ABCs of Information Security – An Employee’s Security Awareness Guide – 2023

With ABCs of information security awareness, we can reduce the risk of losing private information, money, or reputation from cyberattacks. Here we detail the risks involved and prevention.

Information security or InfoSec describes the processes and tools designed and utilized to safeguard confidential company data against modification, interruption, destruction, and inspection.

Security awareness training must help raise awareness, change behavior, and establish a culture of security in order to reduce risk.

Increasing awareness lays the groundwork for behavioral adjustments. A culture of security is fostered by secure behaviors.

The following are the essential key aspects that must be incorporated to reduce the risk.

ABCs of Information Security Awareness

1. Always Properly Logout After Completion of Online Transaction
2. Be Careful What You Click
3. Clear Cookies and Delete Browsing History at the End of the Session and Stay Safe
4. Do not Carry Your PIN Number in Wallets Better to Memorize Your PIN 
5. Enlighten Yourself On Cyber Security Measures
6. Following the Basic Rules of Social Networking Can Prevent Damaging Your Online Relationships 
7. Giving Out Your Personal Information Online is Not Advisable
8. Help Yourself to Maintain a Positive Online Presence
9. Install Anti-virus Protection
10. Join Hands to Stop Spreading Fake News
11. Keep Software Up to Date
12. Lock Your Devices When Not in Use
13. Monitor Your Account for Any Suspicious Activity
14. Never Believe On Forward Messages, Check Source And URL
15. Only Install Apps and Software From Trusted Sources
16. Pay Extra Attention While Using Public Wifi
17. Quarantine All Unused Apps
18. Respect the Privacy of Others
19. Scan Any File Downloaded From the Internet Before Opening/ Using/ Installing
20. Turn On Automatic Updates For Your Operating System
21. Use Strong Passwords With Personal Acronym
22. Verify With Whom You Are Interacting Online
23. Watch Out For Online Scams
24. Xtra Precaution For Your Online Financial Transactions
25. Your Priority On Cyber Security Make You Cyber Aware Citizen
26. Zero Participation in Dark Web

ABCs of Information Security [Infographic]

Always Properly Logout After Completion of Online Transaction

Digital payments have evolved as a result of the advent of technology.

The country-wide use of payment systems including UPI, credit/debit cards, mobile banking, etc. have accelerated due to the COVID-19 epidemic.

Given the rise in cybersecurity breaches, it’s best to use caution while making online payments.

In ABCs of Information Security, The most important thing to remember while making an online payment is that you must log out after you are done.

Whether it’s an email account or some other account, you are more vulnerable to hacking if you don’t properly log out.

If a hacker gets access to your device, not only can they access your logged-in accounts through your device, they can hijack/steal your session so they can log into your account on other devices without knowing the password.

Hence, logging out helps prevent other users from accessing the system without verifying their credentials.

It also helps protect the current user’s access or prevent unauthorized actions on the current login session and is thus an important part of security.

Logging out ensures that user access and user credentials are safe after the login session.

Be Careful What You Click 

With the ABCs of Information Security, the most common way that criminals access personal information is by tricking people into clicking on what appear to be harmless links or attachments in emails.

In case, if you receive any unusual notifications from your bank requesting you to log into your account.

You can log in by entering the bank’s website address into the address bar of your browser.

It’s a good idea to always call your bank to verify that a message (email, SMS) you believe might be suspicious has indeed come from them.

By clicking the incorrect link, you are at risk of losing money, losing personal information, and possibly endangering your family or your business.

Generally, there are two types of URLs:

• A standard length, starting with www. Followed by the website name, ending with a .com or some other top-level domain.
• A shortened URL such as bit[.]ly/2qhKcPw

Both URLs can be perfectly safe to click on, but make sure you do your due diligence before moving forward.

Therefore, be very careful before clicking on Internet ads, social media posts, and emails. Examine the URLs.

Hover your mouse icon over the links. Don’t click on links in emails that you did not request.

Clear Cookies and Delete Browsing History at the End of the Session and Stay Safe

ABCs of Information Security, C means Cookies that are “tracking” files that websites you visit install on your system and are intended to only be accessible by the websites that created them.

Cookies are used by websites to keep track of user preferences, login status, and information about plugin activity. Cookies can be used by third parties to collect a variety of data about users across different websites.

Cookies and browsing history speed up sessions in browsers, but they could also be dangerous. For instance, hackers can obtain your personal information if they steal cookies.

