It’s a journalistic tradition to write about the five best things in any particular category as the year comes to a close. Cybersecurity is no different. This month we’ll fill you in on five things to do to keep you cyber-secure.
First are passwords. The death of the password, and its replacement with better technology, has been foretold for some years now. Like many technological breakthroughs, the reality is the passwords are still very much with us. The most important thing you can do with this ancient technology is to use a different one for every login. If keeping track of all those in a small notebook is too cumbersome, get a password management app, and use it on your computer, phone and tablet. The small cost of these repays itself with less frustration at having to remember all 342 different items.
Make your passwords more secure with two-factor authentication. Now offered by pretty much all online commerce, this extra level of protection—text message, third-party authentication app, etc.—means even if your password is stolen, the bad guys can’t get into your account without your explicit okay. If a site doesn’t offer this capability, think hard about maybe not using it and/or letting the site know they need to add it.
Third up is antivirus software. The manufacturers of these products want you to think that paying extra for a subscription every year will make you more secure. The reality is a little bit more nuanced. In most cases, on Windows and Mac, add-on antivirus programs buy you very little protection. Both platforms have built-in anti-malware that is just as effective as the costlier commercial products. Save yourself some money by not subscribing to these.
The fourth recommendation is to be very paranoid about clicking any link in an email or text message. Even if it’s from a company that you do business with, these can be very easily spoofed by the bad guys. The pages that you go to when you click these links may appear identical to ones you use every day, for banking or shopping. But they are just evil facsimiles of the real thing. If you enter your password and/or ID here, then the bad guys have access to everything in that account. And if you re-used your password from another site, they can try to break in elsewhere with those stolen credentials.
Last, always make sure that your operating system and applications are up-to-date. Most of those updates you see arriving on an almost weekly basis plug security vulnerabilities, so it just makes sense to allow them to happen automatically. The very rare update that causes other problems is so uncommon as not to be worth worrying about.
One last overall adage – be paranoid. The pop-up box on your screen that says you have malware, the link from your “bank” about disallowed transactions, the invoice for something you didn’t buy – they’re more than likely scams. Learn to delete and disregard first, ask questions later, and you can breathe easier.