The saying, "common sense is not so common" applies to IT security more than we would like to admit. We all have our areas of expertise, but it is now 2021, which means you are participating in IT security whether you like it or not. Here are three common sense ideas you can commit to right now that will make your IT experience more secure.
Quit thinking that a password is secure
A really long complicated password does not make it harder for the bad guys to crack. Okay, maybe it does make it take a little longer, but it does not stop them from getting in. What makes it harder to crack is utilizing MFA, not reusing common passwords, and moving to face recognition or PINs for passwords. Also, if your IT group is making you change your password on a regular basis, send them a link to this articlee so that they stop.
And please, quit reusing the same password over and over. All that means is once your super secret password is cracked, ALL of your services will be compromised at once! At a minimum you should utilize a different password for each service and come up with some way to track them.
No one is emailing you with free money, ever
The foreign prince is never going to send money, even if you click the link and fill out all the paperwork. Microsoft or Apple will NEVER call you and ask for your password or tell you that your computer has been compromised. Your boss is never going to randomly ask you to wire $200,000 to a vendor that you have never done business with before.
Email is the most common way people get hacked. Be very suspicious of any email that comes from someone you know (or don't!) that is asking for information that is sensitive. Best course of action, delete the email. If it was important enough they will call you or resend the email.
There is no free lunch
All the "free" services that are out there typically are scraping all your information or accessing all the data you (unintentionally) gave them access to. All the search terms you put into Google are 100% tracked and then targeted back to you as ads. This is not necessarily wrong, BUT people need to be aware that any service providing value is monetizing your information in some way.
Location tracking and speech recognition are very handy, but come with some type of privacy and security compromise. It is important to know that this is happening so you can make informed decisions about how you utilize technology.