Digital Life Security Checklist
An updated version of this advice is at https://positek.net/safe-digital-life/
Digital Life Security Checklist: Here’s a revised version of my handy list of things you need to do (or not!) to have a healthy and secure Digital Life. This applies if you use any consumer technology, including computers (Mac or PC), tablets, smartphones, online banking or other services, social networking, or any electronic device or service that has any of your personal information.
Feel free to print this out and share. I will continue to update this list as new threats emerge that impact Your Digital Life. Please note that if you need help with any specifics on how to do anything on these lists, post a comment or Contact Us with your questions.
Computer & Home Network Security Checklist
- Put a good password on all computer user accounts
- Create a standard user account for everyday use
- Don’t use an Administrator account except to install new programs or troubleshoot
- Set your screen to lock when you’re not at the computer, requiring a password before it can be used
- Change the password on your network router and any devices on your network that can be password-protected (even printers!). Hackers know all the default passwords that come on the consumer tech devices you buy.
-
- This includes routers and cablemodems that come from your internet service provider as well as any you buy at a computer supply store
-
- For Windows PCs, use a high-quality computer security suite (our current recommendation here), keep an active subscription to it and keep it up-to-date. Also use a quality anti-malware program (our current recommendation here) and a good password manager (our current recommendation here).
- For Macs, use a good password manager and consider regularly scanning (using a good scanner like this) your system for threats – they may not infect you, but could infect your friends’ PCs . Also use an Adware checker (such as this one) to keep adware off your system.
- Keep all your programs and system software up-to-date – out-of-date software is a security risk.
- For Microsoft Windows computers, turn on Automatic Updates (in the Control Panel/Security Center) and leave your computer running overnight at least once a week so the updates get installed. Or run Windows Update at least monthly.
- for Macs, run System Update at least monthly and take all updates (turn on automatic updates if available). Also run Microsoft Office Update (from any Office program’s help menu) if you use that program, and get Adobe or Java updates from their websites (if you use them). And check for App Store updates at least monthly – install them as they are released if possible (the App Store will let you know when they become available).
- Adjust the Power Options on your Microsoft Windows computer (Macs can use the default power options)
- never use sleep mode, just have the screen turn off after 10-20 minutes of inactivity (5 minutes while on battery power).
- set laptops to use hibernate instead of sleep mode whenever on battery power to prevent overheating while the laptop is being moved. Hibernate should be the default action when you shut the lid of your laptop.
- don’t power down the hard drive ever except when the computer is shut off or hibernating (not applicable to SSDs)
- disable the sleep mode function on the keyboard, set it to either do nothing or go into hibernation.
- Don’t hibernate overnight – that’s when your Windows updates are automatically applied
- Don’t install software you don’t really need, and uninstall (using Windows’ Programs and Features) any installed software you don’t need.
- Don’t install any file-sharing software
- Keep what you do install up-to-date
- If you choose to use an alternative web browser, keep it and the default web browser up-to-date
- If you use helper programs (like Java, Adobe Reader or Adobe Flash Player), be sure to keep them up-to-date by installing them from their website (lots of fake updaters out there).
- Backup the personal data that’s on your computer to someplace else. Practice how to restore a backup so you know how to do that.
- For Microsoft Windows, create a System Repair Disk, and create a System Image (on a DVD set or external hard drive). If you use Windows’ built-in backup tools, practice how to restore.
- For Macs, get and setup a Time Capsule and setup Time Machine. Practice using it to restore your system so you know how.
Follow Safe Computing Practices (a baker’s dozen of good advice for a healthy digital life!)
- Sign up for credit monitoring and fraud alerts (such as from Equifax), and watch your bank and credit card statements closely. Question any transaction you don’t recognize.
