15. Security Best Practices
Security Best Practices
Personal security
ND545 C1 L1 11 Security Best Practices - Personal Security
Device and Network security
ND545 C1 L1 12 Security Best Practices - Device & Network Security
Summary
It's important that anyone using the Internet follows basic Cybersecurity hygiene - the understanding of cybersecurity best practices for protecting your information, devices, and networks. These tips will help you apply security fundamentals including core security principles and critical security controls in your world.
Personal Security means protecting yourself online
Defeating Social Engineering
- Think before you click
- Trust your gut – Be a little skeptical
- When in doubt, ASK
Passwords
- Long - at least 12 characters
- Complex - Use numbers and special symbols
- Passphrases are better
- Not anything about you
- Not the same from previous passwords
- Use a password manager
Multifactor Authentication (MFA)
Using at least two of the following, something you- Know (password)
- Are (fingerprint, face, voice)
- Have (smartphone, card)
Device Security means protecting your computers (PCs, laptops, tablets, etc.)
- AntiVirus (AV) applications
- Patching and Updates
Network Security means protecting how you connect
- Wireless (WiFi) Security - Home and Remote
New terms
- Multi-Factor Authentication (MFA): Authentication using two or more factors to achieve authentication.
- AntiVirus (AV) applications: A program or tool specifically designed to detect many forms of malware and prevent them from infecting computers, as well as cleaning computers that have already been infected.
- Patching: A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component.
- Updating: An authorized increase in the level of protection to be provided to specified information, e.g., from a Low impact-level to a Moderate impact-level.
Definitions from the NIST CSRC Glossary: https://csrc.nist.gov/glossary
Further research
- National Cybersecurity Alliance, How to Stay Safe Online: https://staysafeonline.org/stay-safe-online/
- Stop.Think.Connect., General Tips, and Advice: https://stopthinkconnect.org/tips-advice/general-tips-and-advice
- For terms and definitions, see the NIST Computer Security Resources Center (CSRC) Glossary: https://csrc.nist.gov/glossary/