Cybersecurity helps avoid the loss of company information (employee data, customers, suppliers, accounting, projects, planning, research, etc.), avoids interruptions in the production of the company and helps comply with the Organic Law for the Protection of Personal Data and guarantee of digital rights.

Cybersecurity is for the good of all and responsibility of all.

The main vulnerabilities come due to careless behavior being the most common reason in security failures, due to outdated software in which there are usually security holes, for phishing actions and the bad configuration in networks, servers and equipment.

Basic cybersecurity concepts for employees

Cybersecurity : It is the practice of protecting information, communication and devices against malicious attacks through a great diversity of sophisticated tools, policies and processes.

Internet service provider (ISP) : Company that provides Internet connection.

Virtual Private Network (VPN) : System that establishes a protected network connection when public networks are used. The VPN encrypt Internet traffic and hide identity by complicating third parties to be able to monitor their internet activities and steal the data. In cybersecurity advanced techniques are used to be able to dig in the VPN.

Hacker : Person who tries to solve, alleviate or inform about the security problems found in programs, services, platforms or tools.

CIBERDLinuente: Person who will seek to make benefit from these problems or security failures using different techniques such as social engineering or malware.

Mobile devices: mobile, tables and laptops.

Firewall : hardware or software designed to keep unwanted users outside the network.

Router : Device that allows interconnecting networks. For example, the internal network of the company or home with the Internet.

Wi-Fi : wireless connection that allows you to connect our network devices.

Antivirus : program that detects and eliminates threats and viruses from a device. Important to have it updated.

Authentication : Verification process of a person's identity when trying to access a team or files.

Verification in two steps, 2FA or double authentication factor: enable verification in two steps, consists of adding an additional step when introducing user and password to achieve access. This double verification can be the sending of a code to the mobile, a physical security key that connects to the equipment to access, fingerprint, facial recognition, etc. This is protected by something that is known (user and password) and something that is (mobile or safety key) complicating unauthorized access. It is also suitable to avoid identity impersonation attempts (Phishing)

Backup or backup: storage of copies of their files on a server, hard drive, computer, removable unit or in the cloud to recover them in case of loss. Several copies storage methods are usually combined

Digital certificate : It allows, among other profits to encrypt communications to prevent information can be seen by unauthorized third parties, validate domains in order to demonstrate that they are reliable and authentic, verify users in emails and sign documents to detect alterations and give authenticity.

Encryption: Information coding process (of a document or communication) to prevent it from reaching unauthorized persons. Only who possesses the key can access the content.

HTTP/HTTPS: HTTPS is HTTP's safe version, that is, HTTP communication is encrypted to become https. It is the most used when we sail. By using HTTPS, we encrypt the navigation between user and website complicating the interception of third parties, since although it does not contain confidential information it can reveal information about the visitor when filling a form.

Differences between HTTPS and HTTP

Browser's lock icon next to the URL: identifies that the web uses a certificate to create an encrypted connection protocol providing safe communication. This does not imply that the page you are connecting to be trustworthy.

Recacha: system to detect and block traffic from automated programs or bots. It can always be shown when accessing a web resource or when it is suspected that it can be a bot.

Pop-ups : emerging windows or notifications that usually contain information or ads and that appear on our devices. They can contain advertisements, informative messages and malicious links or scams.

Cookies : small files that contain information that has compiled a certain website that we have visited and that are stored on our devices. They mainly serve to collect information about our navigation habits, improve usability the next time the web is visited and show us advertising directed with information that can be of our interest.

Spam : unwanted advertising or malicious type that reaches our entry tray with the purpose of selling us a product, making us fall into some fraud or infecting our devices.

Social engineering : deception strategy used by cybercounts to gain our trust and get our data with them, such as passwords or data from our card, or that we give access to our devices.

District District of Service: Attack at which a service is intended to be useless through a work overload. Using multiple hosts or users, through an exponential increase in requests, they seek to block the system temporarily. Sometimes it occurs when the system is not prepared to withstand high peaks of the demand for work such as in the purchase of tickets, voting, request for grants, etc.

Phishing : Technique that consists in sending an email by a cybercrime to a user simulating to be a legitimate entity, with the aim of stealing private information, performing an economic position or infecting the device. To do this, attach infected files or links to fraudulent pages in email.

Keylogger : hardware or software device that records the keys that are pressed to secretly capture information such as passwords.

Pirate software : a program obtained by an unofficial channel of the developer, manufacturer, distribution or an official application repository , being able to contain malware.

Malware : Software designed to execute without the knowledge or authorization of the owner or user performing functions in the system that are harmful to the user or for the system.

Spyware : malware that controls the activity or information of a team without consent and sending it to a remote entity.

Virus : malware designed to spread automatically.

Worm : malware that is installed on a computer and copies to yourself in other equipment.

