to cyber attacks. The current strict minimum is an HTTPS website, where the S stands for Secure. It seems clear to us why this is the better option.

In Google Chrome you can briefly identify this connection by the lock icon to the left of the URL, but that will change at the end of the summer. Criminals have known for a long time that an HTTP page does not immediately attract many visitors, which is why most cybercriminals simply work with the default secure version. There are other ways to identify shady sites, which can be found in a previously published article.

Share storage devices

USB sticks have long been the ultimate small promotional gift or the must-have for every goodie bag at an event. Such a gem often contains a file with product photos, a PDF with general company information or a digital press kit.

In such circumstances, these devices can be trusted, but of course we do not recommend against it if you handle it with particular care. However, they are now so common that people don’t always pay much attention to them. What we really advise against is picking up a USB stick lying around and using it. The chances that it was intentionally placed with malware on it are simply too great to take the risk.

What you rarely come across in the wild are external hard drives. The same warning applies to this (and also to USB sticks) as to Wi-Fi hotspots: Only use someone else’s hotspot if you know that person and can trust them completely. It sounds like a perfectly logical thing to do, but when the need is greatest, logic and caution all too often fade into the background.

Additional layers of security

Just a username or email address and then a password is still the most common way to log in somewhere, but online often also means interesting for hackers.

So it certainly doesn’t hurt to set up one or even more security levels. For example, two or more factor authentication can be done in different ways. Some useful options are:

• Confirmation via a (second) email address
• A code sent via SMS or another communication channel
• Confirmation via your phone itself, in the notifications
• Biometric (fingerprint as an additional login method)
• A code via a separate authentication app

You can also strengthen your internal processes. A top-level firewall is good, but additional layers can be added. You can opt for anti-executables, tools that ensure that unauthorized software cannot be installed. There is also software that specifically searches for known ransomware and blocks it.

Dodgy downloads

This is another point that is so obvious that it should not be mentioned here. But there is one line in these points: it is still necessary to mention it.

Sometimes you are looking for a specific online function, an app or a specific program and you cannot immediately find it through the official channels. It can be very tempting to go over that one page you came across in your search on a forum somewhere. A website that you have never seen before, but that may even offer what you are looking for completely free.

We’ll repeat ourselves again, but if it seems too good to be true, it usually is. Download it only from official websites and app stores and ignore unknown options. Can’t find what you’re looking for? Then try to find out if there is a safe and legal alternative to complete your task.

Human factor

None of this is of any use to a company if all employees at all levels do not agree with the security story. The human factor comes up again and again in articles or interviews about cybersecurity.

That’s why adequate training and education is an important and comprehensive tip. Make sure everyone who does anything online in your company knows the protocols. Is there a lot of traffic? Then do a new workout from time to time and refresh the minds of those who have been at it for a while.

The level of access to your online systems is also important. Limit it to what is necessary. For example, accounting has nothing to do with design, so it is not necessary that the employees of this team have access to these programs.

In summary

Security is simply extremely important. Criminals are increasingly (more often) investing in the latest technology to keep up, so companies can’t lag behind. Don’t underestimate possible threats and invest time and resources in your security.

If they want to be inside, there are a lot of things you can do to keep them out:

• Be careful with public and mobile Wi-Fi hotspots
• Check your security regularly
• Keep your software up to date
• Avoid unreliable free programs
• Don’t just click on a link
• Stay away from HTTP sites
• Use your own external storage devices
• Provide additional layers of your online security
• Download it from reputable websites and app stores only
• Train your employees and make them aware of cybersecurity