Secure Thinking

I often speak on ‘Secure Thinking’ to a variety of audiences, and share some suggestions on how to keep themselves safer in their online lives.  Here’s those tips:

 

• Patch your systems regularly (patch Tuesday is a great start)
• Run Anti-Malware, but don’t pay too much for it.
• Uninstall flash completely. If you need it, run it inside Google Chrome (and only use Chrome for flash sites).  Likewise with Java in your web browser.
• Stay off the seedy side of the net
• Only install software from trusted sources
• Don’t click links in emails.
• Avoid wi-fi hotspots, or use a personal VPN if you need to use them. I use getcloak.com
• Never, ever use a public computer, for anything. It’s like swimming in a sewer.
• If you find a USB thumb drive, destroy it – never plug it in.
• Encrypt your data – FileVault or BitLocker
• Backup your data to a trusted repository
• Use robust, unique passwords for every site. I use 1Password from agilebits.com to manage mine (and store a copy of the file with another family member)
• Enable two factor authentication when it’s offered
• Enable a passcode on your phone. If it’s iOS or a Google Nexus running Marshmallow or newer, consider using the fingerprint reader to make it more usable.
• Only use Google Nexus android devices to ensure you can stay current
• When asked for secret questions, lie – and record those lies in 1Password.
• Lie to websites that ask for information they don’t need – why does a game company need my real birthday?
• If you receive an inbound phone call, don’t assume it’s real. Hang up without sharing any information and call the bank/insurance company/etc back from the number on your card or statement.
• Get a credit freeze – not credit monitoring. Brian Krebs has a great article on this. Store your PIN in 1Password, and keep a backup copy of the vault In a safe place.

 

In the end, it boils down to simply being aware.

 

Think about security!