Certified Computer Systems

912.977.1349 / info@certifiedcomputersystems.com.

Safety Online

kids-around-a-computer
MCP(rgb)
mcts-logo
CompTIA-Security

 

An important aspect of securing any system is the concept of “defense-in-depth,” or having multiple layers of security and not depending on a single approach or technology to block all attacks. Here are some tools and approaches that are useful in stopping spyware or malware from invading a PC.

Learn, memorize and practice these 4 rules:

There are 4 basic rules for online safety. Follow these rules and you will drastically reduce the chances of handing control of your computer to hackers and thieves

1. If you didn’t look for it, don’t install it

2.  If  it’s free, research it for the negative aspects

3.  If you installed it, update it

4.  If you no longer need it, get rid of it

Create strong passwords:  Here are a few tips for creating strong passwords. Take a moment to review these, and consider strengthening some of your passwords if they fall short.  Create unique passwords that use a combination of words, numbers, symbols, and both upper- and lower-case letters. Do not use your network user name as your password. Don’t use easily guessed passwords, such as “password” or “user.” Do not choose passwords based upon details that may not be as confidential as you’d expect, such as your birth date, your Social Security or phone number, or the names of family members.  Do not use words that can be found in the dictionary. Password-cracking tools freely available online often come with dictionary lists that will try thousands of common names and passwords. If you must use dictionary words, try adding a numeral to them, as well as punctuation at the beginning or end of the word (or both!).  Avoid using simple adjacent keyboard combinations: For example, “qwerty” and “asdzxc” and “123456” are horrible passwords and are trivial to crack. Some of the easiest to remember passwords aren’t words at all but collections of words that form a phrase or sentence, perhaps the opening sentence to your favorite novel, or the opening line to a good joke. Complexity is nice, but length is key. It used to be the case that picking an alphanumeric password that was 8-10 characters in length was a pretty good practice. These days, it’s increasingly affordable to build extremely powerful and fast password cracking tools that can try tens of millions of possible password combinations per second. Just remember that each character you add to a password or passphrase makes it an order of magnitude harder to attack via brute force methods Avoid using the same password at multiple Web sites. It’s generally safe to reuse the same password at sites that do not store sensitive information about you (like a news website) provided you don’t use this same password at sensitive sites. Never use the password you’ve picked for your email account at any online site: If you do, and an e-commerce site you are registered at gets hacked, there’s a good chance someone will be reading your e-mail soon. Whatever you do, don’t store your list of passwords on your computer in plain text. One thing to note about password storage in the Mozilla Firebox browser: If you have not enabled and assigned a “master password” to manage your passwords in Firefox, anyone with physical access to your computer and user account can view the stored passwords in plain text, simply by clicking “Options,” and then “Show Passwords.” To protect your passwords from local prying eyes, drop a checkmark into the box next to “Use Master Password” at the main Options page, and choose a strong password that only you can remember. You will then be prompted to enter the master password once per session when visiting a site that uses one of your stored passwords.

If your e-mail provider offers 2-factor verification, take advantage of it:  Google Gmail is one of the few e-mail applications that offers some ways to receive the secondary logon codes. Also, don’t forget to add a recovery e-mail account, if your e-mail provider supports it. And if possible, use two-step verification on that secondary account as well.

Harden your hardware:  Wireless and wired Internet routers are very popular consumer devices, but few users take the time to make sure these integral systems are locked down tightly. Don’t make that same mistake. Take a few minutes to review these tips for hardening your hardware.

Make sure that you change the default credentials on the router:  This is the user name and password that were factory installed by the router maker. The administrative page of most commercial routers can be accessed by typing 192.168.1.1, or 192.168.0.1 into a Web browser address bar.  Leaving the router credentials with the default settings is a very bad idea Most modern routers will let you change both the default user name and password, so do both if you can.  When you’ve changed the default password, you’ll want to encrypt your connection if you’re using a wireless router (one that broadcasts your modem’s Internet connection so that it can be accessed via wireless devices, like tablets and smartphones). WPA2 is the strongest encryption technology available in most modern routers, followed by WPA and WEP. WEP is fairly trivial to crack with open source tools, so don’t use it unless it’s your only option.

