6 tips for a Merry (Safe Computing) Season
Hackers love the holiday season. People are shopping and socializing online, and let’s face it, not paying much attention to safe desktop computing. But when your computing toolset fails, life gets unmerry quickly.
Here are six tips that can save you a world of pain, and are easy to implement. Apply these to your desktop computer, whether you are on a Mac or PC.
- Stay current: Keep your programs up to date. This includes applications and your operating system. Most upgrades are done to correct security loopholes.
- Use an antivirus program: Install an antivirus program to prevent malware getting into your computer. I use Bitdefender (see the review), or use Malwarebytes, which is free.
- Manage your passwords: I know, I know– it’s a pain in the butt, but there’s hope: use a password manager. Using the same password for many programs is a dangerous computing practice. So, you do what I did until I discovered a decent password manager–I wrote them down because I never use the same password more than once. So the list was eight pages of an unordered muddle of urls with updates, additions and deletes, past and present. I started putting them into a spreadsheet, then realized that this was actually less safe than my list–all my passwords in one file could be stolen. Selecting the right software for your particular situation is easy with PC Magazine’s password managers guide. I am currently evaluating LastPass and am finding it very effective, notwithstanding having to change my computing habits. Whatever option you decide to try, here’s something you must make sure you do:
- Authenticate your access to your own passwords: Do not store your password data in the Cloud unless you can authenticate your request on your smartphone. This is called two-factor authentication. Most programs offer this, but it is often optional: never bypass this option, because if your password manager or the host data center is compromised in the cloud, the hackers will still need your phone to get to your passwords. Full disclosure: Google Authenticator (GA) on your smartphone is the most-used app for two-factor authentication, yet it is a frustratingly annoying program, and there’s no decent support from Google. Your only recourse is to (yes!) Google your exact problem and you’ll find help. But, I always have issues. I hate to say this, but you must persevere. There are other authentication apps but GA is trusted and Google’s reputation hangs on it’s reliability. The good news is that once you have it setup, you won’t have to deal with it again. Here’s a link with a good overview of how to implement multi-factor authentication.
- Practice safe email: Do NOT open any attachments (or click on any links) unless you know the person or organization sending them. Be especially suspicious of “typos” on the subject header and awkward language in the body. Delete the email without opening it. And if the message is from a friend asking you to open a link, or the message seems wildly inappropriate, then do your friend a favor–call them to verify that they sent it–their email address might have been hacked and the hacker is “spoofing” your friend’s email.
- Log out: Cyber criminals use “bots” that have “algos” (algorithms) that watch network activity, and they like periods of idle connectivity. Stop them in their tracks by simply logging off the wifi network that connects you to the Internet. Stepping out to shop for groceries? Log off before your leave. It takes just seconds to log back in. You’ll take yourself off their list of targets.
- Log off: For the same reason as above, always log off and power down when you are done for the day. This also serves as a refresher when all intradependent computer “services” are activated correctly through the startup routines of your operating system.
Think of it this way: The bad guys are less likely to get into your network if you log out (step 5) and logoff (step 6) of your computer that has current software (step 1). If they still get in, your antivirus program stops them (step 2), and even if they get past these safeguards, they’ll still need your passwords, which, if you authenticate them with your smartphone they won’t be able to access (step 3). Then, be smart about email: think before you click. (step 4).
Log out, log off, stay current, stay organized, stay watchful and stay protected. Replace the warning bells with jingle bells!
Geoffrey Wells writes about privacy, elephant conservation, cyber trends and music. And of course, updates on his latest thriller, Atone for the Ivory Cloud.