Thus, you can stop websites and third parties from tracking your online activities once you remove your cookies and browsing history.

You make it exceedingly difficult for websites and other entities to recognize and monitor you by erasing your history.

Do not Carry Your PIN Number in Wallets Better to Memorize Your PIN 

PINs are used for various transactions. We require a PIN for financial transactions like withdrawing cash, swiping the card, etc. It is useful in a number of other ways to authenticate you.

For instance, you can use the PIN to stop payment of a cheque, block an account, order a new chequebook, change your address, change your phone number or email id, etc.

It’s crucial to keep the PIN secret because it gives you (or anyone who knows it) access to confidential data.

Protect it, don’t keep it in your wallet, and never write your PIN number on an ATM or debit card because criminals are aware to search for four-digit numbers written on the back of stolen cards.

The only way to securely retain a PIN is to memorize it. The following are the ways to remember your PIN.

• Find numbers that are meaningful to you
• Use bizarre imagery: uses strange or funny visuals that will help you remember your PIN
• Make a mnemonic: For example, 2275 is “two, two, seven, five.” Take the first letter of each number, which is TTSF, and create a sentence, like Two Toads Smell Funky.
• Connect numbers to people you know
• Make a word or sentence out of your PIN to remember.

Enlighten Yourself On Cyber Security Measures

Ransomware attacks were a major attack vector for both businesses and consumers. All businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks.

Businesses should use different ABCs of Information Security measures to keep their business data, their cash flow, and their customers safe online.

Organizations must make sure that their staff members are aware of potential cybersecurity dangers and how to prevent them.

Every person needs to become knowledgeable about all cyber security measures such as protecting access to critical assets, building a robust cybersecurity policy and protected network, protecting access with efficient identity management, controlling access to data and systems, putting up a firewall, employing strong passwords, make use of security software, etc.

ABCs of Information Security helps to enlighten you on cyber security and will protect you from viruses, malware, ransomware, data theft or loss due to hacking, and so on.

Following the Basic Rules of Social Networking Can Prevent Damaging Your Online Relationships 

The rules of social manners are just as important in the digital world as they are in the real world—and poor social networking can stick around to trouble you for much longer.

For instance, try to use respectful language. Using any sort of verbal abuse online can get you banned from your social groups. At a minimum, your remarks will likely be removed.

Avoid sharing irrelevant photos, posting images of drug or alcohol usage, or sharing any private information online.

These pictures and quotes are forever available for the rest of the world to view once they are posted online.

Be cautious when disclosing any details that could be used as responses to security questions on your personal accounts.

It is perfectly acceptable to unfriend someone if the relationship is beyond repair. Just don’t torture them (or yourself) with on-again-off-again connecting.

Respect the privacy of others. Further, if you aren’t sure of the facts behind an online store or social media post, check with someone who does know or can find out.

Thus, using Internet etiquette can also protect your reputation, which is helpful on both personal and professional levels.

Giving Out Your Personal Information Online is Not Advisable

Don’t disclose your personal information (name, age, address, phone number, social security number) to strangers.

Never invite a stranger to come to meet you in person or call you at your home.

Consider your actions before sending emails or making internet posts. Anyone can see what you post online.

One of your biggest risks while using the internet is disclosing personal information to people you do not directly know. 

Sharing private information is risky and should be avoided. Examples of such information include your address, phone number, family member’s names, car information, passwords, work history, credit status, social security number, birth date, school names, passport information, driver’s license information, insurance policy numbers, loan numbers, credit/debit card numbers, PIN numbers, and bank account information. 

Consider deleting your name from websites that distribute personal data gathered from public records to everyone online, including your phone number, address, social media avatars, and images.

Help Yourself to Maintain a Positive Online Presence

Online presence refers to three key things: Visibility, Credibility, and Reputation. An online presence allows clients to not only find you but to learn more about your services and your past performance.

Your profiles won’t be as effective as they could be if they’re incomplete. Every social network offers a unique chance to highlight your personality and achievements, both of which are significant for professionals. 

Utilize the benefits of each social media network you utilize to create an engaging presence there.

You can list out your job duties on social media platforms. A more effective approach is to demonstrate your capabilities and accomplishments by including links to work samples.

LinkedIn makes it easy for professionals to showcase their work by providing the option to attach work samples to their profiles.

Whether you’re sending an email to apply for a job, check in with a client, or say hello to a fellow employee, your email signature can be a powerful tool for promoting your social profiles.

