cyber security

Basics of Information Security to Protect your Finances

How to keep your online transaction safe from hackers?
Security expert Jorge Enrique Aguayo informed us the Dos and Don’ts we must follow in Financial transaction online.

When we are in front of our desks or holding our laptops, we tend to think we are in full control of what is happening before our eyes. However, time has proven us wrong many times:

The longer you search about online hacks, the more companies you find included in the list. Hackers have managed to steal not only information but money as well; so it is important to learn some basics of information security to protect our finances. This article will help you with that.

What we are Going to Cover

In this article, we are going to cover three scopes:

First, the fact that, the more devices you have, the more devices you need to look after. If you are like me, you will have at the very least three devices: your home computer, your job computer and your mobile phone. Protecting the three of them is equally important.

Then, that having strong passwords is more than important —it is crucial. In computing, being able to log into an account does not necessarily mean you are its owner. It only means you know the password. So if your passwords are not extremely hard to guess, you may become the next victim sooner or later.

Last but not least, we will need to take a look at a couple of habits you may need to change in order to be overall safer.

Protecting your Devices

Your most vulnerable device is your mobile phone, so let’s start with it:

  • Your mobile is more susceptible to be stolen than your other devices, so it is very important to keep locked and with as little information as possible.
  • Get used to clean your tracks often: erase the chat conversations that are either too personal or already finished, and download your photos to your computer, keeping them away from your mobile.
  • Many apps require permissions that are not really necessary to work. Block them. Their creators request those permissions just because they want to make profiles of their users to sell them later. You do not need to play their game. Get into the applications settings, and block the permissions you do not want to give. It is easy, and it may safe you from some future troubles.
  • In the same fashion, be careful of what information you are sharing, with whom and what for. Read and understand what you are getting into before clicking on “I accept” or “Install.” Too many people are very careless when speaking about their mobile phones. You should not allow yourself to be one of them. You may be allowing a malicious app just because you didn’t read!
  • Never use “the cloud” for your backups. Why not? Because “the cloud” is just a fancy name of “a company’s computer!”, and that computer may eventually get hacked. Get a portable backup hard disk and save your information there instead.
  • Never engage in “online banking” through your mobile phone, period. It is not safe because your mobile is more susceptible to be stolen compared to your other devices.

Many apps require permissions that are not really necessary to work

As for your personal and work computers, similar rules apply:

  • Keep your login with a password —and not an easy password!
  • Keep your software up-to-date, and pay attention to software vulnerability news. Update quickly if you learn about any vulnerability in the software you use. (This is not that hard. They even appear on TV.)
  • Back up your information often (every day if you can, or at the very least once a week), and in more than one place (mom’s house counts). Should there be one thing that information security experts do every day and most people don’t, it is backing up their information. Do it.
  • Encrypt your disks, files, and backups. Make it extremely hard for anybody to get a copy of your files… and to open them too. This is not very hard to do either. Read a guide on how to use GNU Privacy Guard, and practice using it with your most important files. That should be enough most of the times.
  • If you need to synchronize files with your family, friends or colleagues, then take a good look at Syncthing. Dropbox may be more popular but it is not as reliable. It is just another case of “the cloud,” that is, “another company’s computer.”
  • There are many other alternatives you can use that are safer than the ones you may be used to. Give them a try. Most are free to install and use.

The main benefit of using secure applications, encryption, getting used to backing up your data, and reviewing the permissions you grant to the software you install is that you make it harder from hackers to steal your data. The harder you make it for them the more you will encourage them to forget about you and go bother someone else —which is exactly your goal.

Your Passwords

Passwords are definitely the weakest link in any information security chain, so we are going to talk a little about how to make good passwords. Don’t worry, it is not hard.

The secret to good passwords is to make them long, the longer the better. An eight-character password may be guessed by a supercomputer in just a few seconds, so it can’t be that short.

Here a few ideas:

  • Full phrases
    e.g. GoneWiththeWindisalongbook
  • Translations of words
    e.g. Flamingo,Flamenco,Flamants,Qizilqaz
  • A series of words that are not related to each other
    e.g. horsevikingCicero-bohemianrhapsody

You get the idea. If in addition you can two-step authentication in the service, do it.

Do you feel you need to change a few passwords after reading this? Add it to your to-do list.
It is extremely important.

Your Browsing Habits

If you are like most people, when you browse the Internet, you use the same web browser over and over again. You like it, you have all your bookmarks there, you are used to it.

Yet have you ever considered this could be a huge mistake? As you may already know, many websites have advertising, and advertising usually comes bundled with tracking codes. Besides, there are many websites out there that are known for tracking their users’ activities, such as Google or Facebook.

Now let me ask you something:

Are you sure you want to pay online, or to connect to your Paypal or bank account with a web browser that is full of cookies and trackers?

No, right?

Then, as you may have already guessed, it is much safer to use another web browser for your financial operations.

This small change is very meaningful when talking about financial security online. I suggest not overlooking it.

Lastly, be careful with your e-mail too. Even if you have great passwords, hackers will often try to send you a fake e-mail message aimed at stealing it. That attack is called “phishing,” and it is very common. Beware where you click. Verify the URL you visited is the one of the website you are supposed to be on. Call the organization that purportedly sent you the e-mail to verify it is real before moving forward and posting your password on it.

Don’t be their next victim.

Jorge Enrique Aguayo was born in Peru and learned about information security as part of his activities in the Internet Marketing field. Today he is in charge of marketing PitBullTax, a tax resolution software for professionals in the United States.