Use encryption to protect your information
Before you sign in to a site, especially one, that you have never been to before, first and foremost, make sure the site is secure by using encryption. This protects your username and your password because, if the site is not encrypted, then this information is being transmitted over the internet in clear, plain text. The bottom line is that you need to use encryption to protect your information.
You may not pay attention to the URL or site address, after you do a search or click on a link from one site to another, but you need to start. Before you log in or enter any information on a site, you need to make sure that the address starts with https:// – and not http://, like https://Infoportal.data-command.com. The “s” at the end makes all the difference in the world! Once you get to a site, look for the lock in the address bar, next to the site URL. This indicate that the site is protected by TLS formerly SSL.
If the lock is showing, then you are probably okay. But it never hurts to make sure the certificate is valid. Most newer browsers will tell you if they are not.
If you are looking at corporate SCADA information, remotely, you need to use encryption to protect your information. This is not just for a cloud base solution but also for applications or add on web solution. If you are a system administrator then you need to check with your software supplier to find out what they can do for you.
Encryption is a good place to start but not the only security that needs to be put in place. Multi-Factor Authentication MFA is also another best practice in today’s environment of cybersecurity. How do you know that you have Multi-Factor Authentication? When you login to the system, for the first time with a new device, you should be prompted for not just your username and password but also additional security information. MFA is not an option!