Security advice based on knowledge and understanding that should really be common.
A guide for personal cyber security hygiene as well as understanding various security related concepts and principles.
What to do:
Purchase anti-virus and anti-malware application for your devices. If the PC is provided by your employer, do not delete or disable the security software.
Why do it?
Even if you are careful online, you may accidentally click on a link that tries to infect your device. Antivirus and anti-malware adds a layer of security to your overall cyber-security stance.
As of June 2018, PC Magazine UK rates McAfee as the best antivirus and anti-malware protection.
What to do:
Use Private or Incognito mode on your browser, AND use a Virtual Private Network (VPN) service.
Why do it?
In Private or Incognito mode, your browser won’t save your browsing history, site data and cookies. It also won’t save the data you entered in online forms. Other people using the same device (if you were using a shared PC) won’t see your activity. However, this activity will still be visible to the websites you visit, and your internet service provider.
A VPN on the other hand provides end-to-end encryption of your activity and data. Your ISP (or that dodgy WiFi you have connected to at the cafe) won’t be able to see your traffic. Sure the website you interact with will still see your data but depending on the “exit server” you choose, it could think you’re in Frankfurt, Germany when you’re in fact in a coffee shop in Shanghai, China.
Many people use VPN to gain access to internet services such as email or video streaming services that are normally blocked or restricted locally.
Do a bit of research and choose a service you trust, and has the features and speed capability you need. Paid is better than free.
What to do:
Make sure the URL is encrypted. Look for the “HTTPS”
Why do it?
A website starting with https (like this one) encrypts the data between you and the website, so that no one can eavesdrop or tamper with the data flow. If a website does not start with https, do not give them confidential info (name, address, card details, etc).
Know which links are safe and which are not – hover over a link to discover where it directs to.
What to do:
Use an AdBlocker to prevent being shown ads, and avoid possible malware infection.
Why do it?
Attackers can inject malicious code or malware-filled ads into legit online advertising networks and websites. This is called malvertising and it can infect your computer.
Some websites rely heavily on ads for revenue and ask that you sign up to their website (so they can send you marketing material), or disable the ad-blocker software. You can temporarily disable the ad-blocker for the website so you can continue to access their content. Bear in mind that your PC would be vulnerable to malvertising for the duration of the ad-blocker being disabled.
What to do:
Be suspicious of any email in general, and of all links and attachments in email.Don’t open email from people you don’t know, and never open an attachment unless you’re expecting it.
Why do it?
A bad link or attachment can cause your device to be infected with malware, a virus, or ransomware.
Examine email sent to you: what email address it was sent from; and if there’s any typos in the email address. Are you addressed by name, or by Sir/Madam, or by email address (most suspicious). Are there uncharacteristic grammatical errors?
Did you expect this email? Malicious links and files may come from friends who have been infected too.
The only safe attachment to open is .txt
What to do:
Turn off push notifications from apps. If you really need them then turn off preview of the content from your locked device.
Why do it?
What is available on your mobile screen without signing in?
Can a glance of your locked phone tell someone where your next appointment is and with who? Can he see the one-time-PIN that the bank just sent you, or your bank balance, or any other personally identifiable information?
Turning off previews will let the phone tell you that you have one unread message but will have no further details until you sign in with your PIN or fingerprint.
What to do:
Run through which apps on your mobile device have permission to know where your phone is. Disable permissions for the ones that don’t absolutely need to know.
Why do it?
Limit the number of apps that have full time access to your location. It not only drains your device battery; it also lets the app developer know where you are all the time. Allow location information while you are using the app, or not at all if the app has no business knowing where you are.
Use built in services such as Find my iPhone or Android Device Manager to find your device, or to remote erase if the phone is stolen or lost.
What to do:
Take an afternoon, sign up on a password manager and reset the passwords for all the sites you use to unique and strong passwords. It will take a whole afternoon.
Why do it?
It’s been said many times before that you should have a different password for each of the websites you have an account with. Very little actually bother. Why? Instead of having a standard easy to remember password for all your accounts, like EasyPassw0rd123… now you’ll have to have have convoluted one like “LwBl8u2r&@CEXaU8” for each of the sites you use.
What’s the risk? Low, to be frank. Most big names like Facebook, Yahoo, Amazon and Google employ sophisticated systems and measures to ensure that their passwords don’t get leaked and are secure from hackers. Not to say that the big boys have not had their share of troubles.
But… if you are customer of a mom & pop web store and they get hacked… the hacker would have your email address, and password. If your password was recycled with the one you use at your bank, then he would have access to that account as well. That kinda scares me.
Some years ago, I signed on with LastPass which is an online password manager. You have a master password with LastPass, and LastPass stores and protects the log-in info for all your other websites. I spent a couple of hours changing passwords of all my subscribed sites with secure ones. It will even automatically fill in log in form of the site when you visit it.
The free version will run on your PC’s web browser. I used the free service for several years. Pay for premium only if you need to have access to your passwords on your IOS or Android device.
Sign up with LastPass here.
Full disclosure: this is an affiliate link and your sign up to Lastpass Premium goes towards supporting this site.
What to do:
Keep an inventory of your devices, and the devices you have that are connected (or need connection) to the internet.
Why do it?
Devices that need to connect to the internet in your home include PlayStations and other video gaming systems, Smart televisions, Smart thermostats, refrigerators electronic door locks and video surveillance cameras.
An inventory allows you to spot if a strange device has joined your home WiFi.
You should also change all default login passwords and check periodically if the manufacturer has released updates for them. If possible, connect them to guest WiFi.
What to do:
If your router allows, set up a separate guest Wifi with a separate (strong) password for your friends and other devices. Guest Wifi should only have internet access but not “intranet” access (or access to files stored on your PC’s).
Why do it?
Your friends may sometimes ask for or need WiFi access while in your home.
Some devices you purchase will also need internet access. This can include your Smart TV, refrigerator, video gaming systems, televisions, thermostats, refrigerators and home video surveillance cameras.
Some home automation devices will need access to other devices within your home to work properly, so they should not be connected to guest WiFi.