Hence, using social media to enhance your online reputation is a powerful marketing strategy.

Install Anti-virus Protection

Antivirus products work by detecting, quarantining, and/or deleting malicious code, to prevent malware from causing damage to your device. Modern antivirus products update themselves automatically, to provide protection against the latest viruses and other types of malware. 

ABCs of Information Security, An antivirus product is a program designed to detect and remove viruses and other kinds of malicious software from your computer or laptop.

It’s essential that you always use antivirus software, and keep it up to date to protect your data and devices.

Antivirus software is often included for free within the operating systems that run Windows and Apple computers. If you make sure that this built-in antivirus is switched on, you’ll instantly be safer. 

Generally, new computers often come with a trial version of a separate antivirus product installed (such as McAfee, Norton, and Avast).

When you first install (or switch on) your antivirus product, run a full scan to make sure your computer is free of all known malware and make sure your antivirus software is set to receive updates automatically.

Join Hands to Stop Spreading Fake News

In casual ABCs of Information Security conversations, on social media, and in the news media, the phrase “fake news” has been used frequently. Calling anything “fake news” in a political setting is a tactic used to confuse or undermine officials and distribute false information.

Stop! Check your facts before sharing, too. Develop a critical mentality and evaluative skills. Do you know why and for what purpose this information was created?

Don’t just focus on what a website says about itself. Instead, look them up online and see what people are saying about them. This will enable you to assess the information’s accuracy.

Look for authority, accuracy, objectivity, timeliness, etc. Thus, check before you share! Take the extra few seconds to look over the source, or go read the article in full to make sure the content accurately reflects the subject and that the site is reputable.

Keep Software Up to Date

Software updates will often contain new features, fixes for bugs, and performance improvements. They will often also contain security patches and new security features, both of which it’s important to install.

In ABCs of Information Security Patches matter because they fix known flaws in products that attackers can use to compromise your devices.

All of this software needs to be kept up to date to avoid known vulnerabilities being used. Installing fixes made available by software developers to plug any security holes detected in their products.

It is more difficult for attackers to successfully compromise your devices due to improved security features. Attackers that successfully compromise your devices may steal data, encrypt your files, or even render them useless.

While many apps and gadgets can install updates automatically, sometimes the owner of the device will need help, so you should keep a watch on updates in case they stop functioning altogether.

Lock Your Devices When Not in Use

Locking your desktop when you aren’t using it is the greatest technique to prevent illegal access.

If your computer, tablet, or phone is stolen and there is no lock screen, the thief will instantly have access to all of the data on the device.

Many of your apps, such as your images and notes, normally do not require passwords or multifactor authentication, but some of your apps might.

The thief might have a field day impersonating you if you don’t check out your social media or email accounts on your devices. You should therefore set a lock screen on your device.

Most laptops, tablets, and smartphones feature a setting that enables you to speed up how quickly your device locks on its own. 

Consider how frequently and for how long you pause when using your devices. It is advisable to set the device to lock instantly after as little time as you are comfortable with.

Monitor Your Account for Any Suspicious Activity

It is recommended to keep an eye on the activity on all of your accounts. Review your bank statement and make sure there hasn’t been any purchase or debits you don’t recognize.

ABCs of Information Security, Check your trash in your email accounts, hackers will delete login notifications, but not all of them think to empty the trash as well.

If you have Amazon or something similar, check your order history and make sure there isn’t anything there you didn’t order. 

In social media, verify your DM’s and make sure there aren’t any messages there you haven’t sent. If you get spam emails, flag them so your email provider can update their information and keep your mailbox clean.

If you think someone else is signed in to your Google Account, change your password immediately. Therefore, watch what happens on all of your accounts.

Never Believe On Forward Messages, Check Source And URL

Much unverified information is posted on social media and it is advisable not to believe in such messages. People should refrain from forwarding messages without verifying them first.

Messages with the “Forwarded” label help you determine if your friend or family wrote the message or if it originally came from someone else. 

When a message is forwarded through a chain of five or more chats, meaning it’s at least five forwards away from its original sender, a double arrow icon and the “Forwarded many times” label will be displayed.

If you’re not sure who wrote the original message, double-check the facts.

Verify the URL and source to ensure it is secure. A secure URL always begins with “HTTPS” at the start instead of “HTTP”.

The extra “S” in “HTTPS” stands for “secure”, which means that the website is using a Secure Sockets Layer (SSL) Certificate.

