Prepare to Be Amazed: Experience Unprecedented Security X

Resources

Discovery, analysis and cybersecurity intelligence

CYBER SECURITY IN INSTITUTIONS – 2

CYBER SECURITY IN INSTITUTIONS – 2
1 June 2023 Phishup Editor

The continuation of our cyber security in institutions-1 we shared in the previous article.

MATTERS TO BE CONSIDERED TO ENSURE CYBERSECURITY

  • Run Anti-virus Software:

The software detects the most recent protection threat (virus) and removes it from the hard drive, preventing a virus from propagating on the system.

  • Keep Your Device Clean
  • Keep security software up-to-date: Have the latest security software, web browser and operating system; it provides the best defense against viruses, malware and other online threats.
  • Automate software updates: Many software programs connect and update automatically to guard against known risks. Turn on automatic updates if it’s an available option.
  • Protect all devices connected to the Internet: Computers, smartphones, game consoles and other web-enabled devices also need protection against viruses and malware.
  • Plug and scan: USBs and other external devices can be infected with viruses and malware. Use your security software to scan these devices and be careful not to use them without scanning.
  • Get a Firewall: gives people more control over their own devices and attacks against the business’s computer network can be prevented.
  • Create Original Passwords:

Unique passwords will prevent computers from being accessed by unauthorized persons.

Password has an important place in information security. Weak passwords can be solved in a short time with password cracking programs. For this reason, it is necessary to take the utmost care by considering the following rules when creating and using passwords on all devices and accounts.

  • Passwords must be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.
  • Password field should not be left blank or default, which could create a security vulnerability; 123456, Ankara06, qwerty, password etc. it should not be determined in such a way that it is predictable and easily broken like words that can be found in any dictionary.
  • Passwords should not contain personal information (your child’s name, date of birth or institution name).
  • Different passwords should be created for different systems and accounts. Passwords should be changed frequently (at least every 6 months).
  • Passwords should not be written in places that can be noticed by other people (such as leaving them next to the computer by writing on paper) and should not be stored in clear text without encryption on the computer or in any digital medium.
  • No one should share their password (e-mail password, e-signature password, PC password, etc.) with another person. He should know that all legal responsibility that may arise in case of sharing will belong to him.
  • Unique account, unique password: Having a separate password for each account helps thwart cybercriminals. At the very least, separate your work and personal accounts and make sure your critical accounts have the strongest passwords.
  • Remember and keep it safe: Strong passwords are difficult to create and remember. Set your passwords in a way that is meaningful and memorable only to you, or keep them in a safe place and format. Alternatively, you can use a service like a password manager to keep track of your passwords.
  • Make a VPN Connection to the Company Network

When connecting to the company with a VPN from a place outside the business (from home or outside), a secure connection is established in the cyber environment. However, if you leave the computer while you are logged in, malicious people who can take over that computer can access the files and resources of the business and cause various damages. Business employees must ensure that they lock their screens when they leave their computers.

  • Protect Your Personal Information

Lock your session: Strengthen your online accounts by activating the strongest authentication tools available, such as biometrics (a person’s measurable biological traces), security keys, or a unique one-time code generated by an application tool on your mobile device. Your usernames and passwords may not be sufficient to protect accounts such as e-mail, banking and social media.

  • Connect Carefully
  • When in doubt, delete it: Links in emails, social media messages, and online advertising are tools cybercriminals use to steal your personal information. Even if you know the source, delete anything that looks suspicious. Hover over the link (but don’t click) to make sure the URL is the same as the link shown, oftentimes cybercriminals will replace a link pointing to a malicious address with the link shown. Many malicious domains whose domain looks similar to the legitimate domain will be noticed upon close inspection. Instead of clicking the link in an email message, type the web address directly into your web browser.
  • Be aware of Wi-Fi hotspots: Adjust security settings on your device to limit who can access your device. Be careful not to use public wireless networks as much as possible, and if you need to, make sure that the address line of the web pages you access is https.
  • Protect your money: Make sure the site is secure while banking and shopping. Try to find web addresses that start with “https://”. A secure connection icon means that the site has taken extra measures to secure your information. Web addresses starting with “http://” do not provide secure connections.
  • Be Web Wise
  • Think before you act: Beware and skeptical of messages that ask you to take action right away, offer offers that are too good to be true, or request personal information. Before you open the attachment or click the link, stop and think.
  • Back up: Make copies of your valuable work, files, photos and other digital data and store them securely.
  • Personal information is like money. Give value. Protect: Information about you, such as purchase history or your current location, is just as valuable as money. Be mindful of who receives this information and how it is collected through apps and websites.
  • Be aware of what is being shared: Adjust the privacy and security settings on web services and devices for information sharing to the level you are comfortable with. It’s good to define and limit how and with whom you share information.
  • Share mindfully: Think before posting about yourself and others online. Think about who can see your post and how it might be used now and in the future.