As promised in my last post, I want to start with some of the basics. While everyone’s needs for digital security will be different, there are some fundamental things that we all should do to ensure a certain level of security and privacy while online. Like I said before, the online world is an increasingly hostile space when it comes to our privacy, and we can no longer assume a minimum level of safety without taking some additional precautions. There was a time when very few people wore seat belts in the car. Now, most of us realize that we are much safer when taking a little extra precaution whenever we drive. Think of these tips as seat belts for your ride down the information superhighway.
- Install Virus (malware/spyware/adware) protection: There really is no excuse for not having virus software any more. Most people have access to some sort of malware protection for free, either from their Internet provider or a number of other options. For Windows users, Defender provides a basic level of protection and it’s included with the O/S. And for those non-Windows users out there (Linux and Mac), I say this; there is no such thing as a secure operating system. If it’s a computer, it can be compromised—and that includes mobile devices.
- Make offline backups: Even with malware protection in place, bad things can still happen. Aside from the usual computer failures, there are other more disturbing trends. Ransomware is a relatively new type of threat that can render your system unusable. Bad Guys literally hold your system hostage by encrypting all of your data forcing you to pay the ransom for the key to decode it. One way to combat this type of attack is to have multiple copies of your important data where you can easily recover it. However, don’t leave these backups attached to your system or depend solely on an “always connected” solution, as the Bad Guys can attack that too. USB thumb drives are cheap—get a few and use them to do your backups, then remove them and store them in a safe place. Cloud backup solutions are a good option too, but make sure you read tip #3 first!
- Use unique passwords for all sites: Yes, I know this is a pain, and I can guarantee that you have already heard this from someone other than me. That’s because password reuse has become one of the easiest ways for Bad Guys to hack your online accounts. It’s practically a given that at least one of your online accounts will be involved in a data breach at some point. Those breached IDs and passwords get passed around the Internet for fun and profit. If you use the same password for all your accounts, consider them all to be exposed. To more easily manage multiple passwords and keep them secure, you can use a Password Manager. I’ll cover these in an upcoming post, but for now, change your passwords, and if you have to, write them down.
- Install Ad Blockers: Yes, pop-up windows and ads on web pages are annoying, but that’s not what I’m talking about. In recent years, ads have also become malicious. Most major web sites don’t put ads on their pages directly. Instead, they outsource the ad space on their pages to a 3rd-party provider who ultimately supplies the code to display ads from paying retailers. Therein lies the problem. Since the web site owner doesn’t oversee the ads on their site directly, they have little control over the content. If that content gets compromised somewhere down the line, the site could unknowingly be distributing malware. And don’t think this only happens on the sketchy pages. It has happened recently to some very well-known sites.
- Enable automatic updates: The majority of attacks take advantage of well-known vulnerabilities in major software and operating systems. In many cases, these vulnerabilities have already been fixed by the software’s creators. However, the attacks succeed because device owners failed to install those fixes in time. One way to ensure this doesn’t happen is to enable the automatic update features available in most of these applications.
Okay, I know that was a lot to absorb for the first post, so I’ll stop there for now. Tune in next time when we will start to go more in-depth to some important topics.
Thanks for reading, and Happy New Year!