Improving Your Security, One Thing Every Other Day, For Four Weeks
Taking even just one small step each day can make a big difference to your overall security. Here’s ideas for every other day for four weeks, largely featuring free or low cost tools.
1. Make sure everything on your system is patched up-to-date.
Check your operating system, office software, browser, browser plugins and everything else, and apply patch anything that’s not up-to-date.
Secunia PSI is a terrific tool for finding out-of-date software on Windows PCs. It’s available as a free download for home use from http://www.flexerasoftware.com/enterprise/products/.
2. Install a password manager and start using it
If you use the Internet, you’ll have a crazy number of passwords. Isn’t it time you managed them systematically, rather than through writing little notes to yourself and tucking them into your wallet?
One free and widely-used password manager is LastPass (see https://lastpass.com/). You may also want to start using multifactor authentication, if it is supported by the sites you use.
3. Make sure you’ve got a recent, complete, and usable backup, preferably stored off-site.
If you ever have your system stolen, or your hard drive crash, or you run into hard-drive-encrypting malware, you will be SO glad that you have a backup. Yes, you have many options for backing up your system to the cloud, or via an external hard drive. Maybe try both, just in case?
Figure that an unlimited online backup service might cost your $50/year; a 2TB external hard drive is currently less than $100 from various online retailers.
4. Block advertising/ad trackers in your web browser
Much malicious software is dropped by malvertising (malicious advertising).
You don’t need to see ads, so consider using Adblock Plus (free) to ensure they’re gone. https://adblockplus.org/
While blocking ads, you may also want to block trackers with Ghostery, https://www.ghostery.com/, another free add-on.
5. What DNS service are you using?
DNS is the service that helps your computer find the sites you’re trying to go to. Most users just use whatever DNS servers their ISP automatically configures for them, but some free DNS services go the extra mile and automatically prevent you from accidentally touching many malicious sites.
One example of such a free service is OpenDNS, https://www.opendns.com/home-internet-security/
6. Scan your connection to make sure nothing unexpected is running
One free and easy scanner is GRC’s Shields Up, https://www.grc.com/x/ne.dll?rh1dkyd2 (select All Service Ports from the grey bar). Most users, sitting behind a hardware firewall/broadband “router” with no servers running, should only see green boxes. If you see any holes (non-green boxes), check the configuration of your hardware firewall/broadband “router.”
7. Scan your system for known malware
Even though antivirus software isn’t perfect, it can still catch some malware. A nice review of some A/V options is at http://www.pcmag.com/reviews/antivirus. Be sure you keep your A/V signatures up-to-date!
8. Remove Unused Software
People will install software, try the program for a while, and then never use it again. If that’s true for you, take the time to remove the programs you no longer need or use. That translates to fewer programs that need to be patched and maintained. Removing unneeded programs may also speed up your system.
9. And Clean Up Temporary Files
Temporary files accrue over time, just like old newspapers and magazines around your house. You should periodically clean things up. Free tool for doing this? CCleaner, see: https://www.piriform.com/ccleaner/download
10. Review Your Wireless Network Configuration
Wireless network access points, often bundled as part of a hardware firewall/broadband “router,” can be critical to your home network security, but are often ignored. Ensure that yours is flashed up to date with the latest firmware, and that you’re using WPA2-AES (and NOT WEP, WPA, or WPA2-TKIP). This might also be a good time to consider upgrading to a device capable of doing 802.11AC, the latest high speed wireless protocol. A dual band wireless router (able to do both 802.11AC and legacy protocols) will typically cost a little over a hundred dollars. Test your realized speed at http://www.speedtest.net/
11. Monitor Your Outbound Traffic for Anomalies
Mac users can run Little Snitch (https://www.obdev.at/products/littlesnitch/index.html) to monitor their outbound network traffic. Sometimes you may be surprised what’s talking on your laptop! An alternative for Windows users to check out is Glass Wire (https://www.glasswire.com/)
12. Thwart Shoulder Surfers
Some people just can’t resist trying to read what’s on other people’s screens. If you frequently need to work on your laptop in public areas, consider installing a privacy screen. These screens, made by 3M and others, typically install with special tape or clips, and make it very difficult for anyone to see what’s on your screen from your left or your right, while leaving the screen pretty bright and clear when viewed heads on. Typically about $40, and you can request additional special tape for free, if you need more.
13. What’s Your Plan for Hardware Problems?
Even the best of devices can develop hardware problems due to simple part failures, or accidents. What’s your plan for addressing them? Mac users may want to invest in Apple Care, and other laptop users may want to check out manufacturer extended warranty options or third party warranties from companies such as Square Trade (see http://www.squaretrade.com/laptop-warranty).
14. Carry Your Gear Wisely
Laptop bags play an important role when it comes to protecting your system from day-to-day knocks, unexpected rainstorms, and those who’d happily steal your system. Pick a bag that offers good protection, but avoid one that screams “I’m holding an expensive laptop! Steal me!” Bags that offer a choice of over-the-shoulder or backpack carry modes can be particularly convenient.
Author: Joe St Sauver, Ph.D., Scientist, Farsight Security, Inc.
Member of CyberGreen’s Statistics Experts Group