Knowing that many users do not pay attention to details, some criminals benefit from this behavior when applying scams.

A missing letter, a typo, and, in some cases, serious grammatical errors are clear signs that the site is not secure — that it is likely a scam attempt.

In some cases, fake addresses replace characters, for example, by changing the “o” to a zero. For those in a hurry, the g0ogle.com website may be something that doesn’t even draw attention.

Fake news often goes viral, and photos, audio recordings, and videos can be edited to mislead you. Even if a message is shared many times, this doesn’t make it true.

If you receive information that’s fake, inform the sender that they sent you incorrect information and recommend they verify messages before sharing them.

Only Install Apps and Software From Trusted Sources

Before downloading an app, conduct research to ensure the app is legitimate. Checking the legitimacy of an app may include such things as checking reviews, confirming the legitimacy of the app store, and comparing the app sponsor’s official website with the app store link to confirm consistency. 

ABCs of Information Security, Many apps from untrusted sources contain malware that once installed can steal information, install viruses, and cause harm to your phone’s contents. 

There are also apps that warn you if any security risks exist on your phone. Be cautious of links you receive in email and text messages that might trick you into installing apps from third-party or unknown sources.

Pay Extra Attention While Using Public Wifi

Wi-Fi hotspots in coffee shops, libraries, airports, hotels, universities, and other public places are convenient, but often they’re not secure.

If you connect to a Wi-Fi network and send information through websites or mobile apps, someone else might be able to see it.

When you’re at home, you can take steps to keep your home wireless network secure — like using a strong router password, limiting what devices can get onto your network, and turning on encryption, etc. 

But when you’re using your coffee shop’s Wi-Fi, there’s not a lot you can do to control its network security.

New hacking tools, available for free online, make this easy, even for users with limited technical know-how.

Your personal information, private documents, contacts, family photos, and even your login credentials could be up for grabs.

Many public Wi-Fi networks such as in airports and hotels will also prompt you to install a “digital certificate” to use their internet.

They may do this to scan your traffic for malware — but this also allows them to read your traffic, even if it’s to a site using HTTPS (which encrypts information).

Use your mobile data instead of Wi-Fi if you’re on the go, can’t access a secure website, and don’t have VPN encryption.

Since it can be difficult to determine whether an app is encrypted, this is a useful alternative when entering personal information into it.

Quarantine All Unused Apps

Remove unnecessary (unused) applications from the device. This increases overall performance, decreases clutter, and will focus on what is pertinent.

Unwanted apps may not be as disturbing but they can be more harmful by not only taking up precious storage space but by impacting performance, reliability, and – potentially – your phone’s security.

Games, in particular, typically take up a lot of space. If you downloaded a trendy game and played it for a while, it’s still sitting there taking up space.

You can easily see which apps are taking up the most storage space right from the Google Play Store. From there, you can uninstall apps in bulk and take back some of your storage space for photos, videos, and other stuff.

Respect the Privacy of Others

It’s important to respect people’s privacy in ABCs of Information Security. It is rude to disregard someone’s desires if they have a valid cause to keep something private unless there is a compelling reason to do otherwise.

Protecting privacy is the key to ensuring human dignity, safety, and self-determination. It allows individuals freely develop their own personalities.

Privacy protects the information we do not want to be shared publicly (such as health or personal finances). Privacy helps protect our physical safety (if our real-time location data is private).

Respecting privacy is critically important for businesses dealing with sensitive customer data.

Scan Any File Downloaded From the Internet Before Opening/ Using/ Installing

First, you can scan the file with the antivirus software that’s installed on your PC without having to scan your entire computer.

Another smart way to ensure that suspicious files are free of viruses is to analyze their download link before clicking the download button. 

There are many online malware analysis tools available that you can use to scan files; VirusTotal is the most recommended.

Turn On Automatic Updates For Your Operating System

Software updates improve the security of your devices. They help fix security flaws or vulnerabilities that have been found in your device’s software. 

Cybercriminals and malware can use these vulnerabilities to access your device or personal information. New vulnerabilities are discovered and fixed all the time, so install updates regularly to keep your devices secure.

Turning on automatic updates is the easiest way to keep your device up-to-date and secure. Automatic updates are a “set and forget” feature that installs updates as soon as they are available.

If your operating system or other software is no longer receiving updates, you should consider upgrading to a newer version or switching to an alternative product to stay secure.

