Online Security | Web Tips
Does online security really matter?
In a near completely digital world, nothing is completely safe from bad actors online. But that doesn’t mean you give up on security, it means you double down!
In today’s digital world, online security is more important than ever. Whether you’re managing a personal blog or running a business, securing your online presence is crucial. If your data is compromised, it can lead to identity theft, financial loss, and even the hijacking of your online accounts.
What Are the Risks, Really?
The more you learn about online security, the more you realise it is not secure.
If you think the warnings of cyber-security experts around the world are overblown, think again! From stealing your identity and holding your entire computer to ransom, to releasing your bank details and even stealing all your social media accounts, there are thousands of ways bad actors can use your data and devices against you.
But it Won’t Happen to Me!
The reality is, a lot of people’s details are already accessible on the dark web.
Statistically speaking, you’ve probably used the free WiFi at a cafe where someone hid a device the size of a cookie capable of pretending to be the Cafe network, letting you connect to it before broadcasting every keystroke you make to the owner of the device.
And you’ve definitely left your browser open with all your passwords saved inside it, easy prey for anyone who wants to remotely or physically access it and nab all your passwords in one 10 second swoop.
The point is, none of us are 100% safe online. Sure, some are safer than others, but when globally trading companies and major government servers are getting attacked every second day, then it’s likely you’re not doing enough to protect yourself.
Right! So What Should I Protect and How?
Unfortunately, there’s no silver bullet here. Nothing we or anyone else can tell you to do will ever make you fully safe from online attacks. But there are simple and quick measures you can take today that will lessen your chance of a hack.
Let’s split this into two categories: Personal & Work.
If, like many of our clients, you run a WordPress website for work, there are a few very simple steps you can take to help mitigate security risks on your site:
- Get the WordFence WordPress Plugin – this plugin automatically scans for malware, blocks nefarious IPs and offers Two Factor Authentication for logging in. We install this on all of our clients managed sites.
- Make sure you have an SSL Certificate for your domain – If you don’t see a lock icon next to your URL in the address bar, chances are you need to ask your hosting company about getting your SSL certificate validated.
- Disable Comments – a quick and easy security tip, make sure you disable WordPress comments. Unless you really need them, they’re just a magnet for spam that could lead your users into phishing scams or worse.
- Backup your data – You don’t want to find you are completely reliant on your hacked website when you are meant to be trading for the day. Make sure you have backed up your data on separate disconnected Hard Drives and make sure your hosting company offers server restorations like we do at MOG.
- Tighten your login security – This is a no-brainer! Turn on Two-Factor Authentication, make sure there are not heaps of users in your WordPress account, manage the hierarchy so that you are the only one with Admin access and ensure your passwords are at least 10 characters long, full of symbols and meaningless.
This leads us nicely onto the personal side of things; which, if we’re honest, can never really be separated from your work online.
Here is where managing your devices, passwords and general digital literacy come into play.
Let’s jump straight into our tips:
- Get a Password Manager – It might seem annoying, but it takes less than 10 minutes to set up and it will save you from ever having to remember passwords again, which means you can use much more robust passwords! Our recommendation is the open source app Bitwarden, it’s free, it works on all devices or in any browser, all you have to do is memorise your master password to access all your others.
- Update your Software – We are all guilty of clicking ‘Remind Me Tomorrow’, but the fact is the longer you take to update your computer and apps, the more vulnerable to hacks they become.
- Use a VPN – Apart from getting the latest streaming content from any country in the world, VPNs actually mask your IP Address, making it harder for bad actors to steal your credentials and harvest your data.
- Look for the lock – Again if you are visiting a website, make sure it has the lock icon next to the URL. If it doesn’t, it might not be a secure website, whether the owners are aware or not.
- Get Antivirus Software – This almost goes without saying. It doesn’t always work but it’s worth having some software on your side, scanning for malware and providing a solid firewall. Our recommendation as of 2024 is BitDefender, we would not recommend Kaspersky.
- Backup your data – Just like above, relying on all your sensitive data being on your computer could end up in tragedy one day. In a pinch, you can even use paper and a pen to backup your most sensitive details, it’s better than losing it all!
- Take your time – Nothing online should be rushed, that’s a golden rule! If anyone or anything is making you feel pressured to hurry up and click on something, or give over your details, just stop and think it through.
These are simply some starting guidelines, rather than a complete overview, we suggest if you’re looking for more resources heading over to the Australian Signals Directorate Cyber Security website.
Thanks for reading, we hope this MOG Blog has been helpful to you in some way!