- Use strong and unique passwords everywhere (a good password manager will help you) at least 13 characters including at least one capital letter, one lower-case letter, one digit, and one non-alphanumeric character that your keyboard has (usually a shifted number key). Every single website or online place you visit should have a strong and unique password used nowhere else. Anytime you suspect a compromise of your Digital Life, you should preemptively change these critical passwords:
- Your password manager’s master password
- Your email account password
- Any online banking, credit card or other financial account passwords
- Create and use a secondary email account for…junk (you can either check it separately or set it to forward to your main account). You can give out that secondary address for commercial entities and keep your main email address more private – just for people you know. You can change to a new secondary email account when needed to reduce the spam you get.
- Setup password reset features, secret questions and 2-factor authentication wherever available. Check available security settings regularly (they do change) and set them for maximum security.
- Don’t assume that email actually came from who it says it came from, email is notoriously easy to fake.
- Don’t click on links in emails – even from people you know. Open a web browser and type in the link.
- Don’t open file attachments without checking them with your security program.
- Use a junk email filter. Don’t open emails that look like spam, just delete them. Never reply even to unsubscribe – that just proves your email address works and gets you more spam.
- Watch your computer for suspicious behavior, and take appropriate action – changing critical passwords, scanning for and neutralizing threats, etc. If you’re not sure the behavior is suspicious, use the Ask Your Tech Coach link, send us a screenshot (or send us a snapshot of your computer screen), and get advice before you ignore that popup or other warning.
- Don’t insert non-commmercial CDs, DVDs or thumbdrives without first scanning them for threats (our recommended security suite will do this for you).
- Never operate your Windows computer without protection enabled, and avoid using an Administrator account for daily use.
- Restart your computer anytime it’s not acting normally and at least once every few days, just to help prevent problems.
- Be careful about sharing your traveling plans, thieves watch social networks for people on vacation so they can hit empty houses.
Online Security Checklist
- Use good passwords and don’t re-use passwords. A password manager will make this do-able.
- Your email account password security is critical since most other online places have a ‘forgotten password’ feature that emails you reset instructions.
- Watch for any hints that a password has been compromised, and change your critical passwords.
- Don’t use your email address as a username wherever possible
- Don’t visit dodgy websites or download software without verifying their safety, use the Ask Your Tech Coach link if you’re not sure.
- Don’t assume your ‘buddy’ in IM or social networking really is – identity theft is rampant and getting worse
- Don’t accept friends you don’t know in the physical world
- Don’t respond to unsolicited ‘anything’ online
- Keep your personal life details personal – don’t share everything – don’t give out personal information online except to someone you really know (in real life) and through a secure message method (regular email is not secure!)
- Use your junk email account to register on websites, post comments, etc.
- Use your main email account for banking, credit card, and online account password resets
Mobile Security Checklist
- Get your own wi-fi hotspot if possible
- If you use public wi-fi, only use secure communications (e.g., https://…)
- Make sure SSL is enabled on your smartphone or tablet’s email configuration
- For websites where you log in, be sure https://… is showing in the web browser – on the login page
- Hide your screen/keyboard actions
- When tapping or typing in passwords or phone numbers
- when looking at anything which has your personal information
- Never leave your computer, tablet or smartphone unattended, thieves are watching for easy pickins
- Set up and use secure locating and erasing capabilities
- Secure your devices against pickpockets and thieves
- No open purses or purses hanging from your chair or on the floor – keep purses in front of you in your line of sight
- If not actively using them, keep your devices in a pocket or in your hand
Physical Security Checklist
- Don’t let a stranger use your personal computer, tablet or smartphone for any reason, even if just for a minute
- If not actively using your computer, tablet or smartphone, lock the screen. If it does get stolen, at least your data is safe.
- Give your kids their own computer, tablet or smartphone to use, not yours
- Don’t give anyone access to your email account
- Never give out personal information on the telephone unless YOU called them, even callerID can be faked
- Never give out personal information at the front door, unless you know the person
- Don’t just throw papers in the trash or recycling, shred anything with personal information
- Shred the covers that show your name and address from any subscription magazines you get.
- Keep things locked and secured anytime you aren’t using them – doors, windows, storage lockers, bicycles, cars & motorcycles, etc.
While this list is long, it combines all of my advice on having and keeping a secure, healthy and workable digital life in the 21st century.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!