Passwords, Patch and Prepare

Improve your online security today!

From banking to shopping, social media, streaming sports and entertainment, people are spending more time than ever online.

This means more opportunities for cyber criminals to carry out cyber attacks. They often do this by targeting people through:

  • Hacking people through social engineering, e.g. phishing emails.
  • Hacking weak passwords.
  • Exploiting device vulnerabilities or security weaknesses.
  • Malware - software that can damage your device or let a hacker in.

If cyber criminals get access to your device or accounts, they could steal your money, or your personal information or launch attacks on others by pretending to be you.  Be prepared to respond and prevent a cyber attack by following the mantra passwords, patch and prepare and by following the key actions below.

Passwords

1. Use a strong and separate password for your email

Use a strong password on your main online accounts

Strong passwords are important for all of your user accounts.  A strong password will make it much harder for any hacker to guess or attempt to crack your password to gain access to your online accounts and services.  

Use a strong and separate password for your email account, if a cyber criminal gets into your email account, they could:

  • reset your other account passwords.
  • access information you have saved about yourself or your business.

2. Create strong passwords using 3 random words

A good way to create strong, memorable passwords is by using 3 random words. Do not use words that can be guessed (like your pet’s name). You can include numbers and symbols if you need to.

For example, “RedPantsTree4!”

Get advice on how to set up a strong secure password from the NCSC.

3. Save your passwords

The longer and more complex your passwords will be, the more difficult it will become to try and remember these without writing them down.  Saving your password in your browser means letting your web browser (such as Chrome, Safari or Edge) remember your password for you. Alternatively, you can use a password manager to store your passwords in a secure way.

This can help by:

  • making sure you do not lose or forget your passwords.
  • easily create different passwords for all of your online accounts and services.
  • protect you against some types of cyber attack methods, such as fake websites.
  • It is much safer than using weak passwords or using the same password in more than one place

Ensure you enable a lock screen on all portable devices.

4. Turn on two-factor authentication (2FA)

two factor authentication
2FA adds an extra layer of security
Two-factor authentication (2FA) is a second layer of security that helps to stop hackers from getting into your accounts, even if they have your password.

Two Factor Authentication (2FA) or Multi-factor Authentication is now available for many online services to add an additional layer of security.  Most online banking services now have this enabled by default so you may be familiar with this process. You have to enter your normal sign in details, but then verify this with a code that is sent to you by the service provider via SMS text message for example.  2FA is now available on lots of other online services such as email and social media, so if this is available, make sure you enable it.

Setting up two-factor authentication (2FA) - NCSC.GOV.UK

Patch

5. Update your devices

Device updating
Update all devices, software and apps

Out-of-date software, apps, and operating systems contain weaknesses. This makes them easier to hack into.

Software companies fix the weaknesses by releasing updates. When you update your devices and software, this helps to keep hackers out. It could also help make your devices run better, or even provide you with new features to use. 

Keeping software up to date

Turn on automatic updates for your devices, software and apps that offer it. This will mean you do not have to remember each time an update is released.

Some devices and software need to be updated manually. You may get reminders on your phone or computer. Do not ignore these reminders. Updating will help to keep you safe online.

See the following information on how to update software and apps on the most popular operating systems:

Trusted software

Only download software from trusted sites and official app stores so you can be sure of its authenticity.  Downloading from other sources can inadvertently install malicious software on your device. Malicious software can run in the background without your knowledge and be a major security risk not just to yourself, but others who use the same network.  If a device is no longer supported by the manufacturer you should replace it with one that is fully supported.

Install the latest software and app updates - NCSC.GOV.UK

Prepare

6. Back up your data

Back up your data
Backing up your data regularly is highly recommended

It is important to be prepared for a cyber attack, and have the knowledge and information required to recover from it.  You could struggle to get back online and get back your data if you are not prepared.

Find My Device

Activate a ‘Find My Device’ service if available for any portable devices you own.  Instructions for the most popular operating systems are noted below:

Protect your data

Set up encryption on your devices. Encryption acts as a strong barrier to secure your data in case your device is lost or stolen. It essentially locks all files on the storage drive of a device, so that nobody can access any of the data on it. Microsoft and Mac operating systems use Bitlocker and Filevault respectively, while most mobile device manufacturers such as Google’s Android, and Apple’s iOS, have encryption enabled by default on their latest operating systems. 

Backup your data

If your device is lost, stolen, suffers from a virus or malware, or physically damaged by accident, what data would you lose? 

Backing up means creating a copy of your information and saving it to another device, or to cloud storage online (e.g. Google Drive, Microsoft OneDrive, or Apple iCloud). Backing up regularly means you will always have a recent version of your information saved. This will help you recover quicker if your data is lost or stolen.

You can turn on automatic backup with cloud storage providers. This will automatically save your information into cloud storage. If you back up  to a USB stick or an external hard drive, disconnect it from your computer when a backup isn’t being done.  This will prevent your backup data being stolen or damaged along with your computer.

If you’re using an online cloud storage service, make sure you use a strong password and enable 2 Factor Authentication (2FA) to add an extra level of security to your data. Reputable cloud storage providers will encrypt your data as it is being backed up and stored so it remains secure.

Practice restoring data back to a device so you know how to do this when the time comes. 

Choose the relevant link to follow the step by step guides:

The following articles provide useful advice on backing up data: 

Whilst backing up your data such as photos and documents is important, it will also be useful to know how to get the apps and software back that you were using.  Keeping a record of software license keys for software, or keeping a copy of your operating system on a backup disc or USB memory stick will prove useful if and when you may need it.

Know who to contact

Know who to contact should you need help with things like restoring a PC to factory settings, reinstalling your operating system (e.g. Microsoft Windows), or write a list of instructions for yourself to refer to should you need to. Some devices may come with documentation on how to restore a device, or some have self-help guides on their website.

  • If you are experiencing a live incident, call the PSNI on 101.  Reports to the PSNI can also be made via their website at www.psni.police.uk/makeareport.
  • If you have been a victim of a cyber incident or fraud you can contact Action Fraud on 0300 123 2040 or report online at www.actionfraud.police.uk.
  • Report phishing emails by forwarding any emails you are concerned about to report@phishing.gov.uk
  • Report suspicious text messages by forwarding to 7726

Resources

Mobile Device Security

Further information on how you can keep your mobile devices secure can be found on our Mobile Device Hub you can also download our handy pocket guide to mobile device security that is full of handy hints and tips.

Cyber Aware Action Plan

Learn how to protect yourself or your small business online with the Cyber Aware Action Plan. Answer a few questions on topics like passwords and two-factor authentication, and get a free personalised list of actions that will help you improve your cyber security.