Four Easy Digital Security Tips/Principles

digital security
From www.TopNews.in

We’ve all heard a lot about digital security these past few years and it always gets to me that “digital security” has remained a buzzword – often used to spread fear and panic as well as appeal to the masses as a means to sell new security products, etc.  Digital security can be boiled down into some basic principles and practices that you can do on your own (some software may be needed in certain cases but most can be done on your own).  These are basic principles but in my experience adhering to the basics will prevent major problems from occurring.

You are the first line of defense.

No computer program, algorithm, or machine has the complete ability, as least yet (!), to match the intellect of a human being in terms of digital security.  Yes, these programs can protect us much better than we can – in a lot of ways – but having an alert mind on our shoulders will make a world of defense in protecting yourself.  When you’re online remain alert and vigilant to online threats – operating with the mentality that “the internet can do no harm” is on the verge of living a fantasy.  Don’t go overboard but trust and use your natural intuition about websites, links, and attachments as you protect yourself online.

When online, be aware of red flags and recognize when things seem out of place or odd.

I have recently been receiving a lot of spam from hotmail accounts (which seems to be a favorite target of hackers these days) and the spam I am receiving is incredibly deceptive.  Spammers are now adding prefixes such as “RE:” and “FW:” to email subjects to entice individuals to open messages.  This is an example of a red flag you should be aware of – if a message seems out of place (like a “reply” to a message you didn’t send) chances are the email is spam.  Another spam favorite is the giveaway of electronic devices – now, I don’t want to seem like I’m a pessimist but if something sounds too good to be true there is a higher chance that it probably is.  I always suggest to users that they tread lightly with the “out of this world” type of promotions and have heightened senses when pursuing these types of links/sites.

Password protection is critical.

I’ve walked into many offices where passwords have been left on sticky notes underneath the keyboard because they are hard for people to remember.  Granted, techies (like myself) are often guilty of making password requirements too complex but I always discourage the use of sticky notes near the computer simply because it allows very easy access to sensitive login information.  Here are some tips for protecting your password that will save you the trouble of being hacked or having your accounts improperly accessed:

  • Make your password case is sensitive with mixed characters and letters – stay away from common English words and phrases
  • Commit to memorizing your password or store your passwords in a concealed place (and not under “P” for passwords either)
  • Change your personal passwords every 6 to 12 months or whenever you feel your digital space may have been compromised
  • Use a secure password management tool that integrates with your browser and websites/multiple passwords

Install an anti-virus program.

I keep saying this and it still amazes me how many people don’t have an anti-virus program on their computer.  Everyone, including Mac users, should have an anti-virus program or internet security suite installed on their computer.  If you’re worried about the cost of a program, I recommend the free version of AVG anti-virus or download one of the many trial versions of the security suites out there, like PC Tools or Kaspersky Anti-Virus.  But trust me, the money for such programs is worth the investment!

I realize these things may seem like common sense but, with digital security, the common sense/trivial matters do make the difference between a big computer nightmare and digital bliss!

Share with me in the comments the tips and tricks that you use online to protect yourself.

Beyond the Moat: Network Security Outside Your Intranet

As we talked about briefly in the last security-related post, most of the top-5 security breaches occur in the office through carelessness and inattention. Most of these issues can be resolved with a good employee computer policy, but what about those network assets that live outside of your companies local area network?

Things like your web page, any remote access software or tunnels you use, your blog, and your social media are all mostly outside of your control. Unless you have a dedicated server in-house that you run your website from, or you have a special relationship with Mark Zukerberg and he lets you personally test the security on your FB, you are pretty much stuck with whatever security features your web vendors provide you with, right?

Well, not entirely, there are still things that you can and SHOULD do to make sure that ALL of your networking assets are safe and secure. Let’s take a look at steps you can take by asset:

Web Page –

Yes, it’s true that most of the time your company will be renting space on a shared server, which means what you can and can’t control is limited. That doesn’t mean you need to throw your website to the digital wolves: there are easy, concrete steps you can take to make sure you’re safe from external attacks. The best part is since the server is managed by someone else, usually you just have to worry about these things once.

  • Newer is Better: Before signing on with any hosting provider, check to make sure that they are up to date on the bits that matter. For web security, this means they should have the latest version of PHP and SQL running. Also, browse through their support forums and check to see if anyone is having issues waiting for the hosting company to update it’s servers. If it seems like they are slow to update, this could be a sign of potential future headache.
  • Data Storage: At some point early in the web design process, you need to decide what kind of data you will need to have available on your web-facing pages. Generally, you do not want to store any sensitive information on your web-site’s server, but sometimes (like for an e-commerce site) you have no choice. If you DO have a choice, don’t put anything sensitive on your web server. Store it locally.
  • If There’s No Other Way: If you absolutely MUST store personal or sensitive information, make sure that your hosting company supports encryption for all data transmissions and build your web-site appropriately. Use SSL and HTTPS whenever any delicate details need to be transmitted, and make sure your data is locked down tight on the server.
  • Lock The Door: There are a lot of ways to access data on the web. Make sure you shut down and password protect all of them. A lot of hosts will, for example, provide an open, anonymous FTP login for your account. Turn it off. Make sure all your FTP accounts are protected by strong passwords that are not similar to your other passwords. Also make sure that any databases are password-protected and that the password is not hard-coded into any of the pages that a customer might see. If any directories contain personal or delicate information, make sure they are also locked down with individual passwords, and make sure you have all your access and CHMOD settings set appropriately.

