The online world gets more dangerous every day. The AV-TEST Institute reports over 350,000 new malware samples are discovered DAILY. Thousands of social media accounts are hacked per day; and untold millions of consumer records that were compromised in data breaches are used by hackers in increasingly clever attacks. Your defense systems must be kept in tip-top shape. Here are five ways to harden your system against hackers…
Beef Up Your Security Defenses
You take your car for preventive maintenance on a regular basis. Engine oil, spark plugs, filters, wipers, and tires are five important things that need attention in order to stay safe on the road. But most people don’t give a second thought to staying safe online. Here are five things you should keep in mind to “tune up” your computer against malware, hackers and data thieves. Failure to do so is like rolling the dice, and hoping to beat a set of odds that are stacked against you.
1: Update all of your software, from device drivers to applications to the operating system. Automatic software updates are the easiest, most consistent way to go. Activate it in Windows Update, and in every application software package you have that offers automatic updates. Then install a “universal” software updater, such as Patch My PC. It catalogs all software on your system, and finds your stuff in its database of several thousand developer sites that it monitors for new updates. When a new update that you need appears, PSI downloads and installs it automatically.
2: Activate two-factor authentication everywhere you can, on your devices and on all sites that offer 2FA. It may seem to add another layer of complexity that slows you down, but the opposite is true.
Here is a riddle whose answer will seem heretical: When is it safe to use “password” as a password? No, I have not lost my mind or been paid a bribe by the hacker community. The answer is, when you have two-factor authentication (2FA) enabled! Even if a hacker guesses your password on the first try, they can’t get into your account without the second authentication factor – a code sent only to your phone number, or a USB key in your pocket, or your fingerprint, or a scan of your retina, or whatever. Another mind-blowing observation: it is safe to use the same, simple password on all sites where you have 2FA enabled; again, because the second authentication factor will be unique and unavailable to a hacker. I’d still advise against doing that, as a best practice, though.
Google and Facebook call 2FA “login approval,” while Twitter and Microsoft calls it “login verification.” Your bank may call it something else. Inquire about 2FA and use it wherever you can. For other things that need passwords but don’t offer 2FA, use a password generator/manager such as RoboForm, LastPass, or Dashlane. It not only generates strong passwords for you, it stores them in an encrypted database and changes them regularly. All you need to remember is your master password.
Shutting Down Other Attack Vectors
3: Encrypt your storage devices so that even if your laptop or phone is stolen, its data cannot be read without the encryption key. Windows 7, 8.1, and 10 include Bitlocker encryption. VeraCrypt is the free, open-source successor to the popular but now defunct TrueCrypt. Android and iOS have encryption enabled by default.
Just remember that if you don’t have a screen-lock pin or password, all the encryption in the world won’t help you when your computer or mobile device is lost or stolen.
4: Reduce the “surface area” that exposes you to potential attacks on your privacy and security. Start by uninstalling of programs and apps that you really don’t need or use. Most software has at least one vulnerability; why leave openings for hackers lying around? Windows 10 offers finer control of app permissions. Type “privacy” in the Search box and open Privacy Settings from the results. The General tab lets you toggle broad categories of app permissions. On mobile, be careful to check the permissions that apps want (or already have). If you have the Android 6.0 or later operating system, you can open Settings > Apps, tap an app’s name, then tap App permissions. From there, you can toggle individual permissions on or off.
Don’t neglect all the apps that you have given permission to access your Facebook, Google, Twitter, or other “identity” accounts. Go through the “app permissions” sections on each of your social media accounts and disallow apps you no longer use. Make use of the privacy and security checkup tools provided by Microsoft and Google,Tweak Your Microsoft and Google Privacy Settings.
5: Upgrade your security software. Last fall, I ditched Avast Antivirus and started using PC Matic’s SuperShield. SuperShield uses a whitelist approach that allows only known-good programs to run on your computer. This is in contrast to other security tools that rely on blacklists of known malware. Did I mention that 350,000 new malware samples are discovered daily?? It’s nearly impossible for traditional anti-malware tools that rely on blacklists to protect you from all existing and emerging threats. So far, PC Matic has caught several things that slipped past Avast.
Have a great week from all of us on the ZI Staff