madison

Zero Day

Ryan Naraine and Dancho Danchev
Home / News & Blogs / Zero Day

Ten little things to secure your online presence

By | January 11, 2012, 1:34pm PST

Summary: Here’s some basic advice on the tools and tricks you can implement immediately to secure your identity and online presence.

Life online can be a bit of a minefield, especially when it comes to avoiding malicious hacker attacks.

follow Ryan Naraine on twitter

You’ve all heard the basic advice — use a fully updated anti-malware product, apply all patches for operating system and desktop software, avoid surfing to darker parts of the Web, etc. etc.

Those are all important but there are a few additional things you can do to secure your online presence and keep hackers at bay.  Here are 10 little things that can provide big value:

    1. Use a Password Manager

Password managers have emerged as an important utility to manage the mess of creating strong, unique passwords for multiple online accounts. This helps you get around password-reuse (a basic weakness in the identity theft ecosystem) and because they integrate directly with Web browsers, password managers will automatically save and fill website login forms and securely organize your life online.

Some of the better ones include LastPass, KeePass, 1Password, Stenagos and Kaspersky Password Manager (disclosure: my employer).  Trust me, once you invest in a Password Manager, your life online will be a complete breeze and the security benefits will be immeasurable.

    2. Turn on GMail two-step verification

Google’s two-step verification for GMail accounts is an invaluable tool to make sure no one is logging into your e-mail account without your knowledge.  It basically works like the two-factor authentication you see at banking sites and use text-messages sent to your phone to verify that you are indeed trying to log into your GMail.  It takes a about 10-minutes to set up and can be found at the top of your Google Accounts Settings page.  Turn it on and set it up now.

While you’re there, you might want to check the forwarding and delegation settings in your account to make sure your email is being directed properly.  It’s also important to periodically check for unusual access or activity in your account. You can see the last account activity recorded at the bottom of GMail page, including the most recent IP addresses accessing the account.

Next — Google Chrome and using VPN

More from “Zero Day”

Topics

Google Gmail, Password, Google Chrome, Authentication, Password Manager, Google Apps, E-mail Providers, Internet, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a security evangelist. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Talkback Most Recent of 58 Talkback(s)

  • Secunia PSI
    Secunia PSI is awesome to keep your PC with the latest updates for non-MS programs. Highly recommended.
    ZDNet Gravatar
    markbn
    11th Jan
  • RE: Ten little things to secure your online presence
    @markbn
    Yeah but you need Java to run Secunia PSI. Isn't that a no-no on Ryan's list?

    Number 7?

    PS: and no I didn't flag you.
    ZDNet Gravatar
    ScorpioBlue
    12th Jan
  • RE: Ten little things to secure your online presence
    @markbn It's ok... but I've found problems with it...
    ZDNet Gravatar
    ebarrow
    12th Jan
  • RE: Ten little things to secure your online presence
    @ebarrow like what?
    ZDNet Gravatar
    rgrrogue
    14th Jan
  • RE: Ten little things to secure your online presence
    @markbn The secure thing that we are all using in that time there it is: http://www.technologyfazer.com/google.html
    ZDNet Gravatar
    nomikhokher
    12th Jan
  • RE: Ten little things to secure your online presence
    Its quite interesting and well we can be secured when we are online.......
    ZDNet Gravatar
    johnhein7
    11th Jan
  • RE: Ten little things to secure your online presence
    Thanks Ryan:) it was very helpful. i use comodo antivirus software.Comodo secures and authenticates online transactions and communications for over 2,000,000 businesses and consumers.From client member areas to online transactions, its crucial that customers have confidence that their data is encrypted.they offers a number of solutions in this area which are quick to setup and affordable.
    ZDNet Gravatar
    jerald76
    11th Jan
  • Google 2 Factor & Chrome
    I agree with most of your comments, and have implemented many of them - although it is not possible to de-install Java as several key sites we use for ordering goods have Java based shops.

    The Google 2 factor authentication assumes that you have a mobile phone and that you have it with you. Good, most of the people I know, who don't have a mobile phone also don't know that you can log into Google in the first place...

