Think like a security expert: practical tips for digital safety
October is National Cybersecurity Awareness Month, so we sat down with our Security Specialist, Matěj Groman, to get his perspective on cybersecurity in today's world. We asked him to share his thoughts on how we can all protect ourselves and provide some insight into how we approach security here at Kentico. Let’s dive into the mind of a security expert to learn more.
How important is cybersecurity in today's world?
With the rapid pace of IT innovations and technological advancements, our online identity is becoming just as important (and in some cases even more important) as our physical one. Cybersecurity aims to protect people in the online world, and currently, the most vulnerable target is humans themselves. That's why I believe we all need to understand at least the basics of staying safe online, just like we learn to stay safe in the physical world.
Think of it this way: your house might have an alarm and strong locks, so why not enable two-factor authentication for your accounts? You double-check your surroundings when you go to unfamiliar places, so why not double-check email links before clicking? We've had thousands of years to learn how to stay safe in the physical world, but only a few decades to understand the ever-changing digital landscape—so we still have a lot to learn.
How do we approach security at Kentico?
We prioritize a security mindset. By educating our developers on various threats and current vulnerabilities, and by maintaining a strong focus on security throughout the entire development process, we make sure our product is as secure as possible before each release. No software is ever 100% secure, so we also run a Bug Bounty program where external researchers help us identify security issues in our products, which we then fix with high priority. We're constantly learning about the current threat landscape and modern technologies, such as AI vulnerabilities, to ensure we stay at the cutting edge of security.
Tips for staying safe online.
1. Be mindful of what you put online.
Think about who can access your data. Is it public? Is the service provider trustworthy? If you have doubts, it might be better to find an alternative service or simply not put certain information online. By being cautious about your privacy, you make it harder for attackers to steal your identity, learn about you, or send you targeted phishing attempts. Resources such as Paulaime's Awesome Privacy on GitHub can help you find privacy-oriented services and vendors.
2. Secure your accounts.
Most services today allow you to enable advanced protections like multi-factor authentication (MFA). Choose passwords that are unique for each service. The current best practice is at least 15 characters, without necessarily requiring special symbols—a method called "passphrases" works well, where you use a sentence or a series of random words that are easy for you to remember but hard for others to guess. Using a password manager is also a great idea, so you don't have to remember all of your passwords.
3. Back up your data.
Even experienced professionals can get hacked, so always be prepared. Make sure your important data is backed up, either on an external drive or through a cloud service, and get into the habit of doing this regularly. This way, you won't find yourself in a situation where your only backup is five years old—or worse, doesn’t exist at all.
We hope these tips serve as a valuable reminder to stay vigilant about your digital identity. In today's digital age, where so much of our personal information is online, it's crucial to take proactive steps to safeguard it.
We also share all the information on our planned events on Facebook. Follow us to stay in the loop.