Olga Danilova
Olga Danilova Olga is a security&privacy consultant with a broad international experience. She is an author and trainer in different subjects. Her passion for cyber security keeps on growing and she is now specializing in risk management, vendor security assessment and security education among other things.

Spring cleaning: keep your “digital home” safe and clean

Spring cleaning: keep your “digital home” safe and clean

Spring is here – time to do a big spring clean-up. I’m referring to your “digital home”. Is your cyber hygiene up to date?

If you are privacy conscious, you should start with checking your digital footprint – the trails that you leave behind while using the Internet. Understanding your digital footprint may change your online behaviour. As soon as the information gets to the internet, it stays there forever (or at least for a long time). To check your digital footprint you can use Open Source Intelligence (OSINT) Framework which provides a collection of OSINT tools, classified into various categories: https://osintframework.com/ For example you can verify if any of your password(s) have been leaked in a data breach by checking this site: https://haveibeenpwned.com/.

Now you know your presence in digital space, it is time to check how you protect access to it. Weak passwords led to some of the biggest cyber attacks in decades ( check our blog on the Solarwind breach ). Passwords should be long and complex. It would actually be preferable that you pick a passphrase instead of a password. A catchy passphrase can be more easy to understand and remember but much harder to crack than a complex shorter password! In order to limit the damage of a data breach, your password should be different for every account. Yes, but how you will remember each of these complicated passwords or passphrases?

Here a password manager enters the scene. A password manager is an application that allow users to store, generate and manage their passwords for other applications and online services. You need to create one passphrase and the rest will be done by the password manager. Here are few examples of password managers, recommended by my security colleagues:

However, this is still not enough. The next level is Multi-Factor Authentication (MFA). MFA is a method of authentication in which the user is granted access only after using two or more different authentication mechanisms: knowledge (something you know such as password), possession (something you have such as token, smartphone) and yourself (something you are such as fingerprint).

Worth to look at MFA solutions such as:

A password manager installed, strong passphrase created and MFA in place. What is up next? You will find out in the 2nd installment of this blog!