    But I usually leave the mobile phone sitting in the kitchen, when I am at home, as there is no/limited reception in the cellar, where my home office is. That means, that I would have to run up stairs, every time I want to log in. Also, if I am out and about, without the phone, it makes it hard as well - yes, we don't all carry our phones everywhere with us.

    Secondly, I still use Firefox, because I find NoScript is indispensible, as well as an SSL enforcer. I've tried a few JavaScript blockers in Chrome, but none are as effective or configurable as NoScript.
    ZDNet Gravatar
    wright_is
    12th Jan
  • RE: Ten little things to secure your online presence
    @wright_is Yes, I love NoScript. Plus, I don't like the Chrome user interface as well. I also use Secunia... I have a more old-fashioned approach to passwords and browsing history. I use TrueCrypt to encrypt a partition with a very strong password, and put my brower information, passwords, Outlook, and other sensitive information on that partition. That way, I don't need an Internet connection in any way to get to my passwords. One thing I DON'T like about Chrome is that I can't change where it's information is stored to that partition.
    ZDNet Gravatar
    ebarrow
    12th Jan
  • RE: Ten little things to secure your online presence
    @wright_is Some of us have mobile phones but don't have TEXT.
    ZDNet Gravatar
    xamountofwords
    15th Feb
  • RE: Ten little things to secure your online presence
    @wright_is FWIW, one can set up Google 2FA with a Google voice number to get the authentication code as an email (and have a filter set up to autoforward to secondary/dummy account w/o 2FA), or generate and write out/print out a set of one-time-use passwords and stick it in your wallet as a backup.
    ZDNet Gravatar
    Gritztastic
    6 days ago
  • Encrypt your hard drive
    ... if you like to brick your shiny new laptop. Bottom line, if your software encrypts your hard drive, using either the free truecrypt or the $400 bitlocker option, you will turn your laptop or desktop into a paperweight. The reasons are two-fold:

    (1) The encryption/decryption kicks in every single time the hard drive is accessed. Yes, that includes all those times the virtual ram is read/written to. It'll turn the simple act of installing an update to your system into an exercise in sainthood. That brand new laptop you bought and spent way too much money for that shiny I7 and a zillion GB of RAM now runs about as fast as an Pentium II with 128 Mb of Ram.

    (2) If your system "bytes the bullet", i.e. if the hard drive crashes, there's a good chance you will not be able to recover the data from your backup. Most backup software is not encryption aware. I also don't know anyone that owns MS Win 7 Ultimate, which is what you need to run bitlocker on your system - for obvious $$ reasons. You can run backup software from inside the OS if you don't mind spending 6 hours a day backing up your system, rather than 20-30 minutes if it's not encrypted. If you do a drive-level backup from outside of the OS I have to tell you that most backup software does a poor job of restoring the data to another drive,i.e. it plainly fails. The fun part? You won't know that your backup is toast until you really need it. And don't get me started on incremental backups on encrypted drives. Makes you want to commit seppuku with a spoon.
    ZDNet Gravatar
    rock06r
    12th Jan
  • RE: Ten little things to secure your online presence
    @rock06r Thanks ! makes you wonder how good the rest of 'advises' are. You might want to encrypt your hd if your system resides on a separate hd, and even then you will still face those backup issues. Besides, are the pictures of your children's birthday party worth encrypting?

    The only thing worth reading on this site are the reader comments.
    ZDNet Gravatar
    ForeverSPb
    12th Jan
  • Encryption for privacy
    @ForeverSPb,
    Good point. I think some are encrypting their HD using some powerful 1024-bit encryption tools to protect their pictures which are about to be uploaded to facebook.
    ZDNet Gravatar
    Martmarty
    12th Jan
  • RE: Ten little things to secure your online presence
    @rock06r Lol... yes, I'd rather have most of my drive unencrypted! That's why I use a separate partition happy
    ZDNet Gravatar
    ebarrow
    12th Jan
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources