Security Awareness

You’re only as good as your word – your password that is

Please do not REDUCE, REUSE or RECYCLE your passwords.

  1. Long is strong. Vary the case, add numbers, use special characters
  2. Consider using a passphrase that is easy for you to remember but impossible for attackers to guess or crack
  3. If you have more accounts than you can comfortably manage consider using a password manager like Keepass or LastPass (KPMG is not endorsing any specific brand)

How to check if you may be caught up in a breach:

Troy Hunt is an Australian security researcher. He has been investigating breaches for years and created a tool to help folks check if their credentials may be compromised. You can check your email here:

https://haveibeenpwned?

Remember – Free Wifi Comes at a Price

You can mask you IP address to throw attackers off the scent by using a VPN: virtual private network. This creates a virtual tunnel to shield you online.  Private Internet Access is one example that security experts highly recommend (KPMG is not endorsing any specific brand). A small monthly fee is worth ensuring you can check your emails securely from anywhere or make online purchases.  Free services are not dependable.

5 Security Steps You Can Take:

  1. Keep multiple backups of your data. Don’t save to the same network you are on. Multiple backups matter because you do risk corruption or even infection that spreads.
  2. Check your credit rating/status annually. Always review your bank and credit card statements.
  3. As morbid as this sounds, check the credit history of your children because they offer criminals the ideal opportunity for identity theft and credit fraud.
  4. Beware of shoulder surfers and prying eyes wherever you pay. Shield your PIN as you enter it.
  5. Change the default password on ANY connected devices. Change the default password on your internet modem/router. Set up your own SSID and passwords.

secawareness-hackedpc

Best Security Practices

  1. Application White listing. Use AppLocker in Windows systems.
  2. Use GPO Group Policy to set rules
  3. Limit access
  4. Watch PowerShell carefully. This is not meant for everybody. Watch for indicators. Uninstall older legacy versions
  5. Restrict access to directories that are writeable
  6. Block Macros
  7. Disable autorun ability
  8. Use Device Guard. It can protect against files carrying out actions they are not meant to do eg cdb.exe, MSBuild.exe.  It prevents untrusted code from being executed. All things are untrusted by default unless otherwise configured.  Code Integrity (CI) and Virtualization Based Security (VBS)