The payments industry knows all too well that falling prey to a cybercriminal can happen in an instant. And when that happens, companies often look to security experts for guidance. But don’t you wonder what they do to keep their data – and that of their own company – safe online?
Google wondered, too. And, according a report in The Guardian, Google recently did a research study to compare the rules that 200+ security experts follow to keep their data safe online, as well as 300 non-experts to see how those behaviors differ.
So what advice do the experts have to help us all improve the ways we protect ourselves online? And what steps can companies take to start behaving like pros as we continue to increase our use of the Internet?
SAY “YES” TO UPDATES
Researchers found out a lot of users tend to ignore the (sometimes pushy) notifications for installing software updates. They are often bundled with other unwanted features, it can be difficult to access the true value and the need to update installs can often be confusing, especially when companies are working as part of a big organization and may be unsure as to whether the offers to update “are legit.”
But those in the know seem to echo the same message when it comes to installing updates: Just do it. The research showed installing updates was the most commonly practiced behavior among the experts to stay safer online, and it also was revealed to be the place where experts and general users differed the most.
According to the report, 35 percent of experts mentioned installing updates, while only 2 percent of non-experts could say the same. Just 2 percent of experts mentioned automatic updates as one of the Top 3 things they do to better protect themselves online, while no users surveyed even mentioned it.
DON’T IGNORE ANTIVIRUS SOFTWARE, SORT OF
But the experts say it’s also not a good idea to put all your security eggs in the antivirus software basket. While the preventative measure is used by the majority of experts, they make it clear antivirus software has its drawbacks. Experts noted “AV is simple to use, but less effective than installing updates,” and that the software “is good at detecting everyday/common malware. But nothing that’s slightly sophisticated.”
Antivirus software was shown to be more favored by non-expert users, 70 percent of those participants thought using it was likely to be “very effective,” with reportedly more than 80 percent of them saying they had it installed.
UNIQUE PASSWORDS ARE KEY
Creating “strong” passwords, which contain a good mix of letters, case, numbers and symbols, tend to be what most of us prioritize, but for experts, making sure a password is unique is more important. Picking passwords that are unique landed in the Top 3 online safety tips of 25 percent of the experts surveyed, as opposed to the 18 percent who claimed to look more toward stronger passwords.
And we all know the consequences when that does not happen.
Target is still paying for the massive data breach that took place within its systems back in 2013, which compromised 40 million payment cards and personal details for 70 million customers. It all came down to a password, which a cybercrimal was able to decipher and eventually launch a devastating point-of-sale malware attack.
WHILE YOU’RE AT IT, USE A PASSWORD MANAGER
What do security experts do with all the unique passwords they create? Let a password manager handle the hard work of keeping track of them. The study shows that more than three times as many experts than non-experts actually take advantage of password managers for their online security needs.
“Password managers change the whole calculus, because they make it possible to have both strong and unique passwords,” cited one cyber professional. According to the research, the experts surveyed were four times more likely to name password managers as one of the most significant best practices they use online.
But many of the survey participants flat out said they didn’t trust password managers for reasons such as the ramifications if they are hacked and software flaws and bugs. Despite some reasons for concerns, many of the cyber experts held tightly to the belief that using a password manager was still a better strategy than trying to juggle all of the passwords on your own.
KEEP WEB BROWSING SECURE
Avoiding unknown websites as a way to stay safe online was one practice non-expert and experts seemed to agree on — but also one that both appear to make exceptions to, as only about 7 percent of non-experts and 1 percent of experts said they never visited sites they did not know. Additionally, 4 percent of non-experts said they only provide personal information to trusted websites.
Roughly 21 percent of non-expert users said staying away from unknown websites was an important security measure, with one respondent explaining, “visiting websites you’ve heard of doesn’t mean they are completely safe, but there is a higher chance of this.”
The biggest takeaway here is to be aware of the secure connection protocol HTTPS when visiting any website that is unfamiliar. This point made the list as the third most stated online safety practice among the experts.
EVERYONE MAKES MISTAKES
One fact that rang true in Google’s research is that nobody is perfect when it comes to online security, especially because not all security experts practice what they preach. One of the cyber pros surveyed admitted to clicking on links in emails from unfamiliar senders – a likely way to expose a system to phishing emails and targeted malware – despite the fact he specifically advises his mother not to do so. When it comes to online security, being aware of the threats out there, while also following security guidance and best practices, is the safest bet.
“I never really found a way of giving more precise advice for people who are not technical on what is really safe and what is not,” one security expert confessed, noting that for the sake of keeping things simple, just following advice is always the best thing to do.