7 steps to better personal IT security


April 29, 2015 - By Ray O’Hara, CPP

Tags: , ,

In 2015, no one should take their digital security lightly. The past couple of years have been rife with breaches, data theft, governments spying, hackers stealing and reselling sensitive information – and more. At work, your IT department is in charge of tackling those digital threats, but what about your personal IT security and that of your family?

Individuals should be proactive when it comes to protecting themselves. No advanced tech knowledge is needed. All you need is an hour of your time to set this up—maybe less. Let’s have a look at seven easy steps you should take in order to keep you and your computer safe.

1) Cover the basics: software updates and anti-viruses

First, your system should be kept up-to-date at all times, and updates should be set to automatically download and install. The best way to do that is by enabling auto-updates. Both OSX and Windows should be doing it by default—but it can’t hurt to double-check.

Second, install an anti-virus—free or paid. Windows’ built-in Microsoft Security Essentials is not sufficient, and forget the myth that Macs are inherently safe. On the Windows side, Avast and Bitdefender are often praised. On the Mac side, look at Avast or Sophos. Remember to scan your whole system several times a month.

2) Make your passwords unique and secure. How about a password manager?

If you’re using the same password on multiple websites, now is the time to stop. If anyone gets hold of your one-size-fits-all password, all your logins would suddenly be compromised.

The easiest way to change that is by using a password manager such as LastPass, Dashlane, or 1Password. Those programs generate lengthy passwords with one simple click, and keep them stored in an encrypted database. You can then access them by using a master password. Of course, make sure your master password is strong and unique, and change it often. And don’t forget it!

3) Turn on 2-step verification

Sometimes, no matter how secure your passwords are, someone will find a way to discover or bypass them. This is why you should enable 2-step verification on the services you use. Facebook, Google, Twitter, Paypal, Apple, Microsoft, Dropbox and many more companies support it.

Once enabled, 2-step verification adds an extra layer of protection by requiring users to enter a password and an additional code. When trying to log in, the code is sent to you by SMS, found on a physical card, or generated through an app such as Google Authenticator.

4) Beware of cloud storage

Yes, cloud storage is incredibly convenient. However, by having your data hosted on a remote server, the responsibility of keeping that data safe relies almost entirely on the cloud storage provider. It’s a tremendous risk to take.

Individuals who wish to store sensitive data in the cloud should choose services that fully encrypt their files both locally and remotely, such as SpiderOak or Wuala. There are also programs—such as Boxcryptor—to encrypt your Dropbox/Onedrive folders before they’re uploaded to the cloud.

5) Don’t forget local encryption

Encryption makes the data on your hard drive unreadable without the password needed to decrypt it. Not only does this add yet another layer of protection against hackers, it also adds physical protection, too. If you were to have your laptop stolen, no one could access your files.

Both OSX and Windows have built-in encryption systems: FileVault for Mac, and BitLocker for Windows. There are many other services out there too, in case you don’t trust the default solutions.

Beware: Should you forget the password used to access your encrypted files, chances are you’ll never be able to get your files back. Encryption works!

6) Consider using Virtual Private Networks: They’re cheap, secure, and crucial for travelers

Simply put, VPN software “funnels” your Internet connection through a remote server and keeps the data you send and receive encrypted and safe from unwanted snooping. For a lengthier, more detailed explanation of what VPNs do, Lifehacker has a great article on the matter.

If you really care about your privacy, you need to start using a VPN right now to further boost your security. For added privacy, consider using a VPN provider that does not keep connection logs.

7) Boost your surfing security with browser extensions

All contemporary browsers support extensions (sometimes called add-ons). These small programs extend the functionality of your web browser, and some of them are particularly handy if you want to make your browser more secure. There are hundreds of great extensions out there, and a quick Google search for “browser extensions privacy” or “browser extensions security” will give you a plethora of great ones to install. Here are a few to get you started:

These seven basic steps should make your system much safer. Of course, there are many more threats out there you should be on the lookout for. Don’t hesitate to share with us any easy-to-implement tricks and tips you use to protect your personal computer.

Ray O’Hara, CPP

Executive Vice President

Prior to entering the corporate security sector in the late 1970s, Ray was a supervising detective for the Los Angeles Police Department. He led corporate security for Weyerhaeuser and GTE, and headed Garda World Security Corporation’s (formerly Vance) security consulting and investigations projects worldwide.

Ray has served ASIS in numerous capacities: Chairman of the Board and President of the International Board of Directors; President of the Professional Certification Board; and Chair of the ASIS International Investigations Council. Board certified in security management by ASIS International, Ray is considered a risk and vulnerability expert, and is a sought-after consultant in business vulnerabilities, homeland security initiatives, terrorism and political threats.