Ukrainian cybersecurity expert Vlad Stiran shared important tips for protecting personal data. He wrote about this on the social network X. We tell you the details.
What happened
Cybersecurity expert and founder of Berezha Security Group (BSG) Vlad Stiran shared tips on how to protect your data and devices from attackers, including through Telegram, encryption and other security measures.
Here are his tips:
- Turn off Lockdown Mode on your iPhone. According to Vlad Stiran, iOS in lockdown is the most expensive configuration to attack today.
- Reboot your smartphone at least daily. Almost all cyberattacks require constant access to the network, and maintaining this access between reboots is essential. this is an additional difficulty that not every attacker can overcome.
- Set auto-delete messages in new chats by default.
- Turn off iMessage if you are not using it.
- Do not enable message backups in WhatsApp.
- Peven backup your phone on a computer or it compromised.
- Buy two Yubikeys or other hardware authentication key. Add them to all your important accounts.
- Never use SMS for anything security-related. SMS — This is a security vulnerability, not an authentication method.
- Regularly check which devices are using your accounts. This is especially true for messengers, social networks, and ecosystems (Google, Apple, Microsoft, Samsung, and so on).
- Use a password manager to create and store passwords. This way, all your passwords will be unique and complex, because you don't have to invent and remember them.
- Periodically check if your registration data has been leaked from online services.
- Make computer backups. Keep them in hard-to-reach places. Always encrypt them.
- Update apps automatically.
- Don't share your location automatically, or better yet, turn off geolocation on your devices altogether.
- If the chat is truly secret, have it in a secure messenger that only you have on your smartphone.
- Opt out from Telegram.
- The only acceptable way to use Telegram — is the web version.
- Install a local firewall to monitor outgoing connections. Usually, everyone is limited to enabling inbound filtering, but it is also important to block suspicious outbound connections.
- Delete old mail. If necessary, move it to a folder on your local drive, and delete it from the cloud.
- Ensure that the local disk of each device is encrypted.
- Beware of video cameras. The image quality of cheap surveillance cameras is constantly improving. And using the video from the camera, you can recreate your password or PIN and guess what is happening on the screen.
- Enable or disable device locking after several incorrect login attempts. If your device allows it, also set up data deletion.
- Disable biometric unlocking on sensitive devices or when traveling to dangerous locations. It's much easier to get you to look at the screen or touch a button with your finger than to remember and enter a password or PIN.
- Completely delete data from devices when traveling. The greatest threats are when crossing the border or at checkpoints. It's better not to attract too much attention with the content of your chats and photo libraries.
- For business calls, it's better to use Signal, WhatsApp, FaceTime. Only emergency services can be called from mobile phones.
- Do not sign your colleagues under their real names, titles or units. Use pseudonyms, such as those in Signal.
- Use Signal for private correspondence and conversations.