14 Steps To Avoid Network Vulnerabilities

Here are some of the steps that you need to take to avoid the vulnerabilities of your mobile devices.

 

 

#1 Avoid joining Free Wi-fi

First and foremost, you should be wary of free wifi, Some of these free wi-fi is set up in order to steal personal data. If you find yourself in an organisation where free wi-fi is provided, make sure you get the permission and credentials from the IT Officer in the organisation. 

#2 Use MFA

There is a need for you to make use of Multi-Factor Authentication. This ensures that unauthorised user does not have access to your device. When you used MFA, once you are trying to log in, a One-Time Password will be sent to your mobile device. You might also be asked to enter a code sent to your mobile device before you could log in to your device. This provides an extra layer of security for your device. 

#3 Backup data 

There is a need for you to always back up your data. You have to make sure that a copy of your data is stored in a secured place. Added to that, you must make sure that your saved data are encrypted so that when your data fall into the wrong hand, they will not be able to make sense of the data. 

#4 Change defaults

There is a need for you to change the default password and settings for your device. When hackers are trying to access your device. The first thing they will try to do is to login into your account with the default account details. You need to make sure that you change these default settings and log in to block hackers from accessing your device. 

#5 Delete 

As part of the security measures for your devices, You have to make sure that you delete all information stored on your devices before you discard them or sell them off. You have to make sure that all useful Apps are uninstalled. You need to clear your accounts and make sure there are no traces of your password before you sell off your mobile devices to close friends and associates. 

#6 Disable Unused Apps

Also, when it comes to mobile applications and ports, there is a need for you to disable all unused ports and applications. You need to make sure that all these mobile applications such as Bluetooth, Wi-fi, Xender and others are disabled so that hackers will not use it as a means of penetrating into your device. 

#7 Encrypt data

There is a need for you to encrypt all sensitive data and communication paths. You need to make sure that all those data are encrypted so that if by any means such data falls into wrong hands, they will not be able to make sense of such data. This will ensure that your sensitive data are not useful to hackers. 

#8 Enable Screen Lock

As part of the security measures to check against vulnerabilities of your devices, you need to enable screen lock on your device. You should note that if your screens are not locked, it might enable even internal employees that mean harm or wanted to steal data to have access to your sensitive and use that to perpetrate attacks. That is why, if you know that you are going to be away from your device, for a long time, make sure you lock your screen to avoid those that might want to eavesdrop on your device. 

PEOPLE ALSO READ:  Understanding Human-Based Social Engineering

#9 Follow Company Guidelines

In order to avoid a situation where you are being used as a medium for attacking others, you have to make sure that follow your company data and network security. Following the policy will ensure that you are doing the right. It will also guarantee that you are not exposing others to attacks. Please if you do not know about these policies, always try to find out. There is no crime in asking.

#10 Be Up to date

There is a need for you to ensure that you are up to date when it comes to patches management. Software vendors always release patches when there are lapses in their software that hackers can exploit. You need to make sure that you always update any outdated software that is available on your device.

#11 Unattended To Devices 

I also want to say that you must not leave your portable devices unattended to. There are some that are in the habit of leaving their Laptops, PC, Smartphones and other devices without being concerned about what happened to the devices while they were away. This is bad, Also, if you have unused ports, you should shut them down if you are not using them. 

#12 Airplane mode

Also, when you planned to store your phone away for some time, you should always endeavour to put it in aeroplane mode. This will ensure that no network communication will take place on that device. It will also ensure that hackers do not have time to launch ample attacks from that particular device. 

#13 Non Discoverable Bluetooth

There is a need for you to set your Bluetooth to non-discoverable mode. This will ensure that hackers are not able to discover it when they are perpetuating their evil. You should only use your Bluetooth when it becomes necessary, If they are able to discover your Bluetooth, they can actually steal your data.

#14 No Auto connection

As part of the measures of blocking network security vulnerabilities for devices, you should ensure that you are not using an automatic connection for devices. Doing this will ensure that your devices do not connect to other devices that can be used to launch an attack on your devices. 

Understanding Mobile Security In Network Security

Most of us keep our mobile devices with us throughout the day. We check them frequently. We even keep them at very close range while we sleep because these devices enable access to information anytime and anywhere. Today, they conduct more than half of all internet traffic, and the distinction between a mobile device and a PC is hazy. 
Because your portable device can contain vast amounts of sensitive information, they are very attractive targets and provide lucrative opportunities for criminals that are intent on exploiting them.

