On Computer Security Day, Laurie Doyle from Defra group Security explains the steps we can all take to protect our data. This is particularly important during the upcoming festive season, when many of us are likely to be shopping for gifts online.
The security of our personal information is important 365 days a year, but Computer Security Day is a good reminder to all of us to take the right steps in securing our devices. With the National Cyber Security Centre (NCSC) reporting an estimated 64% increase in cyber attacks during 2023, knowing how to protect yourself and your data is essential.
Online shopping has enjoyed exponential growth in recent years, with the United Kingdom boasting the most advanced e-commerce market in Europe. In 2023, we are expected to have nearly 60 million e-commerce users meaning the majority of people now choose to buy online.
A consequence of this growth is that online shopping has become the norm for UK shoppers and it’s vital that we take steps to protect ourselves and our data from the risks that come from participating in the e-commerce world.
Things to think about
There are lots of ways to enhance the security of our devices, many of which we do without thinking. Why not try making a list of all the ones you remember? You might be surprised at how many you already know.
Below, I’ve included some ideas on how to protect your devices, some of which you may not have considered before.
- Antivirus software. Alongside a firewall, installing antivirus and anti-malware software is an effective way of protecting your computer. Antivirus software helps to detect, quarantine, and delete malware to keep it from damaging your device. This software is often built into Windows and Apple operating systems and should automatically update, but it’s important to check this in the settings. This useful guidance from the NCSC explains what antivirus software is and how to use it.
- Passwords. When it comes to protecting your accounts, passwords are a major line of defence. In my previous post on cyber security threats, I discussed how a weak password can be cracked in seconds. The NCSC recommends using three random words to create a strong password, while avoiding common options such as ‘password’ or ‘ABC123’. Adding multi-factor authentication (MFA) to your account is also a great way to protect your data.
- Phishing. Phishing is a common cyber threat, where an attacker contacts you via email, text, or over the phone with the aim of convincing you to give up your personal information. They may pose as a trusted organisation, such as a bank, and claim you must click on the link provided to avoid a fine or to maintain access to your account. They often rely on eliciting a sense of urgency so that their victims don’t take the time to examine their correspondence too closely. The NCSC has some very useful information on how to spot and report phishing attempts.
- Back up your data. Backing up your data is a key method of protecting it. Attackers often aim to steal or damage data, which can leave you without essential information. Creating regular backups helps to mitigate this risk, with the NCSC recommending a 3-2-1 approach: 3 copies stored on 2 devices, with 1 offsite backup. This means that if one copy is compromised, you should still have a version you can recover your data from. It’s also useful to have an offline or cloud-based backup available for extra security.
- Be wary of removable media. Removable media, such as USB devices, are a simple way for an attacker to target your data. These devices may contain malicious software and connecting them to your computer can result in viruses being installed. To mitigate this, it’s important to avoid using USBs you may have been given for free and to take precautions, such as disabling options to autorun programmes from a USB. More information about these risks can be found on the NCSC page about using peripherals securely.
- Keep your software up to date. Keeping the software on your devices up to date is an effective way of mitigating attacks. Updates often fix known vulnerabilities in software through the installation of security patches. These often install automatically, but it’s important to keep an eye on your devices and apps to make sure they aren’t out of date. Find out more about how to keep your software up to date.
- Be aware of your surroundings. Even back in 2018, 77% of adults were using portable devices to access the internet and now, with a rise in hybrid and remote working, it’s essential to be aware of what data you’re accessing and where. One of the key methods to keep your devices secure on the go is to be aware of your surroundings. Ensure no one is looking over your shoulder when you input passwords or access sensitive information and consider a privacy screen protector if you regularly use your devices in public spaces.
These are just some of the steps you can take to keep your devices secure. This Computer Security Day is a great chance to review the ways we all currently protect our data, and to consider whether the ideas listed here might be useful when shopping this festive season.
Laurie Doyle is a Junior Security Analyst in the Defra Security Academy, and a co-chair of the Defra Digital Data and Technology Services Shadow Executive Board.
Computer Security Day was first marked in 1988, when technological progress brought new concerns about privacy and security, and is dedicated to helping keep our online data safe and secure. In addition to higher levels of hacking and viruses, many of us use our computers to access our banks and buy from businesses, leading to more data being at risk. Computer Security Day is a good opportunity to check your computer’s security settings are as tight as possible, ensure that your data in the cloud is safe, and to create strong passwords for your accounts.
Check out our LinkedIn page for all the latest blog posts and job openings. While you're there, why not give us a follow.