| by Shawn D. Stewart | No comments

Cybersecurity Basics – Daily Users

OR Don’t Develop a Case of the Mondays

This three-part series covers the basics of cybersecurity for three different user levels. Last week I spoke to the novice. Today’s entry is for daily computer users. You use a computer, tablet, or mobile device for work, school, or home. You can manage regular tasks and can sometimes resolve your own technical issues. You’re not an expert, but you know enough to be dangerous. Here are ways to keep yourself safe.

No alt text provided for this image

Don’t Bury the Lede – The number one tip is DO NOT click on suspicious links or files. The primary access granted to naughty technical troublemakers is through phishing emails and links on unsavory websites. If in doubt, delete the email or close the window.

Drive By Training – Some webpages can initiate scripts or download programs to your device just by browsing to them. These are called drive-by downloads. You already know this but stay away from adult sites. No, really. They are teaming with malicious parasites and many antivirus programs cannot detect the scripts until they have already compromised your device.

But I Use a Mac/Chromebook – Just because viruses and malware do not natively run on your device, standard network protocols do. I can hack your iPhone, Android, or Windows using vulnerabilities in the Internet Protocol stack. Plus, device architecture is quickly losing its protection as savvy programmers are creating custom viruses, malware, and ransomware for Apple and Android devices. 

Backups and Downloads – The best two-prong approach is to perform the following tasks at least weekly – backup your files and download updates. Every device includes settings for automatic updates. TURN THEM ON! Many include automated backups to the Cloud, locally attached storage, or a corporate server.  Be sure to verify your backups.

No alt text provided for this image

Little Less Talk – Fortune 500 companies, government agencies, and their contractors are by far the most highly targeted. But everyone has received a call from a threatening Punjabi man vowing to have you arrested if you don’t pay hundreds or thousands in back taxes or social security payments. Don’t indulge them. HANG UP! Same with the phishing attempts. DELETE THEM! The IRS knows where you live. They will never call or email. And they will know your name!

Control Issues – Maintain physical control of your devices when away from home or the office. Although locking screens and requiring passwords and pins are inconvenient, a locked screen keeps honest people honest. Go that extra step and encrypt your devices to prevent access even if it stolen. WARNING! When you encrypt, don’t lose the encryption key or password. You cannot recover data from an encrypted drive or device easily and, in some cases, ever!

On The Road – Traveling and commuting offers thieves the best opportunities to take your stuff. Always keep devices on your person or in a securely closed bag. A standard zipper is not secure, and many companies offer more complicated and secure anti-theft cases for laptops and tablets. Zipper locks are a popular, inexpensive option. Also consider using a privacy filter to keep your screens private!

I See Daylight – We love our tech toys! But that Smart Refrigerator is connected to the Internet, meaning it is another potential entry point into your network, your data, and that secret collection of Metallica music you downloaded from Napster. Do you really need an appliance that shows the time, moon phases, and weather? Consider this. Thieves broke into a casino network and stole their money through an Internet-connected fish tank thermometer. Every device you add must be protected or it could be a door for outsiders.

No alt text provided for this image

Don’t Feed the Trolls – Psychological advice aside, do not engage negatively with people online, whether through chat rooms, discussion boards, social media, or comment sections. Once posted online, your comments are there forever (thanks to web caching), even on SnapChat (thanks to screen capture).  Don’t type anything from behind your screen you wouldn’t say to your grandmother face to face. Some of these people have mad skills and your online accounts are less secure than you think. You don’t need people showing up at your house. Though, I’m sure your grandmother could take them out.

Passwords – I have an entire post on this one. DO NOT use regular dictionary words as passwords. The longer the password, the better. Add numbers and special characters. Most of us have many passwords to remember and password manager software is a great option. Research one that fits your needs and use it! Also, any website or system that allows multi-factor authentication (MFA) to login should be enabled. Not only will this prevent others from logging in with your password but will alert you when someone tries and fails. Finally, change your passwords regularly.

Jesus is quoted in Luke saying, “from everyone who has been given much, much will be demanded”. You hold more technology in your mobile phone than has ever existed. It also holds more of your private data and company info than filing cabinets full of paper. Evil does exist in the world, and if you don’t pay him now, he will send the FBI to your house. No, he won’t, and don’t be afraid of these scoundrels! It is up to you, with this great power, to protect it and yourself. No divine intervention required. You can do it! I believe in you!

No alt text provided for this image

Want to see an article on a specific subject? Need help? Reach out. We are all in this together. 

mm
Shawn D. Stewart

Mr. Stewart has 25 years of experience with hundreds of international, commercial, military, and government IT projects. He holds or has held certifications with ISC2, Cisco, Microsoft, CompTIA, ITIL, Novell and others. He also holds a BS in IT, a Minor in Professional Writing and is a published author. He is scheduled to complete his Masters in Cybersecurity in August 2021.

Leave a Reply