Saturday, 2 November 2013

Awareness: Online Security Tips

1. Software patches
Patch your OS and all your applications, especially your browser and browser plug-ins such as Java and Flash.
"This one step will likely give you 90 percent protection, as infections, which lead to privacy compromise, often rely on exploiting known vulnerabilities in your operating system".
Set up automatic updates whenever possible, such as in the Windows Control Panel, in Flash and in browser settings.
2. Two-factor authentication
Use two-factor authentication for as many accounts as you can. This means you must provide both a password and a second form of identification, such as a code that's sent to your phone, to log in to an account. Most of the major free service providers, such as Twitter and Gmail, have enabled this capability.
3. Anti-virus software
Use anti-virus software, and update it regularly.
"While it's only about 30 to 50 percent effective, it's still well worth doing."
Many ISPs will give you a free subscription for anti-virus software. There are several good free anti-virus clients, such as AVG and Avira for PC and Sophos for Mac, but paid anti-virus software adds extra features such as Web-link screening and anti-phishing alerts.
4. Web browsers
 You can stay safe using any of the "big five" browsers — Apple Safari, Google Chrome, Microsoft Internet Explorer, Mozilla Firefox and Opera — as long as you update them "rigorously."
Ideally, you should remove browser plug-ins that can execute code, such as Adobe Flash and Oracle's Java applet platform. This may not be practical in all cases, however.
"Most people don't do this, because they find the Internet very boring without these plug-ins".
You won't miss much with Java turned off — the only widely used online applications that really need Java these days are Web-conferencing things like GoTo Meeting. But many websites still use Flash for displaying video.
5. Scripts
Use a script-blocker plug-in for your browsers, such as the free NoScript for Firefox or NotScripts for Chrome. These plug-ins will block many ads and many types of active content, such as popups that occur when you hover over highlighted text and other elements based on Javascript, which are common ways for attacks to enter your computer.
6. Firewall
Use a software firewall on your system. Most modern operating systems, such as Windows and Mac OS X, include a built-in firewall, but you may have to enable it.
7. Password control
Do not use the same password for everything. I recommends using a password-management tool, such as Roboform Everywhere, to generate different passwords for each of your accounts.
At the every least, have separate sets of passwords for different types of accounts: one for banking accounts, one for free email accounts, etc.
8. Mobile-app permissions
"Beware of mobile apps that ask for massive control over your device, far in excess of what could be justified for what the app apparently does.
For example: Why would a game need access to your photos and contacts?
"Remember, if the app is free, that sometimes means that [your information is] the product being sold".
9. Linked accounts
Beware of online accounts that link to other accounts. Many Twitter apps do this. Once you stop using these apps, they represent a forgotten route into your Twitter account.
"Do a quick check, and you might be surprised how many forgotten apps have access to some of your accounts". "Delete them."
To see the apps that access your Twitter account, visit twitter.com/settings/applications — the length of the list may astound you.

No comments:

Post a Comment