By default, Windows updates your operating system automatically. However, you can change when Windows installs your updates, allowing you to keep working without interruption.

Use Strong Passwords With Personal Acronym

Security experts advise using acronyms to remember passwords. They say using the first letters of a sentence makes remembering passwords easy while also enhancing security.

It may be an acronym for a personal objective, which would motivate when utilized. Iwl10k—I will lose 10 kgs—might be a password if one’s objective is to lose weight, for instance.

Certainly, this strategy can be employed anywhere a password is required and set the right tone for each login.

Verify With Whom You Are Interacting Online

Online communication can be risky when you meet new individuals. Because it’s so simple to create an online profile, some people have abused this convenience to deceive others by creating fake online personas, typically on social media or networking websites.

Most of the people with who you interact online will be genuine, but some will use fake profiles designed to draw you in and manipulate you.

You can check to see if their profile picture is of a real person. If other photographs on their account show the same person, they may be telling the truth. 

Check their status updates and post, if they are mostly posting links and ads, it is likely that they are using a fake profile to scam people or make sales. 

Hence, be vigilant and double-check with whom you are interacting online.

Watch Out For Online Scams

Internet scams are continually evolving. Scammers may try to contact you by social media, text, phone, email, or mail. 

Keep your identity and money safe. Don’t provide private information like your date of birth, Social Security number, or bank account number. 

Know who you’re dealing with, and do not open suspicious texts, pop-up windows, or click on links or attachments in emails – delete them, do not open suspicious texts, pop-up windows, or click on links or attachments in emails – delete them.

 Keep your personal details secure, keep your mobile devices and computers secure, choose your passwords carefully, review your privacy and security settings on social media, be cautious of unusual payment requests and be careful when shopping online.

Xtra Precaution For Your Online Financial Transactions

Unfortunately, online fraud and identity theft occur just as frequently. Users should take several key steps to be as safe as possible while doing online transactions:

• Use a hard-to-guess password that contains upper and lower-case letters, numbers, and symbols.
• Change passwords as often as possible, but at least every three months
• Do not use the same username and password for all online accounts.
• Never click on any links in an email asking for identification information. Contact the institution by phone immediately to report the concern.
• Always log out of the bank, credit card, and merchant sites after you have completed your transaction.
• Do not allow your computer to store user names and passwords for merchant or banking websites.
• Use a reputable third-party payment service such as PayPal for online transactions whenever possible. These sites provide secure transactions and dispute resolution services.
• Secure online transactions should occur only on a website that begins with “HTTPS://.” Do not trust a vendor without the “S” after “http” at the start of the web address.

Your Priority On Cyber Security Make You Cyber Aware Citizen

Awareness of cyber security is important as it protects an organization from cyber attacks on the system resulting in data breaches.

Software vulnerabilities are a big deal. If cyber security isn’t your top priority, your business is at high risk. The consequences of a data breach can be massive and involve more than just fines.

Knowing about various cyber threats, the ability to detect potential threats, and taking measures to mitigate their effect to protect your digital assets make you a cyber-aware citizen.

Zero Participation in Dark Web

The dark web is the hidden collective of internet sites only accessible by a specialized web browser. There is a lot of bad content that you should avoid. It can be offensive at best and highly illegal at worst.

It is a common gathering place for hackers and other cybercriminals, which can make browsing the dark web a risky activity.

Further, it is certainly illegal to carry out illegal acts anonymously, such as accessing child abuse images, promoting terrorism, or selling illegal items such as weapons.

Therefore, all businesses, individuals, and groups should avoid using the dark web and stay strict with the ABCs of information security.

Conclusion

Information security awareness helps to reduce risk, preventing the loss of PII, intellectual property, money, or brand reputation. An efficient cyber security awareness program addresses the errors all users may commit when utilizing email, the internet, and the real world.

Paying attention to these ABCs of information security awareness, the development becomes more realistic. It can also assist in beginning or refining efforts related to information security.

Also Read:

10 Best UTM Software (Unified Threat Management Solutions)

Best Open Source Intelligence Tools (OSINT Tools) for Penetration Testing

Best Advanced Endpoint Security Tools

Dangerous DNS Attacks Types and The Prevention Measures

Best Open Source Firewall to Protect Your Enterprise Network

Best Open Source Intelligence Tools (OSINT Tools) for Penetration Testing

Free Web Application Penetration Testing Tools

Best Free Penetration Testing Tools