Observed annually on the second day of the second week of February, Safer Internet Day was launched as an EU SafeBorders initiative in 2004 to provide a safer and better internet, where every user enjoys the internet responsibly and without getting their data leaked.
Since its launch, Safer Internet Day has grown beyond its traditional geographic zone and is now celebrated in approximately 200 countries and territories worldwide. This year, the theme for Safer Internet Day is “Together for a better internet,” calling upon all stakeholders to join together to make the internet a safer and better place for all, especially for children and young people.
To commemorate this initiative, we asked the Wizeline security team for some things businesses – regardless of size or industry – can do to keep the internet a safer place for everyone.
Adopting Secure Technologies
Organizations can promote a more secure internet for all by supporting, proposing, adopting, and encouraging secure technologies, features, and countermeasures in the platforms and tools that support their services and products.
Most of the technologies used when the internet was born were not designed with security in mind. However, to fulfill security requirements, the industry evolved to adopt protocols like HTTPS, email authentication mechanisms, or encrypted information storage and transmission, resulting in a safer internet. But it doesn’t end there. Here are some other technologies businesses can adopt to improve business and user security:
- Use a VPN to connect internal business services
- Implement authentication controls in the business email service to avoid email spoofing
- Use a password manager to enable different and secure enough passwords for every account
- Encrypt business devices like laptops or mobile phones so confidential information can’t be easily accessed if the device is stolen or lost
Using Social Networks Responsibly
Cybercriminals can use social networks to attack organizations and their users through many schemes like:
- Impersonating business representatives to manipulate clients and gather confidential information
- Publishing fake news which may contain malicious code targeted at users’ devices
- Using fake raffles to collect personal, identifiable user information
To reduce your susceptibility to these attacks and more, you can follow these recommendations:
- Verify that your account is an official communication channel of your organization
- Enable two-factor authentication for all sign-in attempts
- Avoid posting sensitive or confidential information, such as home addresses or personal contact information
- Double-check links before clicking on them to avoid malicious code on your devices
Organizing Security Awareness Campaigns
Maintaining constant awareness of security best practices amongst employees and customers helps build a better internet. Nowadays, it is common to see companies run awareness campaigns to avoid phishing scams or protect sensitive information such as credit card information. These campaigns have helped promote the adoption of technologies like credit cards with dynamic CVV, biometric authentication in mobile devices, and confirmation codes when receiving a package.
Even if the awareness campaigns are business-oriented, a good training campaign can empower employees to extrapolate the best practices to their personal activities. For example: using multifactor authentication, password managers, and locking unattended personal devices.
Informing Users and Learning From Security Breaches
Businesses need to be transparent about data breaches when employees’ and clients’ information is affected and communicate their actions to minimize the impact. Although regulations sometimes enforce this practice, it is crucial to inform users accordingly. Secrecy of breaches creates inaccurate information about how the industry is affected by cyberattacks, and not disclosing data breaches may be considered illegal in certain jurisdictions.
On the other hand, businesses can continuously improve their practices by analyzing security incidents and integrating learnings into their action plans to prevent recurrences.
Involving All Employees in Information Security
Everyone is responsible for information security –– it’s something that we cannot forget. If company leaders do not encourage effective security culture, employees will not take it seriously enough, causing the organization to be susceptible to cybercrime. The best way to accomplish this is to have policies and procedures based on the best practices and involve the company leaders to foster the culture across the entire organization.
Information security is not an isolated discipline that searches to reinvent the wheel. It is a culture that must be preventive instead of reactive, designed by your security team following the best practices, supported by company managers and all employees to ensure a safe internet for the business and its users. We hope you find these tips helpful, and happy Safer Internet Day!
Learn more about the Wizeline Security Practice here.