More than ever, browsing online or on a mobile has become a normal part of daily life and offers many opportunities. But our data is also more vulnerable than ever: from the risk of hacking to picking up a computer virus or falling foul of phishing or ransomware. Whether you’re an individual or business, here’s an overview of some of the best data protection technologies and practices.
In video: advice from Orange Cyberdefense
During the Covid-19 pandemic, cyber attacks are increasing on an unprecedented scale. According to Orange Cyberdefense, attacks in France have increased by 20 to 25% since the start of the crisis. As usage increases, so do hacking attempts!
Nicolas Arpagian, Director of Strategy and Public Affairs at Orange Cyberdefense, gives us the latest advice.
Making it easier to protect our data
Always follow best practice
Even the most sophisticated cyber protection tools are useless if they're not used properly. Following best practices makes you safer than relying on software alone. Above all make sure you:
- Avoid using the same password for every site. You can use a password manager to create strong passwords and protect the access to your online data. Tool: Keepass.
- Don't download suspicious applications
- Don’t believe or accept everything offered to you online
- Are careful about what you post: the internet never forgets
- Are aware of what’s installed: in particular check the permissions to see what each app has access to.
Encrypt your data
From USB keys to hard drives, if they aren’t encrypted, they can be inserted into another machine where the data can be read, recovered and copied. A hacker can therefore access all of your personal data!
To protect yourself against the risk of hacking, it is a great idea to encrypt your data with tools such as BitLocker, Knox or Veracrypt.
Browser extensions
Extensions are available on most browsers to block advertising and adware. In doing so they also block pop-ups that can redirect us unwittingly to malicious websites. The extensions enable a smoother browsing experience without advertising or distractions. Stay alert to sites asking you to deactivate these ad blockers!
Recommended tool: uBlock Origin.
Good to know : extensions such as HTTPS Everywhere force all sites to switch to HTTPS as soon as possible and therefore encrypt the connection to the site as well as the data circulating on the network.
Recommended tool: HTTPS Everywhere.
Authentication: always stronger
We also recommend using strong authentication tools. These involve initiating a two (or more) step verification process employing at least two different authentication methods, which could be:
- What we know: password, PIN code etc…
- What we have: OTP (One Time Password), telephone, physical token, card etc…
- What we are: biometrics.
Note, these software categories can generate a backup key if the user loses their device: it’s advisable to print this out and put it in a safe place known only to the user.
Recommended tools:
- Applications: Google Authenticator, Microsoft Authenticator.
- Physical token (key): YubiKey, RSA SecurID
Anticipating cyber attacks: a blend of AI, specific developments and advanced algorithms
Here’s where it gets more complex: stopping cyber attacks before they get through a company’s defence systems.
Beyond conventional prevention systems, such as antivirus solutions that detect intrusion and attempted data theft, these technologies help to detect more pervasive and hard-to-treat threats, such as:
- Spreading viruses
- Software responsible for stealing sensitive data (banking, ID, industrial espionage, company weaknesses etc)
- Botnets, which are dormant networks of bots that wake up at the request of a cyber criminal to simultaneously attack a specific target.
These types of technologies are based on artificial intelligence specially developed to detect cyber threats thanks to algorithms and cutting-edge innovation.
A pilot project developed by Orange teams: DILAN
The DILAN solution enables a computer (rather than an analyst) to find the “needle in the haystack”.
DILAN listens to all the data coming from a customer’s IT system before analysing it using artificial intelligence. The integrated machine learning enables it to learn over time what is considered a normal scenario or what is suspicious. This automatic analysis is supplemented by feedback from cybersecurity analysts who enrich the tool and make it more relevant to each customer.
DILAN’s algorithms gradually gain very in-depth knowledge of how the customer’s network is behaving. Advanced threats can be detected faster and more effectively and then be validated by security experts.
Find out more