Sunday, August 21, 2016

Computer Security

Better Internet Security

The following is not related to Caswell County but might be helpful to those who use online resources to research Caswell County history (or otherwise are active on the Internet).

1. Remove from your computer all sensitive data files, including emails that contain personal data. Check your document folders on all drives. Download to a thumb drive (or CD/DVD) what you do not want to share with the world. If it is on your hard drive it is at risk. An external hard drive is also acceptable for sensitive files so long as you do not leave it permanently connected to your computer. When using it, physically disconnect your computer from the Internet.

2. Remove from your computer Adobe Flash and Java. They are notorious for providing hacker access.

3. Do not leave your smart phone, tablet, etc., connected to your home's WiFi. Keep these devices "clean" so that if they are compromised nothing sensitive is at risk. This will allow you to use public WiFi with more confidence.

4. Do not store passwords on your hard drive. This includes using so-called secure programs as Roboform.

5. Make your logon credentials (user name and password) crazily complex, and change them every three months. Here is an example of an acceptable password: e&2DU53qcKNte#PUJ*

6. For your extremely sensitive sites, such as banking, use the increasingly popular double-security measures. One of the best is sending to your smart phone a logon code each time you access the site. You then enter this code to complete the logon.

7. If using a PC, run Microsoft Malicious Software Scanner. Those with Apple products have fewer security issues. If you use Unix, you are in even better shape.

8. Make sure your firewall is on, that you have a good virus-protection program, and that you have a malware program. All three are necessary, and you still will be at risk. Update these programs regularly (or set them to update automatically).

9. Consider anything that you place in the "Cloud" as available to hackers, even if your service claims that all data are encrypted. If you do not want to share it with the world, do not make it available on the Internet. If you can access it, so can hackers.

10. Never, ever, click on a link contained in an email message that you do not trust 100%. This is like giving hackers the keys to your house. Malware easily can be installed through email. This is another reason for having a malware security program and, for those with Windows operating systems, for running Microsoft Malicious Software Scanner at least once a month.

11. Research the hacker protection provided by your Internet service provider. Some offer "free" virus protection. Make sure the software on your router is current.

12. Store your valuable files on multiple devices. If your files are hijacked and a ransom demanded, you can restore using the backup files.

13. This is a continuation of Rule #11: backup, backup, backup, backup. Then, backup again. Not only will this help with respect to ransomeware that makes its way onto your computer, but will be invaluable when your main hard drive dies (and, it will die). Consider a hard drive that does not have spinning discs. This is called a SSD (solid-state drive). But, it is really not a drive and contains no disc. It uses integrated circuit assemblies to store data. While expensive, what value do you place on your data?

14. Clear your web browser cache on a regular basis (daily is suggested). Without your knowledge, this stores your logon information. While it makes logging onto sites so much easier, it stores on your computer exactly how you logged on. How much easier could you make it for hackers?

This is different for each web browser. For example, if using Firefox: click on "History," then select "Clear Recent History." Internet Explorer has a similar feature; as does Chrome, etc.

15. Unless confirmed as legitimate (and really check this out), never allow a third party to take remote control of your computer. One of the biggest scam outfits is called AAKA. Once they have control, the technician will change your Account Database Startup Key Password (on Microsoft PCs). Without this, you have no access to your computer. Then, you will have to pay to use your own computer. Note: many of these hackers use the following password: 123123. If denied access also try: 0000, and 01234. While evil, they are lazy.

16. If you ever receive the following error message on your Microsoft PC, do not proceed. Just shut down:

"Windows Error 3031."

If you proceed you may have allowed malware to occupy your computer, and the next message will be:

"To pause the hacking application for two hours click here to pay using a credit card or PayPal." If you do not comply, your Windows files will have been hijacked.

While the error message can be valid (using an improper password), it has been co-opted by hackers.

17. If an outfit that you do not recognize offers you a free trial to Malwarebytes, be cautious. While Malwarebytes is a legitimate company, a version of it has been used to essentially take over your computer. Be careful. Go to the actual Malwarebytes website before subscribing. Be especially wary of any third party offering a subscription to an Internet protection service (firewall, virus, malware, identify protection, etc.). Many are scams. And, again, never allow them to take control of your computer remotely.

18. Value your privacy? Unsubscribe from any program feature that provides automatic feedback to the host (including, and especially Microsoft). This is just another method of tracking what you do on the Internet. Even if it would share problems you are having with a program -- what else is being monitored?

19. After logging off from a sensitive website (such as a bank or credit card company) close the tab/window and restart your browser. Some even recommend restarting your computer. Why take this precaution? The logon information remains in the background until the browser is closed. Example: Using Firefox a user logs onto PayPal, conducts business, and then logs off. The user then attempts to log back on and is able to access the site without again entering a username/password. Any hacker lurking around would be able to do the same thing. Thus, close and restart the browser after exiting a sensitive website.

Basics for PC users:

1. Upgrade to Windows 10.
2. Update all programs.
3. Adopt safe email and Internet browsing habits.
4. Remove sensitive data from your computer.
5. Use complicated passwords and change them often.
6. Make sure your firewall is on. This is free.
7. Install an anti-virus program. Excellent ones are free.
8. Install an anti-malware program. Excellent ones are free.

No comments:

Post a Comment