What's
Security Recommendations: Backups, Security incidents and suspicious activities
Have you ever lost important data in high school or college? Remember that feeling? Now, imagine losing a vital part of your project that’s only on your laptop. You might have guessed it, the last part of our Security Recommendations series focuses on backups and security incidents.
Backups
Why should you create backups?
Without a backup, when something becomes unavailable (disk, device during booting) or stops working, it is too late. There are many ways you can lose your data: physical damage, malware attacks, vulnerabilities, carelessness, information theft, etc. The costs of data recovering and re-gaining access to your accounts and devices can be very high.
What to do:
1. Back up your data.
- Back up your data on a regular basis.
- These are the recommended backup methods (sorted by priority):
- Use cloud storage.
- Subscribe to a local backup service (offered by your operating system).
2. Back up AI models and datasets, particularly when reaching a milestone.
- Examples of milestones: final paper submission, model deployment in a production environment, reaching a project milestone.
3. Plan your backup.
- Choose between full, incremental and differential backups based on your needs.
4. Protect your backup.
- Just like your data and devices, backups are subject to security measures.
Security incidents and suspicious activities
Security incidents and suspicious activities are common occurrences that most of us have likely encountered. Perhaps a friend or a colleague sent you a message containing spam, such as an invitation to view questionable website content (e.g., “look at my pics at <questionable website>”). Although such messages may be amusing at times, they also indicate a compromised computer or smartphone. They also present a significant threat to a company’s security. For this reason, it’s essential to learn how to minimize these threats and respond appropriately when they arise.
What to do:
1. In case of unusual activity, contact a person or department in your organization responsible for this domain.
- Every company appreciates a responsible, security- and privacy-savvy colleague. When you come across a suspicious activity, it may indicate a security incident that must be reported.
- Even when you are not sure, better write a message anyway.
- Suspicious activities include:
- Suspicious email with seemingly legitimate sender or content.
- Compromised internal infrastructure, such as inability to connect or an unusual server behavior.
- Someone logging into your account, for example an unusual IP or location used for the logging process.
2. It is completely fine to contact external authorities.
- This applies if the suspicious activity goes beyond your company.
- For instance, CERT: incident@nbu.gov.sk or an application vendor.
3. Discuss your findings with your colleagues.
- As a team, you will increase your expertise in cybersecurity.