Scott Greene, STFE
FEWA member, Scott Greene, shares tips to help protect yourself and your data in this issue’s Member Editorial Corner. For over 35 years, Scott Greene has been helping owners, CEO’s, managers and IT departments understand data. Scott Collects, Analyzes and Explains Complex Electronic Evidence in Plain English. He was the founder of Great Scott Enterprises, Inc, which provided superior computer consulting services.
Now more than ever, it is important to keep security at the forefront of our minds. With more state sponsored attacks, along with the ease and accessibility of hacking tools, there are more concerns than ever about connecting to the internet. Some of the best tips to help protect yourself and your data are as follows.
- Strong Passwords Really Do Help To Prevent Attacks
No really, “password” or “password1” are really terrible choices. Dictionary words, pets name, spouses name, etc. are not ideal to be used as passwords. Two of the best things you can do to improve your passwords and their strength: use a password manager and activate two-factor authentication where available. A password manager will help you to create strong, unique passwords for all your needs. Two-factor authentication generally utilizes a random and timed six digit code along with your password to login somewhere. Having strong password also prevents secondary hacking to your friends and family.
- A New Device Does Not Equal Safe
For a brief amount of time, Lenovo installed Superfish, a common adware, as part of their default installation. Once it was learned that it was a vulnerable piece of software, Lenovo removed it, however the damage done is still to be calculated. Check all the software that comes pre-installed on your new computer or cell phone, and remove the ones that are suspicious. There are often several apps and programs pre-installed that you simply don’t need, so a little research can go a long way.
- Even The Best Software Has Vulnerabilities
All software can be vulnerable. No matter what they say, not matter what studies are behind them, no matter the security team, there will be problems with security. This doesn’t mean that all software is unsafe, but do be aware that anything can happen. Security is an art, not a science. It is fluid and changes on a daily, even hourly basis. Always update programs, keep your system secure.
- Make Sure Websites And Apps Use HTTPS
Secure Hypertext Transfer Protocol (HTTPS) is a secure way to let websites transfer information over the internet. More and more websites are going to this new security protocol, however there are many out there that still don’t use it for one reason or another. If you find a website that doesn’t use HTTPS, let them know that they should consider moving to the new protocol.
- The Cloud Is Not Foolproof Or Safe
Imagine this: you put all of your sensitive and personal documents in a box, along with a bunch of other peoples sensitive and personal documents, and then you send it to an offsite location where someone you’ve never met will look after it for you. Sound like a plan? Didn’t think so. For storing things that are not sensitive and personal, absolutely, the cloud is a good option. For something that requires a little more security, it might be time to consider a little more secure options. Local hard drives, are always best. For more security, use a local hard drive and put it in a safe or a deposit box at your bank.
- Updates Are Your Friend
Adobe and Java seem like they update constantly, that’s because they are efficiency as well as security updates. Updates are important to the overall security of your system, and while they can be annoying to do, they will be more helpful in the long run.
- Hackers Are Not Criminals
In fact the vast majority of hackers are in fact good people, who are just trying to make the cyber world a safer place. Even Google Chrome Executive, Parisa Tabriz, has been quoted saying “Just because someone knows how to break something, doesn’t mean they will use that knowledge to hurt people. A lot of hackers make things more secure.” It is all in the intent of the hack, most hackers just want to test security and make things more secure. Evidence Solutions employees are considered hackers as well, so they are not all on the dark side.
- Cyberattacks & Cyberterroism Are Not As Common As You Think
Nowadays, it seems like everything is connected to the internet, therefore making it vulnerable to attack. Your car, pacemakers, insulin pumps, and other critical devices now connect to the internet, making some people rather nervous to use them. Are these devices hackable? Yes. However, they can take months to plan and carry out, not to mention the hacker will generally need to be close by you, as these devices have limited range. The long and short of it, cyberattacks should not be your biggest worry. You should, however, be as safe as you can be.
- Don’t confuse Darknet and Deepweb
There is a lot of confusion when people talk about Darknet and Deepweb, and what they really are. Deepweb is anything on the world wide web (anything that starts with www) that isn’t indexed and logged by a search engine, making it non-searchable. Darknet on the other hand, is usually accessed with special software such as I2P or Tor, and is popular with the seedy underground of hackers. The two terms are not interchangeable.