It’s not surprising that security professionals do things a little differently than average computer users. Researchers at Google once interviewed 200 experts and 300 non-experts to trace the differences in behavior. In general, experts are much more likely to use methods like two-factor authentication and file encryption. But there’s more to it.
Let’s dive into more differences between the pro and the newbie approach to cybersecurity. The differences may be startling, but you’ll see how easy it is for you to increase your safety in the digital world.
1. Non-Experts Skip Updates/Experts Don’t
Experts say if you get a notification to update either an app or your operating system, you better take it seriously. Updates fix vulnerabilities. Installing them right away is one of the biggest differences between experts and non-experts. 35% of experts recommend it as a top priority, while only 2% of non-experts consider it such.
Oddly enough, some non-experts worry that updates could cause more issues than they solve. But software updates are the best way to battle software vulnerabilities, including malware and other bugs.
One example from a few years ago was an Adobe Flash bug that enabled cybercriminals to hack users’ computers. They could have mitigated the risk by installing a patch.
Lesson: Update often. Enable automatic updates.
2. Experts Encrypt/Non-Experts Don’t
Your computer is a treasure chest full of valuable data. It is valid for all businesses and most individuals. You may have customer and employee records, tax documents, word products, along with personal data on your devices.
You don’t want any of it to fall into the wrong hands. That’s why cybersecurity professionals protect their files with encryption software for business and personal data. Non-experts don’t. Thus, they’re much more likely to suffer severe consequences of cyber-attacks.
That includes ransomware attacks that can lock you out of important business files until you pay a hefty ransom to the hackers.
Lesson: Encrypt your files, especially anything related to your business.
3. Experts Use Password Managers/Non-Experts Recycle Passwords
Remembering passwords is tough. That’s why 72% of people admit to recycling passwords. Worse yet, these are often simple passwords that one can crack by brute force or dictionary attacks.
Everybody knows that they need to secure all online accounts with random and complex passwords. And experts make their credentials like that. But most people believe it’s too much of a hassle and recycle passwords anyway.
Does it mean that experts have a better memory than the average internet user? No, it doesn’t. Instead, they take advantage of tools like password managers. Password managers help them generate, store, and manage passwords for all accounts and apps. It’s a secure and convenient way to store one’s passwords. That’s why experts prefer to use them instead of writing passwords down on post-it notes.
Lesson: Use a password manager.
4. Experts Use 2FA/Non-Experts Only If Forced To
2FA or two-factor authentication is a standard verification method. It relies on one-time passcodes sent via email or SMS to confirm the account holder’s identity.
If it weren’t for platforms like Google and Twitter pushing this on users, 2FA adoption rates wouldn’t be anywhere near as high as they are. Experts use 2FA anytime it’s available for the additional line of security it provides.
When non-experts do use 2FA, they also tend to overestimate the security it provides. Hackers can break 2FA, so it’s necessary to use it in combination with other strategies.
Lesson: Enable 2FA everywhere. Also, use it in combination with other tools like password managers and biometric security.
5. Experts Know Antivirus Isn’t Perfect/Non-Experts Don’t
Antivirus (AV) tools are quite popular with non-experts. More than 70% of them use it and consider it to be advantageous. But only 60% of experts use AV software.
It goes back to the earlier advice about updating your software. Sometimes it is more effective towards warding off malware than AV.
Lesson: Keep the AV software, but don’t get fooled into a false sense of security.
6. Experts Visit Secure Websites/Non-Experts Aren’t Sure What’s Safe
Just because you’ve visited a site for years, that doesn’t make it safe. Likewise, unfamiliar websites aren’t always unsafe. While you should always exercise judgment, there’s an easy way to determine if sites are at least somewhat safe — HTTPS is the secure web protocol. You can recognize its small lock icon in the URL bar on your browser.
There’s no guarantee that HTTPS is threat-free, but it’s a significant step in the right direction. It’s also an excellent way to verify a site is legit and not an imitation created by hackers.
Lesson: Check to make sure a site uses HTTPS, especially before submitting any personal data or downloading any files.
7. Experts Admit to Making Mistakes
Ultimately, experts aren’t perfect. They admit to clicking on links they shouldn’t have or opening attachments from unknown senders. The difference is, they recognize their mistakes and reach out for help if they can’t solve the issue.
It may be embarrassing to admit you fell for a phishing scam. But you’re better off tackling the problem before it gets out of control, especially in business settings where the stakes are much higher.
Lesson: Reach out for help if you need it.
In the end, you don’t need to be a cybersecurity expert to follow the best digital security practices. Take into account the lessons from this article, and you’ll be much safer online.