Recent news has once again shed light onto the ever increasing need to engage your cyber security with the same vigilance as your personal security. All too often, our own complacency leaves us vulnerable to the exploitation efforts of the less than noble. You don’t need to be a skilled practitioner of computer science or a tech guru to keep yourself safe. You just need to know and employ the basics as discussed below:
- Install strong virus and malware protection for all computers that access social networking sites. Be sure to update the software whenever possible. When the pop-up screen for an update is available try to always click “download and install” rather than “remind me later.” Cyber probes and attacks increase greatly in the timeframe between software updates when they have figured out the old system, but have yet to figure out the new. Don’t tip the advantage to the favor of your adversary.
- Passwords should be strong and frequently changed. It is important to not use the same password for more than one site, nor is it good to keep the same passwords in rotation. Strong passwords are at least 6 characters long and combine numbers, symbols and letters (in varying case) Do not use any passwords that contain anything that might be found in a dictionary or which have a personal association i.e.; your SS #, school sports number (Jordan23) or anything with your day, month, year of birth. The stronger a password, the more difficult it will be to be guessed or hacked. 4U@7Yu is a much stronger password than pass123word
- Do not visit unknown websites sent to you via private messages and emails from persons you don’t know know - this also goes for website invites which may seem out of character for those persons you do know. Your mom is very likely not recommending you buy pharmaceuticals from Korea. If it seems like a fraud...it’s a fraud.
- Social Media should never include private information. Don’t put anything on your social media page you would not be comfortable sharing with everyone. Privacy settings on websites like Facebook, LinkedIn, Twitter, Instagram and a variety of other social-sharing sites change often. Familiarize yourself with the site’s privacy settings and be sure take advantage of the options offering you the most privacy. Pictures of your home, car, and associated geotags are all useful pieces of information a potential hacker may use to exploit your cyber identity.
- Create unique answers to password recovery questions. Inevitably we will all at one time or another forget a password. When setting up your recovery options, it is perfectly acceptably to answer the generic questions with something completely random. These answers are not checked for truthfulness and are simply in place to protect your information from unauthorized attempts at gaining access. Cyber criminals are quite skilled at finding out the real answers to these password challenge questions from friends, colleagues, or from information you or your online acquaintances have previously posted online. For the purposes of password recovery, “Abracadabra” is a perfectly acceptable answer to “What is your mothers maiden name?” Your own imagination is often times your best security option.
- Do not “jail break” your mobile device. Doing so requires the user to disable the intrinsic security features of the device which means malicious applications will have access to all facets of information on your phone - regardless of your permission. Applications downloaded from verified vendors like Apple’s App Store have requirements that help protect the user. These requirements are bypassed once the jailbreak has taken place, which means the applications will no longer need to ask your permission before granting access to your contacts, GPS location or information associated with other files on your phone, like your pictures, text messages and emails.
- Do not engage in illegal downloads. Unlicensed internet services offering free downloads, zip files, or torrents of movies, music and other software packages often contain malicious spyware that is specifically designed to exploit your cyber security. These illegal downloads are often the main distribution method for delivering a virus or a trojan horse to your system.
- Create specific email addresses for specific uses. Avoid using the same email account for all of your internet activity. Employing task-specific email addresses will reduce your vulnerability by having your activities compartmentalized into those specific email accounts, and will limit the amount of damage any one compromised account can do to your overall cyber security. There is no limit to email addresses you may create. Trust me, you’ll still be able to find the friends you want to follow, it just won’t be as easy for them to find you...this is a good thing. Having one email account for Facebook, one for twitter, another for correspondence, and yet another for e-commerce is perfectly acceptable and encouraged.
- Do not label folders or sub-folders with titles that promote intrigue or interest. Labels such as “Passwords” “Bank Account” and “Important” are all specifically targeted items of interest in cyber attacks and probing mechanisms. Instead, label things with specific meaning to you with names of seemingly unrelated associations. If you’re favorite dessert is chocolate cake this may be the name of your favorites folder, whereas the food that gives your heartburn may be the appropriately named folder associated with your annoying co-worker. This practice also works great for the “notes” application on your mobile device.
- Utilize “Drafts” in an unassociated email account. With every website requiring a unique sequence of usernames, passwords, and additional log in features, it is often hard to keep track of them all - especially when they are all independently changed at varying intervals. Creating an additional email address known only to you, and then storing this information in a “Draft Email” will afford you a secure online hiding place for your information that you can access globally.
- Log out of accounts when done. You don’t have to shut down your computer, but the simple act of logging out of accounts especially on shared wifi, networks or computers (think Starbucks free wifi) will prevent the unfavorable access of your private information.
Following these everyday practices will reduce your own likelihood of being victimized, and will help you to prepare today for a safer tomorrow.