Social Media –

With social media, we have even less control than with remote servers. Unfortunately, they have become a way of life, and it looks like they’re here to stay. Since most of the privacy setting and security features on these networks are entirely in the hands of their owners, there is little you can do about the physical security of the information on them. So, the obvious solution is: control what information you expose to these networks.  Even with Facebook’s updated privacy settings, you have to stop and ask yourself: if something happened at Facebook and a hacker got a hold of this information, would I want people I know and work with to see it? The best security policy for all social media sites is:

  1. Do not reuse your password!
  2. Do not post anything (even hidden, even if you don’t let any work contacts or clients or customers to see your wall) EVER that might come back to reflect negatively on you as a person, as a business owner, or as a trusted member of the community. The risk is simply not worth it. Basically, before you hit enter to post that update, think to yourself: “Would I be ok posting that on a sign in the front window of my business?” If you answer no, don’t do it on Facebook.

If you follow the simple steps outlined in this and the previous security article, you should have nothing to worry about. Just remember: security doesn’t begin and end at your router. It’s a process that needs to be maintained. Stay on top of it and stay alert, and you’ll have no problems.

Network Security: Big Trouble for Small Business

“Our business is too small to worry about security.”

“Who could possibly want any of our information?”

“I trust all my employees when they surf the web. They’re all smart people.”

“Network security is too much of a hassle!”

All various excuses we’ve heard from friends and colleagues with small businesses when asked about their network security protocols. Does this sound like something you or your boss might have said at some point? By all means, then, read on.

Continue reading

Protect Your Laptop, Computer, and Smartphone From Malware

Computer Malware
Image From https://blog.xanda.org/

Malware, or Malicious Software, is a computer program or computer code designed to secretly access your computer system with deceptive intent. Malware is typically disguised as a program that you download from the internet or is installed on your computer without your knowledge. Malware can come in the form of a computer virus, a computer worm (self-replicating), a trojan horse (programs that on the outside appear to do something other than what they do), spyware, adware and even basic computer code. Malware can steal personal information stored on your computer, open your computer to further attack, or allow other deceptive practices toward you and your computer system. You may have malware on your computer and not even know it. Many malware programs look like otherwise legitimate programs but carry with them deceptive intent. Your laptop, computer, and/or smartphone are all susceptible to malware.

In 2008, Symantec, the company behind the popular Norton Anti-virus program, suggested that the rate of malicious code and programs being spread through the Internet may be exceeding that of legitimate programs. Due to its rampant nature, it is important for you to protect yourself and your computer from the malicious intent of Malware.  Continue reading to learn more about Malware and how to protect your computer/device from malicious intent. Continue reading

Great FREE Tools For Protecting Kids Online

Now that the summer has come to a close kids everywhere are gearing up for back to school. As school starts, your kid’s computer usage is sure to rise. Whether they’re working on projects, doing homework, or just surfing the web, protecting your kids online activity should be a big priority. With technology changing so quickly it is important to be aware of the growing list of hazards in cyberspace. This post will outline some great resources to keep your kids safe when they’re out surfing the world wide web.

It’s good to review your family’s set of Internet usage guidelines.  Make sure your child knows how to be safe, responsible, and respectful online. Reiterate the rules you have set in the past and also discuss any rules set by your child’s school.

Continue reading

Computer Viruses Moving to USB Drives

Everybody is now used to viruses being sent through email and malicious websites. In addition to these methods of virus delivery, experts are now saying that “25 percent of new worms (viruses) have been specifically designed to spread through USB storage devices connected to computers”.

So far, these types of infections are still outnumbered by those that spread via email, but it is a growing trend. “There are now so many devices on the market that can be connected via USB to a computer: digital cameras, cell phones, MP3 or MP4 players,” says Luis Corrons, Technical Director of PandaLabs. “This is clearly very convenient for users, but since all these devices have memory cards or internal memory, it is feasible that your cell phone could be carrying a virus without your knowledge.”

Read the full article, 25% of new worms are designed to spread through USB devices, on Help Net Security.

USB drives, like any device, can harbor and promote the proliferation of computer viruses.  Protecting your devices by knowing the source of the files that are on your drive and regularly running anti-virus software on that drive (when it is plugged into your computer) are two ways to prevent your drive from becoming infected in the first place.

If your USB drive becomes infected with viruses and you need help with recovering your data from the drive, LaptopMD is here to help you.