Online Risk and Information Security

How do I stay safe online?

At The International Risk Podcast, we are regularly asked by senior leaders about online safety and security risks.  Most people know that the internet can be a high-risk environment for individuals and companies, and it is not just the banking and finance sector that faces serious risks.  Hackers, thieves, spammers, and other threat actors are all looking everywhere for opportunities to obtain a financial advantage or simply wreak havoc. One of several steps to a proper defense is having a VPN on your phone and computer.  Understanding and protecting yourself against current and emerging cyber risks is a big and daunting task.  In order to have the right information and sufficient risk mitigation measures in place, you need to be constantly monitoring the risk environment, or employing an IT and cyber-security consultant to support and advise you. Information technology security and electronic information security is so important and we all need to do everything we can to stay safe from online risks.

Is using a private browser sufficient security?

Many of the most popular internet browsers allow private browsing including Google’s Incognito mode, Firefox’s Private Browsing, and Microsoft Edge’s InPrivate.  In these private browsers your search history, pages visited, and cookies should not be stored.  This does not however stop your internet service provider from storing this data.  Other third parties can also access information about your activities even when in private browsing mode.  That is why having a VPN is so important. Private browsing will not protect you, your computer, or your company from viruses, malware, or hackers.  Fraud, theft, and other crimes including loss of financial data and passwords can still occur on private browsers. A Virtual Private Network (VPN) is essential because it encrypts your identity online and makes it harder – though not impossible – for third parties to steal your information.

What is a VPN?

A VPN hides your computer or phone’s IP address by redirecting your activities via a specially configured remote server operated by the VPN host.  This makes it impossible for the ISP or other third parties to track your activities online.  Importantly, the VPN should encrypt cookies and your computer’s IP address.  Additionally, if your VPN drops or fails, you can set it that you are automatically disconnected from wifi until the VPN is restored.

Remember though, that this is just one essential tool in your defense against cyber risks.  A VPN will not protect you against malware, spyware, trojans, and viruses.

What should I consider to counter cybersecurity risks?

There are multiple information technology security considerations that should be considered depending on whether you are a private individual or a company.  These include:

• Disaster recovery and business continuity
• Application security
• Vendor access security
• Network security
• Reliability and consistency of data assets and protection mechanisms
• End-user knowledge (human use of and access to information and data)

Some of the most common and yet still most effective ways to counter security risks are:

1. Use a respected anti-virus software
2. Ensure your software and operating systems (phones and computers) are updated regularly to ensure you always have the latest security patches
3. Use strong passwords that are at least 12 characters in length and contain letters, numbers, and characters.
4. Use two-factor authentication (password and code sent to your phone) for proper log in security.
5. Never open attachments or click on links from unknown senders.
6. Avoid using public wifi networks and never do so unless you have a VPN and an active anti-virus software.

Proper planning and consideration of the risk environment is essential to ensure successful business continuity.  If you are interested in learning more about information security risks, subscribe to our Podcast.