webinfo@shahidali.co.uk
social media
@shahidfwbd
As part of my freelance website design and IT services, I adhere to the guidelines of NIS and GDRP integration. My purpose is to monitor the security of computer local and network systems in order to prevent unauthorised users from accessing the user's computer/portable device and avoid spreading malicious codes. Furthermore, I regulate the system management to allow a client to use comprehensive or limited computer applications depending on the cost of software services.
NIS (Network and Information Systems) concerns the security of network and information systems and any processing of personal data that are stored onto storage devices, including desktops, laptops, smartphones, portable tablets, website servers and cloud computing services. This is part of GDPR (General Data Protection Regulation). Please visit a self page of GDPR GDRP and Cookie Policy
Resource information:
https://www.legislation.gov.uk/uksi/2018/506/contents
https://ico.org.uk/for-organisations/the-guide-to-nis/
With NIS regulation, it must be classed as an RDSP (relevant digital service providers) if someone has a head office in the UK or nominated a representative in the UK. Accordingly, I am self-employed and do not offer any external software such as online marketing or cloud computing. Any of them may be used in the future.
I use a combination of website and graphic design softwares on Apple Macintosh, Microsoft Windows and Linux. A premium antivirus up-to-date software is installed on my computer to avoid spreading multiple viruses. This ensures that all kinds of files don't contain any malicious code. Linux has a strong security and special authentication system called SELinux (Security-Enhanced Linux) and it won't get much viruses, although it will still be monitored with relevant open-source antivirus software such as ClamAV. This applies to Apple Macintosh and the premium software can be used as well.
I will inform a client about a permission to access the files, sharing files such as an online storage server (e.g. Dropbox, Google Drive). For the client's website, I may need to contact a technical team on behalf of a client to resolve any issues and manage their admin website server configuration and advanced control panel (e.g Cpanel or Plesk).
The digital files: ongoing design works and other file documents will be backed up securely onto a storage online server, computer or physical external storage disk, it can be restored later.
You can minimise the risk of becoming a victim when an attacker has successfully recieved your personal detail or sensitive detail account such as emails, banking online and personal documents.
Anti-virus Software - It is essential to have a premium antivirus software with up-to-date virus databases and firewall settings. A firewall configuration can be modified manually, however, it could harm a computer if it's not configured properly. It is required to follow the manufacturer's software. So, the desktop and portable devices will be monitored and detected to ensure that the system files and personal work documents are clean.
Prominent Web browsers - Firefox, Chrome, Safari and Edge are the popular web browsers. If a browser reads both sessions and cookies data without enabling HTTPS during viewing the shopping online and banking online, it would be vulnerable as an attacker can collect the sensitive information. Be sure that you check the web browser's address bar with HTTPS (locked icon). It is best to update the latest version to fix the security patches regularly.
Up-to-date Operating Systems - Commonly, Microsoft Windows and Apple Macintosh with the latest system files must be updated regularly in order to stabilise the computer programs and rectify the security flaws.
Two-factor authentication (known as MFA - Multi-Factor Authentication) - It generates an additional security for both phone and computer devices to confirm a user's login account, which helps to decrease the risk of attacks. It is recommended to enable two-factor authentication. You can set up MFA on a company's website (i.e Amazon, Microsoft 365, Banking online). The other types of authentication factors: biometric, fingerprint and facial scan.
Email Inboxes and SMS/Vishing - Millions of people became victims and weren't aware of scam emails and MITM (Man in the middle), it's when an attacker secretly monitors the communication and alters the details between two people. If you see phishing website links, unrecognised email messages or spoofing email addresses, do not open them. Vishing is a voice call phishing that tricks people into revealing sensitive information.
WiFi Connection - When you connect a WiFi router to a personal computer at home, a private network is a better choice and it is more secure than a public network. Be sure that a network connection is secured with either WPA2 or WPA3 encryption options. If you are in a public place (library or cafe) and connect to free WiFi, it can be risky and the network data connection can be traced.
Personal Website & Small Business Shopping Online- If you have your own website and have the capability to manage content pages within an admin webpage (e.g. Wordpress, Drupal, Shopify, etc), be sure that the latest version of SSL certificate is installed. It is also best practice to change the password with strong mixed values. In case, if you receive a notification of alert reports that it might be suspicious.