Have you thought about your New Year’s resolutions? As a member of the information security industry, I would like to share five resolutions that should not only be part of a list of resolutions to celebrate the New Year but should also be part of a regular security awareness plan.
[1] CHANGE PASSWORDS REGULARLY
If you have one key password or several, change them every couple of months or at least quarterly. Use Microsoft’s Password Strength Checker to determine the strength of your password, and don’t forget to use lower case letters, capital letters, and symbols. Don’t use any information that other people could figure out about you, such as, pet names or street names. And if you have so many passwords that you cannot remember them all, consider using a cloud-based password manager such as Lastpass (), or use a local (computer-based) program. Check out reviews online before downloading or purchasing. Here’s the link for Microsoft’s Password Strength Checker: https://www.microsoft.com/security/pc-security/password-checker.aspx
[2] DON’T CLICK ON ABBREVIATED LINKS
Abbreviated links are synonymous with social media. Be careful and don’t click on them without checking. Use a website to see the entire link before you click. There are several but here are two options: http://checkshorturl.com and http://urlxray.com. A co-worker shared this story: she clicked on a link she thought was sent by a reputable person, but the abbreviated link led her straight to a contaminated site, and before she knew it, her computer had been compromised, and her hard drive had to be reformatted. So, do your due diligence.
[3] PASSWORD-PROTECT IMPORTANT FILES
Do you have important spreadsheets on your computer? Do you have wills or book manuscripts? No matter what important files you may have, consider password-protecting them. This will add a layer of protection to the information in the event that a breach happens – and be realistic, a breach will happen eventually.
[4] VIRUS PROTECTION
ALWAYS use virus protection. Although it seems that the Norton vs. McAfee war continues every year, it doesn’t really matter if Norton is the top choice or McAfee is. Use one or the other. And always allow auto-updates. For an additional layer of security, consider Malwarebytes Anti-Malware. (http://www.malwarebytes.org) It’s always good to have a second opinion of a file’s security.
[5] BACK UP, BACK UP, BACK UP
Friends and family know that I say this all the time, but I know people who swore they had no need to back up their system. But with electrical surges, storms, tsunamis, earthquakes, etc., who wouldn’t agree that it’s better to be prepared than to have to re-create all your documents? And what about photos? Today, most of us keep photos on our computers, laptops, tablets, and smartphones – rather than in traditional printed albums. If your system got corrupted, how would you recreate those photo memories? So, once a week, or more often, back up your entire system. In order to remember, add the back up to your smartphone calendar. Use an auto back up program like Microsoft Backup for Windows and back up your data to an external drive – this can be done automatically on a daily or weekly basis without your involvement.
If you follow these practices on a regular basis, and not just at New Year’s, you’ll be one step ahead of the cyber criminals who want access to your data or to turn your system into a tool for cybercrime.
Do you have a favorite security resolution to add to the list? Chime in, and Happy New Year.
About the Author:
Allan Pratt, an infosec strategist, represents the alignment of technology, marketing, and management. With an MBA Degree and four CompTIA certs in computers, networks, servers, and security, Allan translates tech issues into everyday language that is easily understandable by all business units. His expertise includes the installation and maintenance of all aspects of the PC and peripheral lifecycle and the planning and integration of end-to-end security solutions. Allan also teaches both the CompTIA A+ and the CompTIA Security+ certification courses, and has been quoted in industry publications. Follow Allan on Twitter (http://www.twitter.com/Tips4Tech) and on Facebook (http://www.facebook.com/Tips4Tech).
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.