With enticing data from mobile app activities, such as banking, social networking, email, maintaining calendar and contacts, mobile e-commerce, as well as GPS information, a multitude of vulnerabilities exist. For example, vulnerabilities in the technology layer of a mobile device, as well as SMS, MMS, Bluetooth, and the synchronisation between computers and mobile devices are potential attack vectors that extend the capabilities of malicious actors.
 
Cybercriminal activity targeting mobile devices can have dire consequences, including stealing critical data, tracking users and denying access to devices. Your mobile devices can also be used as a launching pad for more lucrative attacks aimed at enterprise systems, social networks and cloud platforms. 

PEOPLE ALSO READ:  Choosing A Secured Online Payment Service: How To Do It (+Examples)

To help mitigate threats affecting these vulnerabilities, secure your Wi-fi network. Technically, the term Wi-fi stands for Wireless fidelity and your wireless router is the primary entrance for Cybercriminals to access your connected devices at home. Always secure your digital devices. Before connecting to any public wireless hotspot, such as on an aeroplane, in an airport, hotel or cafe, confirm the name of the network and login procedures with appropriate staff to ensure the legitimacy of the network. 

Public hotspots are always a security risk. To protect against the risk of juice jacking, think twice before using a seemingly convenient charging station at the hotel, airport or train station, instead invest in your own private charger. Those free charging stations might be loaded with malware that will infect your device and give attackers easy access to your data. If devices on your network are compromised, someone could be eavesdropping on you- even in your home on encrypted Wi-fi. In doing the right thing, you have to do the right thing. Let’s develop good travelling habits so as to protect our portable devices. 

Social Engineering Attacks In Network Security

Social engineering attacks is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.

. Recognise potential cyber risks.

#1 Highly sensitive data requires vigilant protection
–Attackers are becoming more sophisticated. Keep your Personally Identifiable which are data that can be used to uniquely identify you such as SSN, BVN, Full names, Birthdays, Biometrics, Passport, ID, Credit Card, Phone No among others safe.
#2 Protect your company’s Proprietary data. Remember Data is the new gold.
#3 Follow industry-recognized Security Practices which must be incorporated into security practices. You need to create a security-minded workforce.
#4 Be proactive with your information. You need to always ask a question most especially Privacy related questions.
#5 Be suspicious of any email text, or voice message requesting sensitive information or financial transaction.
#6 Hover over all hyperlinks before clicking, to confirm they are from a legitimate source.
#7 Use multi-step verification that requires a unique security code for authenticating the system.
#8 Ensure your browser, mobile devices, and computer systems are updated with the most recent patches. 
#9 Never reuse a password across multiple accounts and devices. 
#10 Follow company policy. If you don’t know. Ask. 

Facts About Vulnerabilities In Network Security

In my previous article, I have talked about some of the facts that you need to know about the network security landscape. In this article, I want to look at some of the facts that you need to know about vulnerabilities in network security. Follow me as we will look at that together in this article.

First and foremost, the National Institute of Standards and Technology (NIST): Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.
ISO 27005: A weakness of an asset or group of assets that can be exploited by one or more cyber threats where an asset is anything that has value to the organization, its business operations and their continuity, including information resources that support the organization’s mission.
IETF RFC 4949: A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy.
ENISA: The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the computer system, network, application, or protocol involved. 

PEOPLE ALSO READ:  Elements Of Computer Security: Highlighting What Computer Security Entails.

Now malware…

Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. As Microsoft puts it, “[malware] is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network.” In other words, the software is identified as malware based on its intended use, rather than a particular technique or technology used to build it.

Types of malware

There are a number of different ways of categorizing malware; the first is by how the malicious software spreads. You’ve probably heard the words virus, trojanand worm used interchangeably, but as Symantec explains, they describe three subtly different ways malware can infect target computers
A worm is a standalone piece of malicious software that reproduces itself and spreads from computer to computer.
A virus is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.
A trojan is a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread.
Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training. 

I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.

 

Fact Check Policy

CRMNIGERIA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

 

     

Fact Check Policy
truehost
telegram
CRMNuggets Whatsapp Channel