Anyone have more online security tips?

[Besetsild]

Hey. Since it is Cyber Security Awareness month I've decided to take extra steps in defending myself online. I've researched various articles like this and such and gathered many tips. So I want to know what you guys and gals are doing to protect yourself? I use HTTPS Everywhere, Privacy Badger and uBlock Origin plugins, NordVPN with CyberSec turned on, ProtonMail for mail, use Incognito mode very frequently. I think I'll keep my files in a cloud-based storage too. And of course 2 step authentification where possible. What do you use? I'm curious.

[Janeth]

I think securing your business is the most important thing you can do so …

1. Stay away from WordPress 3 out of every 4 websites that get hacked are WordPress websites.
2. Stay away from PHP as it is the most hacked language in the world.

[cabylake]

The best thing we can implement is updating everything to the latest - firmware, security patches and all. Having 100% security is not possible all the time, when we talk about internet stuff. There might be loopholes, that is why always have backups at least at 3 different places, or use RAID based backups which are more reliable.

[Janeth]

The best thing we can implement is updating everything to the latest - firmware, security patches and all. Having 100% security is not possible all the time, when we talk about internet stuff. There might be loopholes, that is why always have backups at least at 3 different places, or use RAID based backups which are more reliable.

Hi cabylake I agree with having more than one backup and I would say RAID could be one of them but I would never make RAID my only option.

First lets state the obvious, RAID 5 is never a good option. There is never a scenario where RAID 5 is the best option. It might be second best, but its never best.

But instead of talking about the different types of arrays and their features, lets talk about just one of the properties of RAID.

Lets say your using RAID 1 which is a ‘mirror-type RAID’, as it saves the same information on all disk.

Now lets say some files on your system are corrupted so the way RAID 1 works is that the corrupted files are instantly saved on all disk arrays. So you can not retrieve the uncorrupted files.

That is the one of the differences between a copy on a RAID array and backup copy.

This means if a virus gets on the system and deletes everything RAID will erase everything and copy over it with nothing.

Now lets say the server room catches on fire and the whole server burns, well your data is lost now.

The entire point of RAID should be having many copies of your backup. Hard drive storage is cheap so it doesn’t make sense to combine two 1 TB hard drives to create a seamless 2 TB.

The idea being if the hard drive fails, no problem, the system keeps running on the other drive and when you get a replacement for the failed one, RAID rebuilds it and starts mirroring data again.

But what happens if the hardware RAID card fails ?

Game Over!

[cabylake]

Hi cabylake I agree with having more than one backup and I would say RAID could be one of them but I would never make RAID my only option.

First lets state the obvious, RAID 5 is never a good option. There is never a scenario where RAID 5 is the best option. It might be second best, but its never best.

But instead of talking about the different types of arrays and their features, lets talk about just one of the properties of RAID.

Lets say your using RAID 1 which is a ‘mirror-type RAID’, as it saves the same information on all disk.

Now lets say some files on your system are corrupted so the way RAID 1 works is that the corrupted files are instantly saved on all disk arrays. So you can not retrieve the uncorrupted files.

That is the one of the differences between a copy on a RAID array and backup copy.

This means if a virus gets on the system and deletes everything RAID will erase everything and copy over it with nothing.

Now lets say the server room catches on fire and the whole server burns, well your data is lost now.

The entire point of RAID should be having many copies of your backup. Hard drive storage is cheap so it doesn’t make sense to combine two 1 TB hard drives to create a seamless 2 TB.

The idea being if the hard drive fails, no problem, the system keeps running on the other drive and when you get a replacement for the failed one, RAID rebuilds it and starts mirroring data again.

But what happens if the hardware RAID card fails ?

Game Over!

That is why having more than 1 backup solution is always better. RAID is only suitable for ongoing work.

[Janeth]

That is why having more than 1 backup solution is always better. RAID is only suitable for ongoing work.

Agree 110% I was just worried because of the or ...

that is why always have backups at least at 3 different places, or use RAID based backups which are more reliable.

I thought someone might read it and believe if they were using RAID they didn't need a backup. And then they get hacked and wonder why they can't back it up.

[harry31]

yes cyber security is more important these. phishing attack, mailling, social media hacking these are crimes are going in these days.
here are some tips.

1. Do not give your details to anyone.
2. Don't click on suspicious message in mails.
3. Change your password in a month.
4. Use strong password with special characters like @#$.


**Links removed by Site Administrator so it doesn't look like you're spamming us. Please don't post them again.**

[larika]

For me, protection is a good antivirus and backup files.

[kylojoe]

Yes, I have some online security tips. Cybersecurity is a big issue in today's time, it is necessary to have aware, otherwise, we may have to go through a lot of damage which is not right. Cyber hackers take advantage of your little negligence. To avoid cyber attacks, we must remember some of the essential points like:
Always Keep Your Software Up to Date.
use must strong passwords of your accounts
use your mobile device carefully
Close the account immediately after it uses
Regularly backup your data and do not leave it in pending
Do not use any public wifi, no matter how much you need it
Use Multi-Factor Authentication to be more secure

[groshot]

It is worth paying more attention to cybersecurity and antivirus software.

[chrismorelo]

It's very important to secure your business, so download knowable Anti-Virus program, for example Norton, then install a trustable VPN as NordVPN Teams, take a password manager and make learning courses for your colleagues about working securely online.

[alex5]

Some of the common tips you are also knowing about it:

Install an Antivirus and Keep It Updated.
Explore the Security Tools You Install.
Use Unique Passwords for Every Login.
Get a VPN and Use It.
Use Two-Factor Authentication.

[Edward Carolan]

Apart from the security of personal data, an ideal security service should also prevent data breaches in the organization. This avoid data leaking, transferring of data between the competitors, and so on.

[KatarinaGrumy]

I keep some strategies working with my e-commerce website:
- usage of HTTPS protocols
- SSL certificates
- use security plugins e.g. BoldGrid Backup, BackWPup
- installation of firewall
- use CDN
- there is no option to save/store credit and debit card information on my website
- use Payment Card Industry Data Security Standard (PCI DSS)

There are 2 good articles from professionals about it:
https://ecommerce-platforms.com/ecom...merce-security
https://www.bigcommerce.com/blog/eco...merce-security

[Ofanasio]

I keep some strategies working with my e-commerce website:
- usage of HTTPS protocols
- SSL certificates
- use security plugins e.g. BoldGrid Backup, BackWPup
- installation of firewall
- use CDN
- there is no option to save/store credit and debit card information on my website
- use Payment Card Industry Data Security Standard (PCI DSS)

I would add here 1 more thing: always use 2-step verification but not sms based (use Google Authentificator instead). That's why https://positive-tech.com/research/s...rability-2018/. Using ss7 vulnerability hackers can intercept the sms with your code without you even knowing about it.