User Identity and Access Management – What’s the Deal with IDP?
What user identity is? Why managing access is essential for businesses? How an IDP (Identity Provider) works? You will find the answer to these questions in the article.
Welcome to the final part in which we highlight important aspects of cybersecurity that each of you can take care of to increase your security and privacy online. You can read the previous parts here: part 1, part 2 and part 3.
31. Do not install antivirus software on mobile phones if you do not install applications from untrusted sources.
Mobile operating systems, such as Android and iOS, have built-in security features that help protect against typical threats, improved with new versions of these systems. In addition, most mobile applications go through a rigorous verification process before being made available in application stores, which is not the case with computers. This helps minimize the risk of downloading malicious software. However, it is important to regularly update the system and applications that we use. We recommend the following article from Z3S on this topic: https://zaufanatrzeciastrona.pl/post/podstawy-bezpieczenstwa-czy-wspolczesne-smartfony-potrzebuja-antywirusa/
32. Instead, you can install such software on your computer. It should be antivirus from an external company. However, Windows Defender itself is, in our opinion, sufficient for the average user.
After updates to Windows Defender several years ago, many functionalities were added that, in combination with increased security of browsers and internet applications, provide a reasonable level of security. Of course, additional protection measures in the form of antivirus software from leading manufacturers will certainly help, especially if we have higher security requirements for our station. However, we believe that they are not necessary.
33. Review your privacy settings on your Google or Facebook account. Increase your privacy by limiting the information shared.
Leading platforms collect huge amounts of personal data from their users, and this information can be used for advertising and data exploration. By reviewing and adjusting your privacy settings, you can gain more control over the information you share online. You can limit the data collected, such as your location, browsing history, and personal data, and also control who can see this information. This way, you can reduce the risk of improper use of your personal data and protect your privacy and increase security online and beyond.
34. If your friend asks you for money through a messenger app like Messenger, verify this information through another communication channel, such as calling them.
Accounts on messaging apps can be taken over and used by scammers against the person’s friends. It is easier for criminals to impersonate a friend and manipulate you through text communication. By verifying the request through another channel, you can ensure that the request, such as for money, is legitimate and actually comes from your friend. If your friend does not confirm this information, they should begin the process of recovering their account and also warn their friends through other media and types of communication.
35. Signal is the only messaging app considered secure, but only if it is properly configured.
Signal belongs to open-source software, which means that the source code is publicly available for anyone who wants to analyze it. In the world of cybersecurity, this is considered the best possible practice because the security of the solution should not depend on its secrecy. Potentially anyone can identify potential gaps in the application code and suggest changes. Additionally, Signal offers end-to-end encryption of all messages and calls, which means that only the intended recipient can read the communication content. This makes eavesdropping on such communication (man-in-the-middle attack) by hackers or governments impossible. However, this does not mean complete security because it is always possible to take control of the entire device with the help of software such as Pegasus or Cellebrite. Such attacks are too costly to affect the average citizen. However, important people and politicians should be concerned about this, even if E2E encryption is used.
36. Register with a service that sends you messages about loans taken out in your name. In Poland, such a service is BIK.
BIK, or the Credit Information Bureau, maintains a database of credit information for individuals and companies in Poland, including credit history, current debt, and unpaid loans. Banks and other financial institutions use BIK to assess the creditworthiness of individuals and businesses. By registering with this service, users can receive notifications of loans taken out in their name or using their personal information. This can be useful in detecting fraudulent activities such as identity theft and can help individuals take preventive action against further unauthorized actions. Each country should have its own system for such activities.”
37. Consider registering for your country’s court service so that any undelivered letters won’t come as a surprise to you.
If there is a possibility to register for such a service in your country that will ensure that no court case escapes you due to a lack of physical delivery of information, we encourage you to do so. You will thus avoid unnecessary troubles and possible legal consequences.
38. If you lose your hardware key or your private key information is stolen, it must be invalidated.
The above principle is based on fundamental principles of security and confidentiality in information systems. A hardware key or private key is used to authenticate and secure access to sensitive information or systems. Hardware keys and private keys are designed to be unique and specific to an individual or organization. If someone gains unauthorized access to these keys, they may potentially gain access to the data or systems they protect and manipulate them. This can cause significant financial, reputational, or legal harm to individuals or entire organizations.
39. Create a separate mailbox for accounts that are of lesser importance to you, such as promotions or store applications.
Creating a separate email address for less important accounts can help organize your main inbox. By having a dedicated email address for promotional or retail purposes, you can avoid mixing these emails with more important emails such as business or personal emails. This will help you save time and reduce the risk of overlooking important emails due to an overflowing inbox. Additionally, having a separate email address can also help protect your privacy. By using a separate email address for these types of accounts, you can minimize the amount of personal data associated with your primary email address.
40. Use disk encryption such as BitLocker.
In the case of full disk encryption using software such as BitLocker or TrueCrypt, all data on the computer is encrypted and becomes unreadable unless the encryption key is provided. This means that even if someone gains physical access to your computer by stealing it and removing the hard drive, they will not be able to read the data without the password. This can prevent data leaks and also make it difficult or impossible for law enforcement to recover such data in case of arrest.
That concludes our series of quick tips on internet security. We hope that we have helped increase your online safety to some extent.
User Identity and Access Management – What’s the Deal with IDP?
What user identity is? Why managing access is essential for businesses? How an IDP (Identity Provider) works? You will find the answer to these questions in the article.
Security
Hey, hey... Programmer, this is another article for you! The second part of the article on design patterns. Get to know Adapter and Memento.
Programming
Programmer, this article is for you! Grab a handful of useful information about design patterns.
Programming