Our Top 10 IT Security Tips for the Private User!

M.Sc. Chris Wojzechowski

Our Top 10 IT Security Tips for the Private User!

We have compiled the Top 10 IT Security Tips for you. The demand seems to be bigger than ever. Numerous data leaks and hacks, which already took place in 2019, confirm this. We have collected ideas and broken them down to the most important ones. Even if it requires some work, it’s worth it. Your privacy will be protected in 2019.

Our Top 10 IT Security Tips!

Work through our Top 10 IT Security Tips step by step. Some of the points are done quickly. Maybe you already fulfill some of them? So much the better!

  1. Renew, manage and maintain your passwords!

If you use passwords like “password”, “qwerty”, “12345678”, “iloveyou” it’s time to change them. It will take an attacker just a few minutes to check password like this. Chose a strong password, but the one you can memorize. Do not use the same password and keep them securely and do not share it with others. The multiple use of passwords is also critical. Multiple email and password combinations are quickly tested on different websites. This is fully automated. We have already looked at a tool for this in the past.

Also, even if you use a strong password for a long time you may consider changing it. If someone has to manage many passwords, we recommend a password safe at this point. For example, KeePass is a free open source solution!

  1. As much software as necessary, as little as possible – with update!

Updated software with fixed bugs and vulnerabilities is more secure to use, it decreases hackers’ chances for a successful attack. Even if fast updates can cause problems, we advise you to install them as soon as possible. In the private sector, you are responsible for this yourself. Outdated software is one of the biggest security risks on the net.

  1. Data that is private should remain private!

Do not share personal and sensitive information via social media. Miscellaneous information should not be shared. By being aware of the information you are posted and shared with. It is not very wise to publish photos of your passport, driver’s license or official documents, bank cards, tickets. If you nevertheless feel the need to share this information, you should carefully black out all personal information.

  1. Be prepared, create backup, feel secure!

Be prepared. It’s always better to have a backup of valuable data if your data is blocked, deleted or otherwise destroyed by ransomware attacks. Cloud storage is a solution. Make sure you use secure services.

Classic backup is still a good way to get access to unrecoverable files. All you need is an external hard drive. This should be slightly larger than the hard disk in the computer. Another important point: Only connect the hard disk as long as necessary! In the case of a Ransomware attack, the external hard disk would otherwise also be encrypted.

  1. Let a third eye look at it – Install antivirus software!

An antivirus software helps to protect the operating system against viruses and malware. Modern antivirus software has additional features such as secure browsing, protection of sensitive files, secure password storage and webcam espionage detection, which also increases your cyber security.

Windows 10’s on-board resources are sufficient for simple protection against malware. This is also confirmed by current tests – Windows Defender comes with sufficient protection. Only with the already mentioned additional features does a paid solution make sense!

  1. E-mails are the gateway for attackers. Detect Phishing and Detect and Avoid Other Attacks.

You have received an email with an attachment or link from an unknown address – be aware that this could be an attempt to hack your device and install software to spy on you.

Even antivirus software is not a panacea. Stay suspicious, don’t click on unknown attachments, and only click on links if you can’t help it.

  1. Avoid unprotected websites

The encrypted connection of data is slowly becoming the standard on the Internet. But occasionally you come across sites that do not offer this encryption. Everyone can recognize it by the “HTTPS” or “HTTP”.

If the S is missing, the data is transmitted in plain text over the Internet – a good opportunity for criminals to intercept and abuse this data. Modern phishing sites also rely on encrypted connections. It does not mean that the website is serious!

  1. Avoid public unsecured public networks

In the city, in the café or at the train station. There are many places where free WLAN is welcome. But you should be sceptical if you don’t need any information to log in. Attackers can use sniffing tools to access data-transmitted, unprotected channels.

If you need the WLAN, e.g. if you are travelling abroad and your own SIM card does not work, you should reduce the data traffic to the bare minimum.

  1. Check and maintain your settings

The settings of the operating system, the software used or established services change regularly. New functions are added, others are deleted, some are merged.

All this leads to the fact that settings are no longer set as I would agree with them. For this reason, the settings should be checked regularly,

  1. Use virtual private network and be more secure on the go!

A VPN tunnel encrypts the incoming and outgoing data traffic. It is more difficult to identify and track people. However, you should choose a trusted VPN to ensure secure and encrypted communication. We have provided a selection.

Don’t forget cyber security is a constant process, not a condition that can be achieved and will have forever. Hackers never sleep and come up with new schemes but following those rules will give them fewer chances to succeed.

Photo of author

M.Sc. Chris Wojzechowski

My name is Chris Wojzechowski and I studied my Master in Internet Security in Gelsenkirchen a few years ago. I am one of two managing directors of AWARE7 GmbH and a trained IT Risk Manager, IT-Grundschutz practitioner (TÜV) and possess the test procedure competence for § 8a BSIG. Our bread and butter business is performing penetration testing. We are also committed to promoting a broad understanding of IT security in Europe, which is why we offer the majority of our products free of charge.