10 Cyber Security Tips From The Experts
It’s getting a little bit more than scary for the average computer user. Companies and federal agencies are regularly hacked. To help ward off the bad guys, Security pros came together to offer basic advice to help the average user.
1. Take an inventory of your devices.
Start by writing down a list of all the devices in your house that connect to the Internet. The obvious ones are your laptop, tablet, television, Wi-Fi router, and printer. Other devices such as the thermostat, the refrigerator and lighting may also have IP addresses today. Once you have developed your list, change the default passwords on all those devices, especially the Wi-Fi router that connects your house to the Internet. As you go down the list, turn off Wi-Fi or other connectivity that’s not absolutely necessary.
2. Regularly maintain and update devices.
Hackers like to take advantage of devices that have not been updated. Unpatched vulnerabilities are easy to take advantage of, so update your systems regularly. If possible, set your main devices to auto update. Also find out if your ISP does router updates automatically in the background or if you have to do them yourself. If your router is more than three years old, ask your ISP if you can replace it. The newer routers have better built-in security and given the threats and all the connected devices coming into the home should be replaced every year or two anyway.
3. Deploy endpoint protection on all PCs and notebooks.
Sure, endpoint protection from brands such as Norton or McAfee/Intel are signature-based and can only protect against known threats, but most people still need it. And any endpoint protection package you buy should also have web protection because let’s face it, the bad code typically comes from the Internet. And while personal firewall software can help, it’s not necessary for the average user. Personal firewalls tend to require a bit more expertise for the average person to manage the settings. If you decide you need one, ask a friend or relative for help.
4. Use a strong authentication solution.
Authentication may be a stretch for an average user, but they should really look at something stronger than a mere password. Remember that the 2016 Verizon Data Breach Investigations Report found that 63% of breaches result from compromised credentials in the form of weak, default or stolen passwords. There are a lot of simple, inexpensive and easy to use methods such as USB keys that can improve authentication.
5. Monitor and educate your children.
Between social media and questionable Internet sites, kids can get into a lot of trouble. Develop guidelines for usage and make them aware of the downside of social media, especially teenagers looking for their first job or kids having trouble making friends at school. Teach them basics like not clicking on suspicious links or attachments. And, it’s also a good idea to avoid using the same device for sensitive tasks that the kids use for Internet activities and gaming. Taxes or online banking are best done on devices that the kids don’t access. Gaming sites especially are magnets for malware. We believe that Sophos Home is the ideal way to keep your kids safe online this year, and give you one less thing to worry about!
6. Be aware of potential scams.
If you learn anything about online scams, understand that nobody credible will call you from Microsoft or any other leading computer company out of the blue to help you for free. Good security support can be pricey, but it’s well worth the cost of the alternative: being scammed or worse, having the computer taken over by ransomware.
7. Use credit cards with an EMV chip.
While EMV chips are not perfect, they do improve security. For credit cards, be sure to change the default PIN. Most people use four-digit PIN numbers, but many retail security experts say people should use six-digit PINs. Also, if a POS terminal looks marked up or scratched, point it out to the clerks or the store manager, there could be skimming going on.
8. Think about backup software.
People who are more than 50 years old remember the days that computers regularly crashed, so they tend to use either online backup or some form of backup software. Even if you simply use a USB drive or back up your files on Google Drive or iCloud, that will come in handy if your system is ever hit by ransomware. It’s a real problem if your system is frozen and the bad guys want $500 or more and you have no backup to restore your files.
9. Lock down your social media sites.
Whether it’s Facebook, LinkedIn, Twitter, Snapchat or Instagram, they all offer settings that let you block certain users or limit the universe of people who can see your information. For business sites like LinkedIn you may want to include a phone number or email address, but if you are concerned about privacy make it a practice to limit the personal information you share on social media sites. Also, think twice before you post travel plans or scenes from a vacation, it can tip off criminals that you’re not home.
10. Practice digital cleansing.
This may take more time than the average person has for security, but here are some of the points the National Cyber Security Alliance recommends:
- Clean up your email: Save only those emails you really need and unsubscribe to email you no longer need or want to receive. Look to delete longwinded email threads. Very often, it’s only the last email you really need. This kind of cyber hygiene helps with phishing. When email is streamlined users are less likely to get overwhelmed and anything suspicious is less likely to get through.
- File upkeep: When in doubt, throw it out. Delete or archive older files such as numerous drafts of the same document and outdated financial statements. You’ll also want to delete old documents with tax or social security information on them.
- Dispose of electronics securely: Wiping data isn’t enough. When you dispose of old electronics, look for facilities that shred hard drives, disks and memory cards. You can call officials at the city or county dump and ask them what their recycling practices are.
- Empty your trash or recycle bin on all devices: Make sure to permanently delete old files. Malware can always be lurking, so try to clean up your recycling bin every couple of weeks.