Awareness is Key - Minimizing Risks of Being Hacked - Enclosed a Few Important Measures (send me a note in order to get TimeCentury's Top-25):
• Educate staff, employees and suppliers about cyber security risks and create appropriate
policies and procedures (see TimeCentury: Presentación de Sensibilización y Concientización,
también Campañas de Sensibilización y Concientización).
• Do not open attachments from unknown sources.
• Implement firewall - either software firewall or if you have a small office network a hardware
firewall - and anti-virus, anti-spam, and anti-spyware tools.
• Check on the security settings of the browser (they have various security and privacy settings,
e.g. to tell websites to not track your online movements).
• Encrypt all confidential data whenever possible (computer, USB, Backup, NAS, …).
• Based on the inventory of allowed hardware and software: update regularly your operating
system and all application (especially browser, flash player, real, player, adobe acrobat, and all
others) as well as update firmware on switches, routers, firewalls, and all other hardware.
• Use complex, secure passwords (8 - 10 characters for normal users, 15 characters for admin
• Use always different passwords for different accounts (create different password for each
• Implement account lockout -> e.g. after one minute the computer automatically locks itself.
• Do not use the computer logged in as administrator or root (because in case of a hacker gets
access, he has full rights to do everything).
• Prevent installation / execution of unauthorized software (get a list of all installed programs and
delete / switch off the ones not in use).
• Secure your e-mail >convert incoming HTML content to plain text and block all file extensions
by default, except maybe the one or two you want to allow.
• Define and enforce security domains >who needs access to what?
• Use the privacy settings on all social media accounts (only the people you want to share can
see your information).
• Padlock symbol: when using online services always check there is a padlock symbol in front of
the URL, and that the web address begins "https://".
• WiFi you connect to: protect your WiFi with strong password and encryption; never use
unprotected WiFi hotspots in public places like restaurants, airports, …
• Type out web addresses, be suspicious: emails with hyperlinks, and if asked to log into an
account or provide payment details, type out the URL yourself and go directly to the legitimate
• Logout and switch off WiFi on computer when computer / Internet is not used.