A lot of people ask me about this and although it's not my professional technical strength (I make my money with SharePoint), but I do take this matter seriously.
These are my thoughts and recommendations for some quick preventative tips:
There are many AV software companies out there, such as: McAfee, CA, Symantec, Bitdefender, Kaspersky, Trend Micro, and Microsoft Security Essentials.
None of them are perfect and free with Windows 10, so that's one good reason to upgrade and most have antivirus, malware, spyware, and adware protection, as well as other vital functions, including Phishing Protection (very important these days).
Microsoft does make it into Garter's Magic Quadrant
Other tips for personal IT, I would recommend:
- Keep your systems and applications up to date!!! This is one of the most important thing you can do, and the easiest. This applies not only to Windows/MacOS/LINUX, but also your iPad/iPhone, Android Cellphone, Firewall, applications, etc.
-
Backup your data to the cloud, but be sure the solution provides these three things as a minimum:
- Encryption
- Ransomware Detection and Prevention
- Two Factor Authentication
- Enable "Two factor" authentication on all bank accounts, then investment accounts, company systems, etc. Two factor includes applications such as Google Authenticator, Microsoft Account, Authy, etc. Two factor also includes texting to your cellphone, but beware, cellphones are being hacked more and more.
-
Install web browser plugins (NOTE: some will slow down performance, but that's the price you pay for security):
- IBM Rapport (Trusteer) on your computers used for online banking, and NEVER bank on any other computer! http://www.trusteer.com/en/download-rapport
- uBlock Origin (or AdBlock Plus)
- HTTPS Everywhere https://www.eff.org/https-everywhere
- WiFi – Use a VPN, such as https://www.surfeasy.com/pricing/ or https://www.tunnelbear.com/pricing
http://www.techradar.com/news/top-10-best-vpn-browser-extensions -
Learn more about phishing attacks.
- Sign up and educate yourself and your staff and family. Full disclosure, I sell and "add value" with a turnkey solution to www.knowbe4.com thru a service, "TouchstoneSecure". There are lots of other services you can subscribe to for "Cybersecurity Awareness Training".
- Do not to open or trust email, texts, or mail from any business, period. Always independently contact the company separately (e.g. call the number on the back of your Credit Card, or the number published on the company's website).
-
Practice safe passwords https://www.cyber.nj.gov/cyber-blog/passwords-passwords-passwords . I am not so strict, as this is difficult, so I do something slightly different, I use two words with numbers and characters in between, e.g. Foreignword1711!other, where foreignword is a foreign language word, 1711 is YY/MM, !, and another is a word that might relate to the site where the password is used. For example, for Microsoft, I might use Ct@k@h1711!Microsoft, and for Amazon I might use Ct@k@h1711!Amazon (Ctakah is Russian for Glass). The nice thing about this is, when I need to change the password, which might be every month, only one or two charactesr change, e.g. Ct@k@h1712!Microsoft. Use your imagination!
- Dashlane https://www.dashlane.com/ is a great password management tool, you can really get the complex passwords to go crazy.
- Run a Security suite, such as Defender.
-
Protect your cellphone by:
- Change your online account password and pin. Case in point: http://www.zdnet.com/article/how-to-protect-yourself-from-the-verizon-data-breach/
-
Keep it up to date!
i. Android Settings, System Updates.
ii. iPhone (connect to a secure wifi, one with a lock symbol), Settings, General, Software Update.
-
Enable security on your Android phone:
i. Encryption https://www.androidcentral.com/how-enable-encryption-android
ii. Screen lock, secure lock https://www.verizonwireless.com/support/knowledge-base-203762/
https://www.xfinity.com/mobile/support/article/224162007/how-do-i-set-up-the-security-features-on-my-samsung-galaxy-s7s7-edgeiii. Turn off notifications https://www.verizonwireless.com/support/knowledge-base-203723/
iv. Secure Startup Settings, Lock Screen and Security, Secure Startup
v. Auto factory reset upon x number of password attempts Settings, Lock Screen and Security, Secure Lock Settings
vi. Lock SIM Card Settings, Lock Screen and Security, Other security settings https://www.verizonwireless.com/support/knowledge-base-203549/ PS be sure to change the default SIM PIN!
vii. Enable Security Policy Updates https://www.androidcentral.com/how-turn-automatic-samsung-security-policy-updates-galaxy-s7
viii. Enable "Find My Device" and configure to allow for erasing all data https://www.verizonwireless.com/support/knowledge-base-158145/ or http://www.samsung.com/global/galaxy/apps/find-my-mobile/
ix. Consider "Pinning" an application if you suspect it isn't completely safe. https://www.samsung.com/us/support/answer/ANS00040921/
-
Enable security on your iPhone
i. http://www.zdnet.com/pictures/new-to-ios-11-change-these-privacy-and-security-settings-right-now/
ii. Verify encryption http://www.zdnet.com/article/how-to-turn-on-iphone-ipad-encryption-in-one-minute/
iii. Use the bitdefender's free tools:
https://www.bitdefender.com/toolbox/
They have a phone locater and wipe feature.
PC Home scanner. This scans hidden backdoors to your PC.
- Fingerprint Login – This is a controversial topic, I leave this up to you. I use fingerprint login personally, the convenience is outweighs my risk, but I also practice many other things to minimize the risk. https://www.nytimes.com/2017/04/10/technology/fingerprint-security-smartphones-apple-google-samsung.html?_r=0
- https://www.cyber.nj.gov/cyber-blog/staying-cyber-safe-this-holiday-season
And for those who think they have their cybersecurity under control, happy reading:
Microsoft
Gartner Report : https://www.gartner.com/doc/reprints?id=1-42VJ7MJ&ct=170612&st=sb