In the ever-evolving digital landscape, protecting your online presence from cyber threats has become a paramount concern.
In a press conference on Jan. 27, 2021, Police Commissioner Raymond Siu reported that the Hong Kong Police had observed a 24 percent year-on-year increase in scams, receiving 19,249 cases. Just last month, almost 900 Hong Kong people were victims of data breaches after fraudsters hijacked the WhatsApp accounts of social services and schools, according to The Office of the Privacy Commissioner for Personal Data. In addition, according to the South China Morning Post, in September 2023, institutions such as the Hong Kong Consumer Council and the Hong Kong Cyberport fell victim to hackers. To address these security threats, safeguarding digital accounts and data should be seen as a top priority, whereby it is prudent to take systematic steps to mitigate the risks of getting hacked. Nevertheless, protecting your accounts can be a time-consuming and potentially frustrating process. Here is a comprehensive five-step guide to bolster your personal and corporate online security:
1. Enable Multi-Factor Authentication
“Multi-factor authentication is a simple yet effective way to add an extra layer of protection on sensitive information in my professional and personal life”, says Rudy Chan, Co-founder of Cloudbreakr, an influential artificial intelligent powered marketing firm. As a first step forward, it is thus recommended that multi-factor authentication (MFA) is used to secure critical accounts that contain personal information or sensitive office data, such as from messaging apps, social media, documents and email. Most often, a security number is generated by an encrypted phone app that offers a greater level of security in comparison to traditional SMS codes. However, an even higher level of security can be achieved with physical MFA ‘security keys’, such as Yubico which are used by many leading technology firms.
2. Employ a Password Management Tool
“In 2023, weak passwords like “password” or “12345” no longer cut it,” laughs Chan. Strengthen your online security by creating long unique passwords that incorporate a variety of character types. In addition, avoid using the same password for multiple websites and accounts. “Your Facebook password shouldn’t be the same as your online banking one; your personal email login details shouldn’t be the same as your office [email] login details”, says Tony, a junior IT staff at a Hong Kong-based university, who requested to remain anonymous. A reliable solution is to employ a password manager, such as LastPass or KeePass, which generates and securely stores robust passwords. In addition, a password manager can simplify password sharing among team members, change passwords regularly, and encrypt sensitive information, enhancing data security. Besides enhancing security, password managers eliminate the headache of remembering multiple passwords.
3. Utilize Anti-Phishing Toolbars
Phishing attacks are deceptive attempts by cybercriminals to trick individuals into revealing sensitive information, often through impersonation. Hackers exploit our inclination to act quickly, often with urgent demands or false claims. It is thus crucial to resist the impulse to hastily click on email or text message links, recognizing these as potential phishing attacks. A relatively reliable solution is to employ anti-phishing toolbars, such as Avira Browser Safety or Phish Protection to automatically identify and block malicious websites in real-time. For example, many universities have established an anti-phishing filtering system, that notifies students and staff, via email of a potential error or hack. “As there is a lot of sensitive information and there are a lot of people in a university, it’s like our online superhero, stopping accidents before they even happen”, explains Tony.
4. Keep Everything Updated
Potential security vulnerabilities can lurk in all digital devices, including smartphone apps and your office automation system. A simple yet often overlooked security measure is to regularly download software updates, which include enhanced security features to patch vulnerabilities. “Our university updates various software, such as spyware and anti-virus systems, every week, month and year. We are also continuously adding new security protocols and tools to our system to ensure maximum security,” explains Tony.
5. Use Data Encryption
Encrypting files and communications adds an extra layer of security to computer systems. Hence, it is not surprising that encryption software has gained prominence in safeguarding sensitive communications, including personal data. End-to-end encrypted messaging services can also be used to secure messages, photos, videos, and voice calls by default. Also, applications, such as Signal and WhatsApp allow for disappearing messages for added security. Furthermore, email security providers like ProtonMail offer additional encryption options and burner email accounts to safeguard your communication. Additionally, in the event of a security breach, encryption of files on your devices minimizes the risk of data being compromised. “With our company working with valuable data, encrypting communication and login credentials to access sensitive data reduces the chances of a system breach or the possibility of human error”, Chan says.
Feature image: Hanna Vanharanta