Unit 2: Self-directed learning – Threats in the cyber world
Tips for personal security
Tips for personal security section aims to raise awareness on general security issues to reduce the levels of attacks and also to reduce vulnerability by taking some personal security precautions. Therefore, it provides guidelines and practical advice on safety, security, and protection to individuals and organisations.
- Awareness andpersonal digital hygiene
Since people’s interaction with the digital world has increased, and cyber risks and threats are omnipresent, improved cybersecurity has become a necessity for all individuals and organisations upon the digital networks. These bring the awareness and personal digital hygiene tips -which are based on Bamrungchok’s (n.d.) digital hygiene guide- and encourage all actors to perform routine-based digital practices to minimise their encounter with cyber risks.
These digital hygiene tips include:
- The use of Two-Factor Authentication (TFA), Multi-Factor Authentication (MFA) and Third-Party Authenticator (TPA) Practices
TestMatick (2018) & Cipher (n.d.) supported that such authenticator services add additional layers of security and protection to the standard password method of online identification. Through the utilisation of a Two-Factor Authentication, an internet user gains an additional method of authentication such as a Personal Identification Code, another password, or even fingerprint. With Multi-Factor Authentication (MFA), internet users enter more than two additional authentication methods after entering their username and password. A Third-Party Authenticator application enables two-factor authentication, usually by generating a random code on a different device and/or service (e.g., on smartphone or email account), which users are prompted to subsequently add on the website they attempt to gain access to. All these platforms provide authentication and identification to users, by using their media accounts.
- Password policies
Password policies set and design rules to enhance security awareness, computer security, as well as encourage users to employ strong passwords and use them properly. Jithukrishnan (2022) presents some key points of those rules: