Internet security is threatened by all kinds of malware, data theft and invasion of privacy. The era of mobility, home automation, the smart car and the Internet of Things have greatly increased the number of connected devices, the way we host information and the way we access online services and applications of all kinds to which we connect hundreds of millions of users every day, increasing the security risks for consumers and businesses.

The rise of phenomena such as DMARC, despite its many advantages, is a challenge for IT departments as more and more devices are connecting to corporate networks and accessing corporate data. Moreover, the rise of teleworking and telestudy due to the coronavirus pandemic has complicated the cybersecurity situation by taking millions of devices out of corporate perimeter networks (generally better protected than home networks).

And what about malware? The "bad guys" are ahead of all protection systems and cyber-attacks are becoming more numerous, sophisticated, dangerous and massive. Ransomware alone, the main computer threat so far this year, is capable of wiping out business and consumer networks and equipment halfway around the world. And then there is cyber espionage... just as dangerous and massive as malware.

Internet security

Achieving 100% security and privacy in a global network and in such a connected world is simply impossible despite improved hardware and software protection implemented by equipment manufacturers and system and application vendors.

However, from the customer side we can and should increase protection by observing a series of tips such as the ones we are going to remind you of in this article, which include the strengthening of online accounts, applications, equipment and due precautions in the use of the Internet and its services. And lots and lots of common sense.

1- Protect your browsers

All web browsers include advanced security features whose activation should be checked and configured because they are the applications with which we access the Internet and its services. In addition to checking end-to-end encryption in synchronisation or process isolation (sandbox), you should pay attention to warnings about unsafe sites. We should also check the extensions installed because some are a frequent source of malware.

To improve privacy, there is nothing better than using incognito mode, a function now offered by all the major providers as a temporary private browsing session which does not share data with the browser, does not save information about web pages, browsing history, web cache, passwords, information from forms, cookies or other data from websites, deleting these or other temporary files when you end the session.

2- Manage passwords well

Massive security breaches of Internet services are the order of the day and millions of passwords are exposed. The reality is that passwords are a horrible method both in terms of security and usability, but until more advanced methods are consolidated, which have to come from biometric identification, we must continue to use them.

The golden rule is to have a strong and distinct password for each website. Long, random passwords prevent brute force attacks and using a different password for each account avoids having all of them compromised at once when a data breach occurs. Password managers that are able to generate and remember dozens of passwords are a good tool to reduce human error.

3- Use two-factor authentication

Two-factor (or two-step) authentication provides an additional level of account security, as it is not enough to simply crack the username and password. The service is available on most major Internet services and should be used whenever possible.

Generally, it uses a verification code served via a mobile application or SMS, as a mechanism to confirm the user's identity but adding additional security to the use of passwords. This method makes cyber-attacks, especially brute force attacks, much more difficult.

4- Use security solutions

Operating systems such as Windows include the native security solution Windows Defender as basic consumer protection. This is the minimum we should use or - better - go for specialised providers that offer a number of security solutions, many of them free of charge. Advanced or professional users should consider using a comprehensive commercial security suite as well as other security tools such as a firewall.

Data encryption systems such as BitLocker, available in some editions of Windows, are useful for business users, as they allow data on a computer to be encrypted or "scrambled" to keep it protected against threats such as data theft or exposure in the event of loss, theft or improper removal of equipment.

5- Update operating systems and applications

All operating systems have automatic or manual mechanisms for installing security updates. These are security patches that are released from time to time against known threats and must be installed.

Updating installed applications to the latest versions is just as important - or even more so - as these often include security patches. When versions are older, they are at greater risk of being attacked by cybercriminals who find vulnerabilities in the programme, with particular incidence in some such as Java, Adobe Flash or Reader.

6- Beware of free wireless networks

Free hotspots have spread to many areas in towns, restaurants, airports, train and metro stations, hotels and all kinds of businesses. Several studies have confirmed the intrinsic insecurity of these public wireless networks and the ease with which they can be exploited by cybercriminals.

They should be avoided whenever possible by opting for more secure dedicated mobile broadband networks, and should only be used for occasional, inconsequential browsing, and not for accessing sensitive services such as online banking or those that require real user authentication.

7- Use VPNs to improve privacy

The use of virtual private networks is an option for those seeking greater privacy and thus greater security on the Internet, as they hide the user's IP address and redirect traffic through an encrypted VPN tunnel.

This degree of "invisibility" offers direct improvements in security against cyber attacks, privacy against data theft and identity theft, and other added benefits such as protecting online identity, safeguarding electronic transactions and Internet purchases, or enabling security in the use of public Wi-Fi networks.

8- Value hardware security keys for vital accounts

For vital accounts, especially in business environments, it is worth making an additional investment to protect accounts using a hardware security mechanism. This is usually a flash drive that plugs into a USB port and contains a highly secure encryption engine.

The whole process is done within the hardware and although they have not proven to be totally foolproof when using Bluetooth connections, they generally greatly increase the security we achieve through software.

9- Use backup copies

We have already said that 100% security in a global network does not exist, and not only because of malware, as a hardware error can lead to the loss of precious personal and/or professional information. Backing up is therefore highly recommended for a user and professional who intends to protect personal and corporate information on a computer, as well as being a maintenance task that contributes to the health of the hardware.

Backup copies should be stored on a storage device external to our computer or in a cloud storage service that allows us to recover the data in the event of any attack.

10- Common sense

Prudence is one of the preferred barriers against malware and it is advisable to take extreme caution against phishing or ransomware attacks which, if we pay little attention, we can prevent, because they make use of the user's carelessness.

To this end, we should avoid installing applications from unsafe sites; opening unsolicited e-mails or attachments from social networks or messaging applications; browsing certain Internet pages; or using operating systems and applications that have not been updated, which contain vulnerabilities that can be exploited by cybercriminals in malware campaigns.