Partner Article

Top tips for online password safety: Tech Guru

Organisations with top class policies and procedures are often undone by internet users displaying a lack of savvy in their online activity. Mark Child, Technology Risk partner at Kingston Smith Consulting LLP, explains some of the easy techniques to keep users safe online, minimise identity theft and reduce online fraud:

1. Really change your password – An easy tip which will prevent data and identity loss is to change your password at least every three months. Mark Child emphasizes that the change should not be limited to one character, e.g. where M@nchesterUnited1 becomes M@nchesterUnited2.

2. Keep passwords for your key sites separate – As it’s increasingly difficult to remember all of our passwords, we tend to use the same ones for frequently visited sites. But Mark Child points out that for some sites the risk of data loss is much higher. Your local library online access code should not be the same as your online banking password!

3. Social media – Hackers often consider the information in the public domain when considering hacking individual’s social media profiles. Names of pets, sporting clubs and loved ones often figure in passwords. If you are choosing a password, avoid any personal information.

4. Site verification – Do you know the difference between a “safe site” and an unsafe one? Ensure that any website you send information to has https protocol (usually symbolised by a padlock icon) in place. If there are any doubts about the veracity of the site, contact the institution directly before submitting personal details. Be very careful about pop-up windows requesting password changes.

5. Password storage – Do you use a password management tool? Mark Child suggests that you ensure passwords are not stored on mobile devices (smartphones, tablets, iPads), as industry experts have reported that these devices can be hacked in under three minutes. If you are intending to store passwords on any device, ensure that the files are encrypted.

6. Insurance – If you intend to use a credit card for online transactions, Mark Child suggests that you ensure the financial institution that issued the card has cyber crime insurance.

Although the onus is on consumers to interact safely online, Child also notes that consumers’ expectations have increased when it comes to information security governance by businesses. He warns: “As recent examples have highlighted, failure to safeguard consumer information can lead to brand and reputational damage for businesses of all sizes.” He continues, “Financial penalties are also a risk; for example, non-compliant businesses may incur fines from the Information Commissioner.”

Mark Child has been around computer networks a long time. His 20-year career has taken him from Australia to Zambia, and he has built up extensive experience working with organisations of all sizes to test, monitor or advise on information security.

—————————————————

Mark Child, Technology Risk partner, Kingston Smith Consulting LLP
[mchild@kscllp.co.uk](mailto:mchild@kscllp.co.uk“ target=)

This was posted in Bdaily's Members' News section by Mark Child .