New Year’s Resolutions

Image of desk calendar on Jan 1 with the notation New Year, Fresh Start

New Year’s Resolutions: a reader asks…

It’s time for me to craft my new year’s resolutions, what should I consider for my ‘digital life’?

I would suggest that everybody put their own security at a place of importance on resolutions, to build good security habits when using technology. So many of us really don’t take security seriously, leaving our doors unlocked, garages open, and cars unlocked and with valuables/desirable objects in plain sight. We depend on (and hope for) nothing bad to happen to us or our things. Often we can get away with that as thieves must physically come to us in order to rob us.

This is not the case when it comes to our digital lives. The internet has acted like a “Star Trek Transporter”, allowing thieves to jump right in with us no matter where they are physically. Large groups of criminals (often in foreign countries) are counting on our lax attention to computer and online security to grab anything of value.

So what’s valuable? While you might think your mostly access to your bank account, credit card info and identity (credentials), the truth is that criminals are interested in a wide variety of things, such as access to your email account(s), access to your computer (just to put it to work for them), and bits of information about yourself that can be conglomerated with other bits to build a profile of you.

word-graphic-computer-digital-life-threats-image-from-shutterstock

When it comes to your computer, hackers may simply want to put it to work on their behalf, without you knowing. All you might see is that the computer runs a bit slower than it used to, when in fact it’s busy sending out millions of spam emails for hackers, sending out and spreading other types of attacks, and even using your computer to run an attack on government or corporate servers. It’s still true today as it was a dozen years ago: 4 out of 5 computers in the USA are infected with malware. Hackers call such computers “zombies” and run thousands of other people’s computers to coordinate massive attacks.

I bet you’re thinking, can’t you just make this simpler for me? Ok, can do. Here’s a (somewhat) short list of resolutions (feel free to use any or all):

Advertisement



lastpass-logo
  1. Get and use a password manager (such as LastPass or 1Password) and use it to make sure that each and every one of my passwords is unique and strong (long passwords are stronger than shorter passwords).
  2. Go through all my online accounts. In addition to creating a new and long password, enable two-factor authentication if available, and go through all security and privacy settings to make sure my accounts are not sharing inappropriately.
  3. Stop sharing my vacation plans online in social media. Crooks troll through social media platforms looking for local people who they know won’t be home, and target them for burglaries.
  4. Put a password on my personal computer(s), and make sure my home wireless network is secured with good security (WP2 with AES).
  5. Make sure I have at least some security program on my Windows computer. For Windows 10, use the built-in Windows Defender, and consider supplementing that with Malwarebytes Premium. Macs can probably get away without additional security, but those days are coming to an end, so consider adding Malwarebytes Premium to my Mac as well.
  6. Be suspicious (dare I say paranoid) about things that pop up on my screen. If I’m not 100% sure they are legit and safe, I won’t just click them away. A quick google search can tell me if the popup or warning is legit. While I’m at it, I should pay attention to news articles about computer, internet and online security issues. Watch for warnings (in mainstream news) about emerging threats and take action anytime I see a company I deal with has been hacked.
  7. Get a credit monitoring service. These days, every company has been hacked, and often part of their remediation is offering free credit montitoring for affected clients. If I can’t get this, I should just bite the bullet and pay for credit-monitoring. Equifax, TransUnion and Experian are the three credit agencies and each offer a service, plus there are tons of 3rd party services that offer 3-bureau monitoring.
  8. Get and use a backup method. Whether it’s an external hard drive or cloud-based backup service, having a backup is so much better than not having one.
  9. Stop trusting email, text messaging, and social media for news and reliable information. I should also stay away from dodgy websites and not respond to online or emailed requests or warnings. While I’m at it, I’ll resolve to never open an emailed file attachment unless I’m 100% sure it’s safe (and that’s almost never).
  10. Finally, if I’m stuck and don’t know what to do or how to respond, I’ll reach out and ask someone I trust who knows. I’ll try to record what’s going on (even taking a picture of my screen helps), so my trusted adviser can help me figure out what to do (or not).

2 Comments

  1. Dear Chris,

    Thank you so very much for all the time and care that you take to advise us on so many issues and to keep us safe in a digital world. You are like a lighthouse beacon leading us to a safe harbor. Thank you and Happy New Year.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.