Internet security is a critical issue, especially for companies offering SaaS (Software as a Service) services, where user data and personal information are at stake. In this article, we'll cover a series of good practices and essential tips to protect your accounts and data from the most common cyber risks.
Phishing: preventing identity theft
How to prevent phishing:
Carefully check your emails: Be wary of any email that asks for personal information, especially if it seems urgent or alarming. Always verify the sender.
Don't click on suspicious links: If you receive an email that appears to be from a trusted source, access the website directly through your browser instead of clicking on any links in the email.
Example of Phishing in the email:
Usage of Secure Passwords
A strong password is the first line of defense against unauthorized access. However, creating strong passwords isn't enough; it's also important to change them regularly. Recommendations for strong passwords:
Minimum length of 12 characters: The longer the password, the harder it is to guess.
Use a variety of characters: Mix uppercase and lowercase letters, numbers, and symbols. Avoid common words or easily guessed personal information (such as birthdates).
Don't reuse passwords: Each account should have a unique password. If one service is compromised, you'll prevent attackers from accessing your other accounts.
Change the passwords regularly: It's recommended to change your passwords at least every 3-6 months. Set reminders to update your passwords on time.
Attached documents: Prevent malware
Email attachments, especially from unknown or unexpected senders, can contain malware or viruses. These can infect your device and compromise the security of your accounts or data.
Best practices with attachments:
Don't open files from unknown senders: If you receive an unexpected attachment, verify the sender before opening it.
Scan files with antivirus software: Use security software to scan files before opening them, even if the sender seems trustworthy.
Avoid automatic downloads: Configure your email client to not automatically download attachments.
Use Bookmarks to Access Critical Websites
To avoid falling for fraudulent websites, it's recommended to bookmark the links of services you trust in your browser. This reduces the risk of entering your credentials on a phishing site.
Tips for securely accessing websites:
Bookmark the official login link: This way, you'll always access the correct website directly.
Don't click on links that ask for your credentials: If an email asks you to click a link to log in, don't. Access the service manually through your browser.
Always verify the URL: Make sure the site has a security certificate (https://) and that the domain is correct.
Do Not Share User Accounts
Sharing user accounts among multiple people is a highly insecure practice. When several people use the same credentials, it's difficult to control who has access and who might be responsible for a potential security breach.
Dangers of sharing accounts:
Shared responsibility: If someone accesses or compromises data inappropriately, it will be difficult to identify the responsible.
Risk of accidental disclosure: Someone with access to your account could accidentally share sensitive information or change critical settings.
Access management: Each user should have their own account to effectively limit access and manage permissions.
Keep Your Devices and Apps Updated
One of the most effective ways to prevent attacks is to keep your software up to date. Security updates fix vulnerabilities that attackers can exploit.
Tips for keeping everything up to date:
Update your operating system regularly: Operating systems receive important security patches that fix bugs.
Update your apps: Not only your operating system, but also the apps and browsers you use should always be the latest version.
Set up automatic updates: Whenever possible, enable automatic updates to reduce the risk of falling behind on patch installations.
Avoid Using Public Wi-Fi Networks
Public Wi-Fi networks, such as those in cafes or airports, can be vulnerable to attacks. Cybercriminals can intercept communications passing through these networks, compromising confidential information.
Monitor Access to Your Accounts
Regularly review your account activity logs to detect unusual access or access from unrecognized locations.
Recommended steps:
Review your login history: If you notice anything suspicious, change your password immediately.
Report Any Suspicious Activity
If you suspect your account has been compromised or notice unusual activity, contact customer service support immediately to temporarily block your account and prevent further damage.
What to do if you suspect something has happened:
Change your password immediately.
Access from Restricted Geographic Locations
Witei offers its services only within the European Union. If you are temporarily outside the EU, you will need to use a VPN to access your Witei account. VPNs allow you to create a secure connection from your location to Witei.
Requirement: The VPN you use must allow you to have internet access from a location within the European Union.