Preventing From Being Hacked
Awareness is Key - Minimizing Risks of Being Hacked - Enclosed a Few Important Measures (send me a note in order to get TimeCentury's Top-25):
• Educate staff, employees and suppliers about cyber security risks and create appropriate policies and procedures (see TimeCentury: Presentación de Sensibilización y Concientización, también Campañas de Sensibilización y Concientización).
• Do not open attachments from unknown sources.
• Implement firewall - either software firewall or if you have a small office network a hardware firewall - and anti-virus, anti-spam, and anti-spyware tools.
• Check on the security settings of the browser (they have various security and privacy settings, e.g. to tell websites to not track your online movements).
• Encrypt all confidential data whenever possible (computer, USB, Backup, NAS, …).
• Based on the inventory of allowed hardware and software: update regularly your operating system and all application (especially browser, flash player, real, player, adobe acrobat, and all others) as well as update firmware on switches, routers, firewalls, and all other hardware.
• Use complex, secure passwords (8 - 10 characters for normal users, 15 characters for admin accounts).
• Use always different passwords for different accounts (create different password for each online account).
• Implement account lockout -> e.g. after one minute the computer automatically locks itself.
• Do not use the computer logged in as administrator or root (because in case of a hacker gets access, he has full rights to do everything).
• Prevent installation / execution of unauthorized software (get a list of all installed programs and delete / switch off the ones not in use).
• Secure your e-mail >convert incoming HTML content to plain text and block all file extensions by default, except maybe the one or two you want to allow.
• Define and enforce security domains >who needs access to what?
• Use the privacy settings on all social media accounts (only the people you want to share can see your information).
• Padlock symbol: when using online services always check there is a padlock symbol in front of the URL, and that the web address begins "https://".
• WiFi you connect to: protect your WiFi with strong password and encryption; never use unprotected WiFi hotspots in public places like restaurants, airports, …
• Type out web addresses, be suspicious: emails with hyperlinks, and if asked to log into an account or provide payment details, type out the URL yourself and go directly to the legitimate site.
• Logout and switch off WiFi on computer when computer / Internet is not used.