Every week brings news of yet another data breach. Schools, factories, websites, and even government agencies get caught with their protection down, and we all suffer. There’s nothing you can do to prevent these faraway breaches, but rather than bemoan that fact, get busy! There’s plenty you can do to protect your own devices, data, and privacy.
Making your devices, online identity, and activities more secure doesn’t take much effort. Several of the following tips boil down to little more than common sense, yet they’ll help keep you safer online.
1. Install Antivirus Software and Keep It Updated
We call this type of software antivirus, but fending off actual computer viruses is just one small part of what they do. Ransomware encrypts your files and demands payment to restore them. Trojan horse programs seem like valid programs, but behind the scenes, they steal your private information. Bots turn your computer into a soldier in a zombie army, ready to engage in a denial-of-service attack, spew spam, or whatever the bot herder commands. An effective antivirus protects against these and many other kinds of malware.
In theory, you can set and forget your antivirus protection, letting it hum along in the background, download updates, and so on. In practice, you should look it over every now and then. Most antivirus utilities display a green banner or icon when everything is hunky-dory. If you open the utility and see yellow or red, follow the instructions to get things back on track.
You may be thinking, wait, isn’t antivirus built into Windows? Not only is Microsoft Defender Antivirus baked into the operating system, it automatically takes over protection when it detects no other antivirus, and it just as automatically steps aside when you install third-party protection. The thing is, this built-in antivirus just doesn’t compare with the best third-party solutions. Even the best free ones are way better than Defender. Don’t rely on it; you can do better.
Whether you’ve chosen a simple antivirus or a full security suite, you’ll need to renew it every year. Your best bet is to enroll in automatic renewal. With some security products, doing so enables a malware-free guarantee. You can always opt out later if you get the urge to switch to a different product.
One more thing. If your antivirus or security suite doesn’t have ransomware protection, consider adding a separate layer of protection. Many ransomware-specific utilities are entirely free, so there’s no reason not to try a few of them and select the one that suits you best.
2. Explore the Security Tools You Install
Many excellent apps and settings help protect your devices and your identity, but they’re only valuable if you know how to use them properly. To get the maximum protective power from these tools, you must understand their features and settings. For example, your smartphone almost certainly includes an option to find it if lost, and you may have even turned it on. But did you actively try it out, so you’ll know how to use it if needed?
Most antivirus tools have the power to fend off Potentially Unwanted Applications (PUAs), troublesome apps that aren’t exactly malware but don’t do anything beneficial. But not all of them enable PUA detection by default. Check the detection settings and make sure yours are configured to block these annoyances. Likewise, your security suite may have components that aren’t active until you turn them on. When you install a new security product, flip through all the pages of the main window, and at least take a glance at the settings. If it offers an initial onboarding tour, don’t skip it—rather, go through the tour methodically, paying attention to all the features.
Antivirus tools usually include some form of browsing protection, typically in the form of a browser extension. If you accidentally try to visit a dangerous page or a phishing fraud, they divert the browser to a safe warning page. Many of them mark up search results so you don’t even click on a dangerous link. And all this helps you not at all if you don’t have the browser extension installed and working. Check each browser you use to make sure it’s protected.
To be extra sure your antivirus is configured and working correctly, you can turn to the AMTSO’s (Anti-Malware Testing Standards Organization) security features check. If your antivirus doesn’t pass, it’s time to contact tech support and find out why.
3. Use Unique Passwords for Every Login
One of the easiest ways hackers steal information is by getting a batch of username and password combinations from one source and trying those same combinations elsewhere. For example, let’s say hackers got your username and password by hacking an email provider. They might try to log into banking sites or major online stores using the same username and password combination. The single best way to prevent one data breach from having a domino effect is to use a strong, unique password for every single online account you have.
Creating a unique and strong password for every account is not a job for a human. That is why you use the random password generator built into your password manager. Several very good password managers are free, and it takes little time to start using one. For-pay password managers generally offer more features, however.
When you use a password manager, the only password you need to remember is the master password that locks the password manager itself. When unlocked, the password manager logs you into your online accounts automatically. That not only helps keep you safer but also increases your efficiency and productivity. You no longer spend time typing your logins or dealing with the time-consuming frustration of resetting a forgotten password.
One more thing to consider. If you get creamed by a self-driving car tomorrow, how will your heirs manage to access your accounts? The most advanced password managers let you identify a password heir, someone who will receive access to your account after you shuffle off this mortal coil.
5. Use Multi-Factor Authentication
Multi-factor authentication can be a pain, but it absolutely makes your accounts more secure. Multi-factor authentication means you need to pass another layer of authentication, not just a username and password, to get into your accounts. If the data or personal information in an account is sensitive or valuable, and the account offers multi-factor authentication, you should enable it. Gmail, Evernote, and Dropbox are a few examples of online services that offer multi-factor authentication.
Multi-factor authentication verifies your identity using at least two out of three different forms of authentication: something you are, something you have, or something you know. Something you know is the password, naturally. Something you are could mean authentication using a fingerprint, or facial recognition. Something you have could be your mobile phone. You might be asked to enter a code sent via text or tap a confirmation button on a mobile app. Something you have could also be a physical Security Key; Google and Microsoft have announced a push toward this kind of authentication.
If you just use a password for authentication, anyone who learns that password owns your account. With multi-factor authentication enabled, the password alone is useless. Most password managers support multi-factor, though some only require it when they detect a connection from a new device. Enabling Multi-factor authentication for your password manager is a must.
6. Use Passcodes Even When They Are Optional
Apply a passcode lock wherever available, even if it’s optional. Think of all the personal data and connections on your smartphone. Going without a passcode lock is unthinkable.
Many smartphones offer a four-digit PIN by default. Don’t settle for that. Use biometric authentication when available, and set a strong passcode, not a stupid four-digit PIN. Remember, even when you use Touch ID or equivalent, you can still authenticate with the passcode, so it needs to be strong.
Modern iOS devices offer a six-digit option; ignore it. Go to Settings > Touch ID & Passcode and select Change Passcode (or Add Passcode if you don’t have one). Enter your old passcode, if needed. On the screen to enter the new code, choose Custom Alphanumeric Code. Enter a strong password, then record it as a secure note in your password manager.
Different Android devices offer different paths to setting a strong passcode. Find the Screen Lock settings on your device, enter your old PIN, and choose Password (if available). As with the iOS device, add a strong password and record it as a secure note.
Give us a call at 732.780-8615 or email [email protected] to discuss how we can get your employees started in our Security Awareness Training and Phishing Simulations today!
Neil J. Rubenking, Excerpt from “12 Simple Things You Can Do to Be More Secure Online“, pcmag.com, June 27th, 2024