Update your Software
Hackers wants to exploit vulnerabilities in software to reach your data, so keeping your software updated helps you stay one step ahead of them and prevent problems before they start.
- Laptop/Desktop Computers: Keep up-to-date with security updates to your operating system and virus scanning software
- Internet Browsers: Keep up-to-date with the latest version, including add-ons or plugins
- Website CMS/eCommerce Software: Keep up-to-date with software versions, themes, plugins, and apps. WordPress users: read Why and How to Update WordPress.
Public WiFi Security
When connecting to a public wifi network or hotspot such as a coffee shop or airport, your computer is vulnerable by attack from anyone else connected or monitoring the network.
To prepare for WiFi Hotspots:
- Install a virtual private network (VPN) software that will create an encryption-lined tunnel between your computer and a server to keep your data secure while it moves back and forth. Here is a comparison of the top VPNs with in-depth reviews. All you have to do is install the software on your computer and start it up when connecting to a hotspot.
- Password protect files that have sensitive login information. Word/Excel/PowerPoint applications provide an easy way to password protect your Microsoft Office files but you MUST remember the login since it is irretrievable later.
Consider my summary points below but feel free to check out more info by clicking on the graphic (right) that links to a full length article.
- Watch out for “Evil Twin” Hotspots. These are wifi hotspots set up specifically to eavesdrop on user’s data. They may mimic the name of the shop you’re at to lure people into connecting to the THEIR network, then mine sensitive data like passwords as you enter them, EVEN AFTER you walk away from that hotspot. This is especially known to happen at airports. Always confirm with shop owners what network to connect to.
- To be completely safe, just use a virtual private network (VPN) when connecting to the public WiFi (see above) or use your own WiFi hotspot through your phone or personal hotspot device (called tethering).
- Look over your shoulder. Keep personal information like financial data and passwords off your screen when someone could potentially glance over and see it.
- Do not login to certain websites (paypal, bank, credit card, or shopping sites) and do not open password protected documents that have any login information or financial security information when on a public WiFi. Just a plain NO-NO!
Protect your Logins and Devices
- NEVER email sensitive information (logins, credit card info, bank info, SSN). Let me say that again: never send sensitive information through email. Email is one of the least secure areas of the web – it is non-encrypted, often mined for adwords, and as easy as opening up someone’s postal mailbox. We instead recommend sending logins through multiple methods. For example, text/phone the username and email the password by itself without stating what the password is for, OR just call with any login info.
- Protect your mobile devices. Password protect your devices; each device may have a different option, such as a 4-digit password or a swipe pattern. Do not store sensitive data on your device and make sure a backup is setup in case it is lost or stolen. Log out of applications when not using them, or simply shutdown the device (i.e. tablet devices are sometimes unable to close applications so is best to simply shutdown). Never leave your device unattended.
How Secure is my Password? How to make your Password Safe
- Create strong passwords. A strong password is a LONG password containing 12-16 characters. Length makes for a stronger password than complexity. Despite popular belief, a simple word containing numbers in place of letters is not secure and easy for a brute force attack script to guess.
Generate a strong password online using a tool like simplestrongpasswordgenerator.com or signup for LastPass (read below).
- Don’t use the same password for multiple websites. This limits the damage caused if someone does manage to break in.
- Make your email password the most secure, because often your online accounts can use your email address to reset the passwords. If someone gains access to your email account, they could potentially change all your logins and gain access to everything.
- Use a tool like LastPass that keeps track of your login information and to generate strong passwords. LastPass allows you to use one password to login, and then can generate strong passwords for every site you log in to and stores them securely. If your computer were to be stolen, you would update your master password and effectively block the person from logging into any of your remembered sites.
- For Google accounts, set up two-step authentication for added security.