Users these days have to take some responsibility for maintaining good cyber security practices and protecting themselves as best they can. Relying on others is really not an option and basic cyber security hygiene is easy to implement and actually can make your life easier. So here are some quick and easy ways to strengthen and protect yourself online.
Use a password manager – these can be used in a range of browsers, operating systems and mobile devices. Many of them allow multi-factor authentication. Some can update all passwords at once, provide an indicator on how good your password is, and it means you only have to remember one password – that is the master one. The beauty of the password manager too is that you can have very complex passwords and not worry about trying to remember them, this avoids you re-using the same password on multiple websites, or choosing a really easy one – such as “password”.
General Password Advice – they say the best passwords these days are three random words all pieced together. This should not be your favourite sports team, then your mothers maiden name, and the name of your first pet! But it should be something random like BicycleTemperatureSocket.
Already been a victim?
The website https://haveibeenpwned.com/ was created by Troy Hunt, a well-known IT Security blogger and Microsoft Employee. It allows users to enter their email address and results indicate whether you have been the victim of a breach. Often attackers will obtain chunks or all of a websites database. This website will tell you if you’re email address has ever been included in this.
Most home users are using Windows 7, 8 or 10 these days. Default installations should enable live protection using Windows Defender. Regular scanning of malware is recommended, and so too is the use of an anti-virus product.
Simple things such as avoiding installing untrusted software, or things from dubious websites – yes, this definitely includes torrents, peer-to-peer downloads!
Update your Computer and Software
If you’re reading this on a Windows XP computer or anything pre-dating Windows 7 then stop now and turn off the computer! But seriously, you need to update.
Social Engineering and Social Media
People live their lives online, Facebook, Twitter, Instagram, Snapchat, etc… Be careful what you list on there. I’m mainly referring to things like your pet’s name, sports teams, etc… as they are often the answers to security questions at your bank, or online services.
Additionally, social engineering can be an issue. Communicating online is fine but sharing personal details is not, same as accepting files from people and clicking on them to run.
Backing up personal data, photographs is critical, especially if you don’t want to lose treasured memories. Cloud storage is a great option, things like Google Drive, Dropbox, Onedrive and a range of others are all very good and can sync up to your local copies. It’s also worth keeping some backups on flash drives, or printed if it’s a document. It doesn’t have to be as complicated as a RAID solution.
These are just my thoughts and recommendations. Be realistic, I doubt the home user wants to start using DMZ’s, or their own SIEM tools and intrusion prevention/detection systems. They have be achievable, proportionate to the scenario and something that can be maintained and kept up.
Comment below if you feel I’ve missed anything.