Security awareness

Organization’s end-users (I intend some users whose careers are not included in security field) can partially behave unsecured risky ways without security knowledge. It needs to create Security Awareness Environment as organizations to prevent insider risks of end-users.
‍‍‍‍‍‍
In this article, I will share about Daily Security Best Practices for end-users.
‍‍‍‍‍‍
Best Practices
1.Safely Manage Your Password
•It is not suitable using the same password in our every account.
• Users should use 9 or above characters in a password.
It is difficult to use Bruteforce attack for hackers to guess our passwords which totally contain three types such as Alphabets, Numbers and Special characters. For example, instead of using simple password like admin with all small characters, we should use @dMin1 which totally contain special character, small and big characters and numbers.
• Please don’t share your passwords with our friendly persons.
• Please keep your long passwords in a safe place.
If some people who might forget their long passwords and write down on papers, please keep this password paper in a safe place which cannot easily see by other people.
• Use Password Manager.
We use many passwords such as Email, Facebook, PC and Fileserver Passwords in our daily routine. Using Password Manager software makes us easy to mange our passwords as it can keep all our passwords in one place securely. We need to remember the only Password Manager’s password without remembering every single password.
You can download Free Password Manger in this following link: keepass.info/download.html
‍‍‍‍‍‍
2.Safely Manage Your Email Account
• We should categorize our business mails with sub-category based on projects and work types. If so, we can easily check our mails anytime.
• We should notice some untrusted mails sent by hackers.
If we find an email sending from untrusted source, please be aware clicking on attached link or downloading file inserted by hackers and providing username and passwords into hacker’s fake website link.
• If we suspect this is untrusted mail, it is a better way to forward this mail to security analyst in our office.
‍‍‍‍‍‍
3.Secure Your Computer
• Please lock out your computer if you go out for a while from using computer. If your OS is window, you can use Win key+L to lock out your computer.
• Always update your Operating System vulnerabilities with patches provided by vendors. By the way of updating with patches, we make attackers difficult to exploit our OS vulnerabilities.
• Use commercial Antivirus software to protect from virus.
• Always enable personal firewall built-in our Window or Linux Operating Systems to filter some incoming malicious traffic.
‍‍‍‍‍‍
4.Protect the data You are handling
• Users should use encryption method to prevent breaching of important personal or office data files. We can use BitLocker software to encrypt data in our PC.
• Regularly make backup for your important data. If we accidently delete or attacked by ransomware our valued data, we can get these data back from another data source.
‍‍‍‍‍‍
5.Don’t share sensitive data while using Public Free Wi-fi
• Please stop using sensitive data such as mobile banking, Facebook login and file sharing while they’re using public free Wi-fi. Hackers can also be in the same network with us. They usually use Wi-fi hacking tools such as NetStumbler and Aircrack-ng and then get Wi-fi users’ data.
• If we need to share our data urgently with free Wi-fi and we also do not have phone bill, it is a better way to use VPN software to protect our data.
‍‍‍‍‍‍
Conclusion
By following these best practices as I described above, end-users can partially protect breaching of their personal or office data.

Don’t forget to share this post!