Be sure to check for firmware updates for your router regularly:  Routers and other network devices DO NOT automatically update their firmware. Firmware updates are regularly released to protect the device from newly discovered security exploits.

Install Antivirus software:  This is probably the most overstated tool in any security toolbox. For years, security experts have been pitching the same advice: Install antivirus and firewall software, keep up with patches. Some companies even market their products with )bold and misleading) guarantees like “Total Protection!”. Here’s the reality: Antivirus software is good at detecting known threats, but not so great at flagging brand new malware samples. If you’re depending on your antivirus software to save you from risky behaviors online (downloading software from P2P/torrent networks, etc..) you’re asking for trouble. Again, it is best to think of antivirus as another layer of security for a modern PC.  Shop around: Antivirus companies make most of their money on renewals and steeply discount their products for new customers. 

Tools for a safer phone

Your phone stores more than just selfies. Your email account and phone number, for instance, are a gateway to resetting banking and other sensitive passwords.

Lock your phone with a passcode or PIN :  Failing to do so is like leaving your front door unlocked  Use at least a six digits passcode. A six-digit passcode is 100 times harder to guess than a four-digit passcode. If you want to make it even harder, you can add letters and other characters to further increase the number of possible combinations. These are options on both iPhones and Android Phones. The iPhone's self-destruct feature is something you must turn on in the settings, under Touch ID & Passcode. Do so, and the phone wipes itself clean after 10 failed attempts. But the 10 attempts apply to your guesses too if you forget your passcode, or if your kids start randomly punching in numbers. Android phones have a similar feature.  Both systems will also introduce waiting periods after several wrong guesses to make it tough to try all combos.  Biometrics, such as fingerprint scanners and facial recognition should be used and can act as a shortcut and make complex passcodes less of a pain.

Use encryption:  iPhones running at least iOS 8 offer full-disk encryption by default. That means that the information stored on the phone can't be extracted by authorities or by hackers and read on another computer. If the phone isn't unlocked first, any information obtained would be scrambled and unreadable.  With Android, however, you typically have to turn that on in the settings. Google's policy requires many phones with the latest version of Android, to offer encryption by default. But, according to Google, only 2.3 percent of active Android devices currently are running that version.

Set up device finders:  Find My iPhone isn't just for finding your phone in the couch cushions.  If your device disappears, you can put it in Lost Mode. That locks your screen with a passcode if it isn't already and lets you display a custom message with a phone number to help you get it back.  The app comes with iPhones, but you need to set it up before you lose your phone. Look for the Find iPhone app in the Extras folder.  Meanwhile, Activation Lock makes it harder for thieves to sell your device. The phone becomes unusable it can't be reactivated without knowing its Apple ID. The feature kicks in automatically on phones running at least iOS 7.  If all else fails, you can remotely wipe the phone's data. While your information will be lost, at least it won't end up in the hands of a nefarious person.  For Android phones, to find, lock or erase, the phone must be connected to a Google account and have location turned on and Find MY Device turned on

Back up your phone:  If you do have to remotely wipe the phone's data, it's comforting to know that you won't lose all your photos and other important data. It's also helpful if your toddler dunks your phone in a glass of water. As mentioned before, apps such as Find My iPhone and Android Device Manager will allow you to do this, provided you set them up ahead of time.

Keep your phone software up to date:  Software updates often contain fixes to known flaws that might give hackers a way into your device. On iPhones, Apple prompts you to get the update.  It's more complicated with Android because updates need to go through various phone manufacturers and wireless carriers first. But do install updates when asked

REMEMBER

Cellular phones are NOT provided with security updates indefinitely! 

 Make SURE that the phone that YOU are using is still receiving updates!

  Copyright © 2023 Certified Computer Systems  All rights reserved

912.977.1349 / info@certifiedcomputersystems.com.