7 Steps to Perfect Your Security Online
When you first get a computer you feel dumb because for perhaps the first time, you are surrounded by unfamiliar (and what seems to be highly technical) tools. You've never used a computer, perhaps, and just learning how to do basic things feels daunting.
Follow these basic steps and you can keep your information safe.
Bruce Schneier says that you should write your passwords down on paper. That's good advice. However you do it, don't use the same password everywhere. Passwords are supposed to be hard to guess, so get creative. Use a phrase, not just a word. Use numbers, letters, upper and lower case, and make them long: longer than 8 characters is best. There's a reason for passwords, don't get sloppy and overlook them. When you are on a site that's asking you for credit card information, the password you choose should be more complex, more unique, and more secure. Consider carefully if there's a reason for sharing credit card information, social security information, or any other sensitive information. Do not share your address, phone number, or email address unless you are sure the site is protecting your information and you have used a very secure password.
Tip for Grandma: use the web site's name backwards as the password or click here for a password generator site that will make you a custom & secure password.
Step Two - avoid open wireless networks
Wireless networks transmit information to your computer in one of two ways: (A) Encrypted with a password required - through a crackable and weak WEP system, or a more secure WPA2 encrypted connection. Generally the library or coffee house will provide you with this password - it's not the password that protects you (because it's a shared password that anyone can get) but it is the fact that the connection to your computer is uniquely encrypted when this password is used. (B) Not secure "open" network where no password is required. The open networks mean that anyone with sophisticated tools can sniff the data from the air and view your communications as they are sent to the Internet. Don't use open networks unless you don't care if the data being sent and received (including passwords) is viewed by others.Even encrypted wireless has vulnerabilities. But for beginners, avoid the open wireless network and stick to password protected (WPA2 not WEP) networks wherever possible. P.S. If you are employed by a company that provides you with "virtual private network" (VPN) connectivity, you can use a VPN on an open WIFI network (or any wireless network) to route all traffic through your company's secure and encrypted VPN. Check with your company to follow VPN policy as recommended. Using a VPN on any wireless network generally improves your security.
Tip for Grandma: don't use wireless.
Step Three - use "https://"
When connecting to email, banking sites, or sensitive sites where financial or private issues are at stake, be sure your connection through your browser is secure, or prefixed with https:// Thus connecting to https://google.com sets up anencrypted connection between your computer and Google. When you enter anything on that site, the data sent back and forth is protected through an encrypted channel. Not all sites support the https:// browsing feature, but look for it whenever possible. If you are using a Banking site, Mint.com or any site that might use your financial or identity information, the "secure browsing" option should be mandatory. Unfortunately, there are problems with secure browsing, explained in greater detail here. The companies who provide the certificates and encrypt the data between web sites and your computer are under attack themselves, and one such attack, the "man in the middle" between your computer and the web site that you thought was secured with "https" means that you can't even always trust secure browsing. But better to use https than just a normal http connection, so get to know that extra "s" and add it to the web address whenever possible. If you use Firefox web browser, there's even a plug-in feature that automatically tries to connect with https each time you visit any site. Download Firefox and then try it out here.
Tip for Grandma: type https:// before every www web site address like this: https://www.google.com
Step Four - update your computer, turn on the firewall
Any computer should have updated patches turned ON. If you're on a Mac these happen automatically, and when on Windows, the settings can be turned on with Windows Update. Apply these updates and turn on the firewall that comes with your computer. For Mac, click here. For Windows, click here to learn how to turn on your firewall and apply updates. Patch your computer when updates are available, and leave the firewall on wherever possible. This will protect your computer. Most home routers provide additional levels of security, so use them.
Tip for Grandma: get someone else to turn on the firewall
Step Five - know your banking rights
It's important to understand your liability and exposure if using a credit card online. Most banks limit your liability to $50, but check your card agreement to find out what you stand to loose if your credit card does fall into the wrong hands. Most agree it's a bad idea to use a debit card online.
Tip for Grandma: don't use a credit card on the Internet
Step Six - reformat your computer every year
It's also a good idea to rewind your computer to factory settings once a year, or more often if you are particularly paranoid, both to keep the computer running fast, as well as to erase or remove any virus that may have infected it.
Tip for Grandma: buy a new computer every year; better yet, buy a Mac
Step Seven - use antivirus software
An antivirus software program will attempt to prevent and remove virus activity. They are not completely effective, but are better than nothing. Find one and use it. Microsoft Security Essentials is my favorite, but for personal use you should not have to pay for Antivirus - they are generally free for personal use. Beware of ANY requests on your computer to pay for personal antivirus software, these are actually a virus!
Tip for Grandma: don't download anything. Install Microsoft antivirus
More tips from CNet here.
No comments:
Post a Comment