DIGITAL HYGIENE BEST PRACTICES Digital hygiene is similar to personal hygiene, it refers to your digital habits rather than your personal grooming habits. Digital hygiene is our crucial first line of defence against new and evolving digital threats, such as malicious emails, social engineering, phishing, cyber harassment, hacking accounts and devices & the theft of private data. In most instances you are the main culprit. Most hacks occur because passwords or critical information has been shared by you. By improving your digital hygiene, you’ll be better protected against cyber threats and possible digital surveillance. • • Know your device: there is value in knowing your device be it a laptop, mobile phone, or camera. Things to take note of are the make, model, software installed and hardware specifications; knowing this enables you to better understand what you want and need to protect. Virus Protection: does your device have an antivirus software? An antivirus software helps protect your computer from virus attacks which can corrupt your documents or harm your computer. A comprehensive comparison of different antivirus software can be found at www.av-test.org. • Enable Firewall: a firewall monitors and checks all incoming and outgoing traffic on your device. Make sure that it is always on/enabled as it also assists in flagging suspicious connection requests and/or traffic. • Software Updates: your devices should be always up-to-date in terms of their software; updates help patch up known vulnerabilities found by the software provider and also enhance the performance of the software. • User Profiles: if you are sharing a device make sure that each user has a different user profile they use to log in. Having separate profiles which are all password protected enables the separation of user files and settings. • Lock Screen: make sure that your device is locked with a strong password and you do not share this password with anyone. HOW TO AVOID PHISHING ATTACKS? Passwords, multifactor authentication, and encryption will successfully increase the security of email communications. This protection drives adversaries to attempt to use other methods to bypass the security in place. One method used by these attackers is called phishing. In phishing attacks, the attacker uses communication channels (email, IM, SMS) to get you to unwittingly reveal your credentials (username, passwords, birth date, IDs etc) so they can gain access to your online accounts. Malicious links are usually embedded in the messages to get you to click them, redirecting you to websites where you type in your credentials. Page 20 A SURVIVAL TOOLKIT FOR JOURNALISTS