Simple security tips everyone should follow
Security is more important than ever today, not because of attacks from high level hackers, foreign governments, or headline stories like the NSA scandal. It is because so many people are sending more information than ever over computer networks. The automation of banking and other critical services has made it possible for someone at the next table, or the other side of the world to steal your information with minimal effort if security precautions are not observed.
- Use strong passwords. This is 10 or more characters using upper and lower case, numbers and punctuations. Anything using words, names, years, usernames, phone numbers, addresses, etc. is not a strong password. Substituting zero for O is not sufficient. Many people pick something simple thinking that nobody could guess it, but very frequently they are wrong. It is actually very common for people to use something simple with 01, 99, or a year added to it, so common that they are easy to guess. Do you know someone who has had an account hacked? This is often why.
- Use different passwords on each system. A common trick for getting passwords is to set up a service with a free account signup. The operator then gets a collection of usernames, passwords and addresses that can be used when they find the victim on another service
- Don’t follow email links to sign in to a service. Frequently it will be a look alike page to trick you in to giving away bank, PayPal, or other service passwords.
- Don’t log in to third party services using Facebook, Google or other services. It is to easy to create look alike pages. To tell the difference you have to carefully look at the domain name and the SSL certificate.
- Don’t share your passwords with others. Sometimes people you think can be trusted will disappoint you.
- Use encrypted connections. For mail this is often a check box in the application, for web pages look for https rather than http on the URL line. Any program or device that has the ability to use encryption should. There are many ways that third parties can see unencrypted information crossing the Internet and they frequently do.
- Use passwords on mobile devices. A lost mobile device can reveal a lot of information.
- Use screen saver locks on your computer. This will limit someone walking by from seeing confidential information.
- Don’t use unencrypted connections on wireless. Other people could be picking it up even three hundred yards away. Use secure wireless nodes
- Don’t use your credentials on other people’s computers. There may be key loggers or spyware on that computer that the owner is not aware of.
- Use a good virus scanner. Many infections and Trojans today are specifically designed to steal information for use in fraud and identity theft. If your computer does get infected it should be turned off until it can be disinfected by someone qualified to do so.
- Don’t underestimate the value of information. Many people don’t think that what they are sending is worth stealing, or that their profile is too small to be a target. Just access to your email address can be used to get in to your bank account, and exploitation of computer systems has become so wide spread that anonymity is not an adequate defense. There are automated programs looking for security weaknesses and reporting their findings back to their creators.
In 2010 7% of all households in the United States had been a victim of Identity Theft. All too frequently we help people secure and repair the damage after the fact. This can include damage to computers, bank account theft, credit card fraud, lost production time from computer systems being down and the repair costs. Prevention is by far the most cost effective solution to the problem.
For a consultation please call us at 310-310-320-5708 or contact us