/>
X

Ten basic steps to secure your PC and online accounts

The explosion of malware attacks and high-profile password and data breaches serve as confirmation that resourceful hackers are determined to break into your computer and online accounts. It's time to pay attention to these issues and follow some basic steps to stay secure while using your PC and surfing the web.

|
ryan-naraine.jpg
|
Topic: Security
passwordsecurity.jpeg
1 of 10 Ryan Naraine/ZDNet

Use a Password Manager

Password managers help to manage the mess of creating strong, unique passwords for multiple online accounts. This helps you get around password-reuse (you know you do it!) and because they integrate directly with Web browsers, it will automatically save and fill website login forms and securely organize your life online.

Some of the better ones include LastPassKeePass and 1Password.

gmail2step.png
2 of 10 Ryan Naraine/ZDNet

GMail two-step authentication

We all use GMail and some of us re-use a password from another online account to lock into GMail. Not good.  It's important to turn on Google's two-step verification to make sure no one is logging into your e-mail account without your knowledge.  It's a two-factor authentication scheme that sends text-messages to your phone to verify that you are indeed trying to log into your GMail.  It takes a about 10-minutes to set up and can be found at the top of your Google Accounts Settings page.  Turn it on and set it up now. 

fulldiskencryption.jpeg
3 of 10 Ryan Naraine/ZDNet

Full Disk Encryption

Set up and use full disk encryption to protect your private data, especially when travelling.  Full disk encryption uses mathematical techniques to scramble data so it is unintelligible without the right key. This works independently of the policies configured in the operating system software. A different operating system or computer cannot just decide to allow access, because no computer or software can make any sense of the data without access to the right key.  

Here's a useful primer on disk encryption and why it might be the most important investment you can make in your data. Windows users have access to Microsoft BitLocker while TrueCrypt provides the most cross-platform compatibility.

chromeupdating.png
4 of 10 Ryan Naraine/ZDNet

Use Google Chrome with Force SSL

With its strong sandbox, safe browsing tools, speedy patching and automatic/silent updating Google Chrome is considered the most secure web browser available.  Switch to Chrome and install the KB SSL Enforcer extension which will force encrypted browsing wherever possible.  The extension automatically detects if a site supports SSL (TLS) and redirects the browser session to that encrypted session.

backupimage.png
5 of 10 Ryan Naraine/ZDNet

The importance of back-ups

Get into the habit of automatically saving the contents of your machine to an external hard drive or to a secure online service. Companies like MozyCarbonite or iDrive can be used to back up everyone -- from files to music to photos -- or you can simply invest in an external hard drive and routinely back up all the stuff you can't afford to lose.  For Windows users, here's a cheat sheet from Microsoft.

uninstalljava.png
6 of 10 Ryan Naraine/ZDNet

Uninstall Java

Malicious hacker attacks against Java vulnerabilities have exploded over the last two years.  If you don't absolutely need it (chances are you don't!), immediately uninstall Java from your machine.     Removing Java significantly reduces the attack surface and save you from all these annoying checked-by-default bundles that Sun tries to sneak onto your computer.

adobe-reader-x.jpeg
7 of 10 Ryan Naraine/ZDNet

Update Adobe Reader immediately

Adobe Reader is a major target for skilled, organized hacking groups, especially those launching targeted attacks against businesses.  The newest versions --Adobe Reader and Acrobat X contains Protected Mode, a sandbox technology that serves as a major deterrent to malicious exploits. Adobe security chief Brad Arkin says the company has not yet been a single piece of malware identified that is effective against a version X install.  This is significant.  Update immediately.  If you still distrust Adobe's software, you may consider switching to an alternative product.

vpnusage.png
8 of 10 Ryan Naraine/ZDNet

Encrypt your Web traffic

We all check e-mails or Facebook status updates in coffee shops or on public WiFi networks.  It's important to invest in a virtual private network (VPN) to encrypt your activity and keep private data out of the hands of malicious hackers. This video explains all you need to know about the value of VPNs and how to set it up to authenticate and encrypt your web sessions.  If you use public computers, consider using a portable VPN application that can run off a USB drive.

socialnetworks.jpeg
9 of 10 Ryan Naraine/ZDNet

Social networks can be too social

Popular social networks like Facebook, Twitter and LinkedIn are happy hunting grounds for cyber-criminals.  Use common sense when sharing data, even if you think you are in a trusted environment. Do not post anything sensitive or overly revealing because your privacy is never guaranteed.  Pay special attention to the security features and try to avoid clicking on strange video or links to news items that can lead to social engineering attacks.

windowsupdatesettings.jpeg
10 of 10 Ryan Naraine/ZDNet

Patch, patch, patch

Hackers rely on security vulnerabilities as entry points into your machine.  It's important to stay on top of security patches and enable automatic updates on every piece of software where it's available. Use Windows Automatic Updates to ensure operating system patches are applied in a timely manner.  In addition, Use a reputable anti-malware product and make sure it's always fully updated.  Don't forget about security patches for third-party software products (Secunia CSI can help with this).  When installing software, go slowly and look carefully at pre-checked boxes that may add unwanted crap to your machine.  One last thing:  Go through your control panel and uninstall software that you don't or won't use.

Related Galleries

First look at the YubiKey Bio
YubiKey Bio

Related Galleries

First look at the YubiKey Bio

iVerify (version 17)
iVerify for iOS and iPadOS

Related Galleries

iVerify (version 17)

OnlyKey hardware security key
OnlyKey

Related Galleries

OnlyKey hardware security key

SoloKeys Solo V2
Solo V2

Related Galleries

SoloKeys Solo V2

iVerify: Added security for iPhone and iPad users
iVerify

Related Galleries

iVerify: Added security for iPhone and iPad users

iStorage datAshur BT hardware encrypted flash drive
iStorage datAshur BT

Related Galleries

iStorage datAshur BT hardware encrypted flash drive

Netgear BR200 small-business router
Netgear BR200

Related Galleries

Netgear BR200 small-business router