Intersys Logo
Menu

Managed IT Support

A Reasonable, Fixed Monthly Fee for All Your IT Needs
Managed IT Support Provider

Consulting Services

The High Level IT Consulting Services You Need to Transform Your Business
Get IT Consulting Services

Cyber Security

A Comprehensive Range of Cyber Security Services for Robust, Industry-Leading Protection
Get Cyber Security Services

IT Solutions

Whatever your IT needs, we'll create a tailormade solution for you
Get IT Solutions

World Data Protection Day 2025: Data Protection Tips from Intersys

“Data is the DNA of modern life…” said Technology Secretary Peter Kyle recently and the debate over who collects our data and what they do with it is set to intensify over the coming months.

As Kyle rightly said, “[data] …quietly drives every aspect of our society and economy without us even noticing – from our NHS treatments and social interactions to our business and banking transactions.”

He made the comments while unveiling the government’s new Data Use and Access Bill which promises to reform existing data protection regulation, focusing on harnessing data’s power to improve public services and the economy. It’s also expected to include more controls around special category data, for example.

But exactly how secure is your data when you post a video on TikTok, click on a news article within Facebook or install a cheap doorbell camera?

Data privacy concerns here in the UK are skyrocketing.

 The Information Commissioner’s Office,  dealt with over a whopping 36,000 data protection complaints last year alone. 55% of people reported a data breach and 69% reported these breaches negatively affecting their lives, leading to loss of trust, emotional distress and financial loss.

 To mark World Data Protection Day on the 28 January, we asked Intersys’ Head of Security Jake Ives for his top tips on staying secure.

While the Intersys blog has plenty of advice for organisations and businesses about online safety, we’d like to in this instance share useful tips for individuals on how they can keep their data protected online.

Jake’s online safety tips for home users 

Only enter information on sites that begin with https://

Entering information on a website that isn’t equipped with TLS/HTTPS means that your interactions could be intercepted by someone else on the network. This could be particularly risky when you’re connected to a public network. It’s also important to ensure you’re connected to the right website. 

Look closely at the address bar and scan for typos and other odd characteristics. For example, login.microsoftonline.com is the official login page for Microsoft 365, but login(dot)mcrosoftonline(dot)com isn’t (Noting the missing i).
Just because a website is equipped with an SSL certificate, it doesn’t necessary mean it’s the real website. If in doubt, use a service like the virustotal.com URL checker or the Google safe browsing site status validator to validate the legitimacy of a website.

Use DNS over TLS to encrypt your DNS queries thus increasing privacy (Quad9 and CloudFlare offer a free, reliable service).

Use this to protect privacy and prevent hackers from eavesdropping on DNS requests and responses. Taking this precaution will ensure that your ISP (internet service provider) won’t be able to see what sites you’re trying to access. This helps to protect against man-in-the-middle attacks where hackers can intercept and manipulate your internet traffic and send you to phishing sites.

Using your personal laptop/device on public WiFi? Make sure you use a VPN service that won’t collect logs.

Home devices aren’t secured to the same degree as devices managed by businesses. For instance, corporate policies won’t be rolled out to your personal machine to ensure that a Windows firewall is correctly configured and enabled. On a home device, it’s up to you to know how to correctly enable Windows firewall amongst other security measures. Therefore the safest option is to use a VPN when connected to public networks.

Use services like https://incogni.com/ to remove your information from public databases on the internet.

Remove your personal information where it exists in databases. Scammers and cold callers often use such databases to gather useful contact details.

Sign up for the Telephone Preference Service — Telephone Preference Service

Reduce spammy calls via your mobile/landline number by opting out of sales calls.

Use caller identification apps on your mobile device.

I highly recommend TrueCaller for identifying and blocking spam calls and texts.

Change your Wi-Fi password when you receive your router from your internet provider and do not disclose it to anyone.

The password your router shipped with is no doubt stored somewhere centrally. For enhanced security, I’d always recommend changing it to something unique.

Place IoT devices like cameras, Wi-Fi-enabled appliances and televisions on a guest network. Many consumer-grade routers include the ability to configure a guest network.

IoT devices are a risk, especially when they are sourced from a lesser-known brand. There is no guarantee that the devices will receive updates or that they comply with the fundamental basics of security.

My advice is to only source devices from well-known manufacturers and place these devices on a guest network, so they are segregated from the network you connect your computer to.

Login to your router management interface (if applicable) and disable WPS (Wi-Fi Protected Setup) and UPnP (Universal Plug and Play).

WPS is inherently insecure even if it is convenient. It provides an easy way to connect to your devices by pressing a button on your router instead of needing to type in a password. Unfortunately, it is also particularly vulnerable to brute-force attacks.

Universal Plug and Play (UPnP) allows devices on the same local network to discover each other and establish functional network services. UPnP can create security vulnerabilities. It can open up your router’s firewall, making it easier for hackers to access your network. In today’s world, UPnP is often considered unnecessary and is frequently exploited by cybercriminals.

Update your device regularly, and use a tool such as Patch My PC: Home Updater to ensure all of your applications are kept up to date.

Your Windows or Mac computer may have received an update, but can the same be said about Adobe Reader or any of the other applications you have installed on your device? An up-to-date OS is great, but software that hasn’t been updated in over three years isn’t. It provides hackers with easy opportunities to exploit vulnerabilities in your systems.

Make sure that your home computer includes two accounts: one that runs with ‘standard’ access and another that is set up for ‘admin’ access when required.

Running all operations on your device using your administrator account increases your exposure and the potential of contracting ransomware.  Why? Because if you’re not prompted for a password every time you want to install new software (which is the case with admin accounts), it can be very easy to download something malicious without realising what you’re doing.

Enable Multi-Factor authentication on all the accounts you use and ensure every account you have uses a separate, unique password and store this in a password management vault.

This is simply non-negotiable in 2025. Without this control, a cyber criminal who has managed to hack your password can log in to your account without facing any further checks.

If a deal is too good to be true, don’t trust it. And if something is free, you’re probably paying for it with your data.

Take that free VPN for example, you’ve got to ask why it’s free. It could well be that the service is logging your internet traffic and selling it to make a profit.

Browser plugins/extensions are not always your friend, stay vigilant and install only what is necessary.

Malicious browser extensions do exist.  In fact, 80 extensions were recently dropped from the Chrome extension gallery because they monitored user activity. Stay vigilant and only install extensions when completely necessary and if they’re provided by reputable businesses.

Be extra careful if you’re using a router that hasn’t been provided by your ISP (internet service provider). Avoid brands like TP-Link which are frequently susceptible to vulnerabilities.

If you’re not technical, the best thing to do is to stick with your ISP’s router. Resist the temptation to buy that cheap Chinese brand. Also, remember to read the reviews.

Never connect unknown peripherals like USB sticks and external hard drives to your computer.

These devices can contain infections that run automatically when inserted into your computer. Would you ever go to a fuel station and not look at what is displayed on the tank and risk fuelling your unleaded car with diesel? Use this analogy with unknown peripherals. If you don’t know what’s on it, don’t put it anywhere near your computer.

Choose  a business-grade device where possible, and avoid the cheaper devices sold by lesser-known brands.

That cheaper device may save you a couple of quid in the short term, but it may not have a trusted platform module or the ability to be encrypted.  You’ll wish you had spent more and bought one from a trusted brand when you forget your laptop on the train!

Stay up to date with IT Industry news

Subscribe to our newsletter

Please enable JavaScript in your browser to complete this form.

Subscribe to our newsletter

Please enable JavaScript in your browser to complete this form.

In other news

December 4, 2023

A Haven of Hope

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram