Be Your Own Security Expert
Security tips we should all be following. (This page is work in progress.)
Summary
Modern computers and mobile devices store vast amounts of information, some of it sensitive, and yet more of our data is in "the cloud", held by corporations such as Facebook and Google. Just as we've learned that keeping a front door key under the door mat might not be a good idea, there are important and not always obvious lessons we need to learn about keeping our digital lives safe. This page covers the basics.
Security Top Tips
Google carried out research comparing the top security tips given by security experts with the top security measures general users believed were important, and found worrying differences, as shown below.
Non-Security Expert | Security Expert | |
---|---|---|
1 | Use antivirus software
|
Install software updates
|
2 | Use strong passwords
|
Use unique passwords
|
3 | Change passwords often
|
Use 2-factor authentication
|
4 | Only visit websites you know
|
Use strong passwords
|
5 | Don't share personal information
|
Use a password manager
People often worry that to use a password manager is to put all their eggs in one basket. Well, it is, and don't use an obscure one, but with a really good master password the benefit is overwhelming. Never again struggle to remember a website's password or be tempted to choose a weak one or one shared among different sites, and let the password manager choose totally random and completely unguessable passwords for you. |
Additional tips
- Reduce your attack surface
- Unsolicited attachments/phishing
- Backups - 3 copies, 2 media types, 1 offsite
- Data destruction
- Public networks
- Physical security
Unsolicited emails
Clicking a link in an unsolicited email, or opening an attachment in one can really spoil your day. This is probably the commonest way to get infected with something bad.
The bad guys run these "phishing" campaigns in which they send out these malicious emails. Sometimes they are very crude, simply containing a link you may be tempted to click, just out of curiosity. Other times they may be quite cunning, e.g. making out there is a package addressed to you awaiting delivery. The email may appear to be from someone you know, if their contacts list has been compromised.
To avoid getting caught, treat with the greatest of suspicion all emails you weren't expecting unless you are quite certain the sender is genuine, and make sure your system is fully patched and updated.
External links
- External links (if any) as bullet points.
- If non, delete this section.