Making the most of technology safely and securely can seem overwhelming and confusing. However, regardless of what technology you are using or how you are using it, here are three simple steps that will help you stay secure.
You Are the Key
First and foremost, technology alone cannot fully protect you; you are your best defense. Attackers have learned that the easiest way to get what they want is to target you rather than your computer or other devices. If they want your password, credit card, or control of your computer, they’ll attempt to trick you into giving it to them, often by creating a sense of urgency. For example, they might call you pretending to be Microsoft tech support and claim that your computer is infected when in reality they are just cybercriminals who want you to give them access to your computer. Or perhaps they send you an email warning that your package could not be delivered and pressuring you into clicking a link to confirm your mailing address, when in reality they are tricking you into visiting a malicious website that will hack into your computer. Ultimately, the greatest defense against attackers is you. By using common sense, you can spot and stop many attacks.
Use Passphrases Whenever Possible
Modern computing speeds have made the old, eight-character password outdated and vulnerable. When a site asks you to create a password, create a strong and unique passphrase instead. A passphrase is a type of password that uses a series of words that is easy to remember, such as bee honey bourbon rain. The longer your passphrase is, the stronger. A unique passphrase means using a different one for each device or online account. This way, if one passphrase is compromised, all of your other accounts and devices are still safe. Can’t remember all those passphrases? Use a password manager, which is a specialized program that securely stores all your passphrases in an encrypted format (and offers lots of other great features as well).
Finally, if you have it, enable two-step verification (also called two-factor or multi-factor authentication). It uses your password but also adds a second step, such as entering a code sent to your smartphone or from an app that generates the code for you. Enabling two-step verification is probably the most important step you can take to protect your online accounts, and it’s much easier than you may think.
Load Updates and Patches
Make sure each of your computers, mobile devices, programs, and apps is running the latest version of its software. Cyber attackers are constantly looking for new vulnerabilities in the software your devices use. When they discover vulnerabilities, they use special programs to exploit them and hack into the devices you are using. Meanwhile, the companies that created the software for these devices are hard at work fixing the vulnerabilities by releasing updates. By ensuring your computers and mobile devices install these updates promptly, you make it much harder for someone to hack you. To stay current, simply enable automatic updating whenever possible. This rule applies to almost any technology connected to a network, including internet-connected TVs, baby monitors, security cameras, home routers, gaming consoles, and even your car.
Practice secure behavior and be a Human Firewall by staying vigilant, staying current, and exercising skepticism of the e-mail messages you receive and, if it looks even remotely suspicious, ditch it.
We’d like to credit this security bulletin to SANS Certified Instructor Steve Anson. The article appeared in the OUCH! newsletter, published by SANS Security Awareness. Steve provides guidance to IT security teams and governments around the world to improve their security posture.