Ransomware: Malware that completely takes the equipment control by blocking or using the user's information asking for a money figure to release or decipher the device files.

Sextorsion: The attacker threatens the victim to perform some type of specific action in order not to make public images or videos with sexual connotation, which has previously sent him.

Warshipping: It is a type of attack, a package is sent to a company, which includes electronic devices. Once the recipient connects the device to a team of the organization, the device will carry out the theft of information.

Botnet: Bots infected with a type of malware that are remotely controlled by an attacker and can be used jointly to perform malicious activities.

Typosquatting: It is a type of attack by which a cybercrime takes advantage of a user's typeograph error when writing a URL in his browser.

Deepfakes: Manipulated videos to make users believe a certain person making statements or actions that never occurred.

Procedure to improve cybersecurity

1. Inventory of accounts and devices

  • Make a list of all the digital accounts you have (personal and work), such as the bank account, mails, social networks, marketplace and any other digital services access account
  • Make a list of all the devices you have (personal and work).

2. Protect accounts

  • Do not mix information in personal and work accounts.
  • Passwords must be unique, do not reuse a password of an account in another account.
  • Never use personal passwords in the company, it was already indicated that they must be unique but in case of doing so, that it is not in the company's accounts and less reuse a personal password in an account of the company.
  • Use two steps verification when possible.
  • Create safe passwords, try to use passwords combining capital letters, lowercase letters, numbers and symbols and be possible, with a length of more than 10 characters.
  • Change the password as soon as you suspect you can be compromised
  • Do not use passwords that an acquaintance, friend or family can find out.
  • Do not use personal information, usual words or consecutive letters of the keyboard.
  • It is advisable to use a password generator.

3. Control access to your devices and data

  • Do not share the same device for professional and personal use, nor mobile phones, in case of being complicated, the device must have independent accounts and restricted accesses so that the professional use of the personnel can be separated.
  • Create access policies
  • Mobile devices such as laptops, tablets and mobiles should contain encrypted information to prevent information from accessing or stealing. User and password access control is not enough.
  • Make sure you know who has access to your documents and data.
  • Clearly establish the functions of who can see, edit and share your information.
  • Enable only the applications and data that are necessary to perform the work
  • Check the safety settings of your devices.
  • Do not use external memories if you are not sure that the origin is trustworthy.
  • Do not download confidential information in external memories if they will not be encrypted.
  • Limit the data stored in the company's equipment, the lower the data less risk when falling into the wrong hands.
  • Monitor your company's network and all connected devices.

4. Control access on teleworking and mobile phones

In addition to the previous control we must take into account other security policies. You have to ask what happens in case of theft/loss of the mobile device? What happens if a person outside the company accesses information?

  • Make sure that no other person even if they are trustworthy as family or friends can access the device or data, since you would be violating security and breaching the company's policy.
  • If the technical service requests access to the computer, make sure it is the authorized technical personnel of the company and not a cybercrime.
  • Mobile devices should have data encryption and remote erase.
  • Mobile must have access by PIN.

5. Maintain updated software

  • Avoid pirate software
  • Use compatible software that allows you to make updates regularly.
  • Enable automatic updates to have the latest in security and integrated protection against any malware, ransomware and impersonation of identity (Phishing).
  • Renew the hardware if it does not allow to install updated software.
  • Eliminate the applications you do not use.
  • Avoid software that they do not offer security options.
  • Avoid obsolete software that cannot be updated

Cybersecurity tests

General test

What is the correct answer?

1. It is good to ensure that security infractions are registered but not mentioning it to avoid panic among employees.

  • Yes, sowing panic would be worse
  • No, it is better to comment to act if necessary and foster a culture of cybersecurity

2. It is recommended that all employees share passwords to improve productivity at work

  • Yeah
  • No

3. If I steal my laptop with confidential data but I have a user and a safe password and backup of the entire system

  • You will have to buy another laptop but the data is safe
  • You can get the data easily if the information is not encrypted

4. Can the unauthorized accesses come from other workers of the company?

  • No, since we are a team and work together for the company.
  • Yes, being able to consider a filtration of information.

5. What is the first step to plan online security?

  • Install the entire software updates
  • Identify available digital resources

6. Which of the following options is the main advantage of passing a website to the HTTPS protocol?

  • Possible intruders will not be able to read the information between the website and user browsers.
  • An adaptable design to the website can be applied to be easier to use.
  • If HTTPS is used, the website is recorded as a commercial.

Answers:

  1. No, it is better to comment to act if necessary and foster a culture of cybersecurity
  2. No
  3. You can get the data easily if the information is not encrypted
  4. Yes, being able to consider a filtration of information.
  5. Identify available digital resources
  6. Possible intruders will not be able to read the information between the website and user browsers.

Phishing test

Click on this link