It’s not easy protecting your devices and data these days.
Ransomware, email scams, identity theft, hacking attacks, massive data breaches — the news is filled with stories of the security threats consumers, businesses and governments face. When even the National Security Agency can’t keep its crucial information secure, you may rightly wonder what an average person can do.
It’s definitely a challenge. The threats are evolving, becoming increasingly sophisticated and costly and affecting more people. What’s considered to be the best advice can soon become obsolete as criminals develop new methods or the security researchers better understand the weaknesses in older strategies. And the more data we put online, the more devices we connect and the more things we do on the internet, the more we have at risk.
“I don’t envy the average consumer who has to stay on top of these things,” said Marcin Kleczynski, CEO of Santa Clara-based Malwarebytes, which makes anti-malware software.
But as difficult as it may be, it’s important to try to protect yourself. Consumers and businesses have been bilked out of billions of dollars and lost access to valuable files and data thanks to malware and online scams.
And as daunting as it may seem, there are some relatively simple steps you can take to make your devices and data more secure. The top advice from security experts: Don’t expect any one step to completely protect you. Instead, think of the steps as lines of defense.
Here are some of the measures security experts recommend:
It’s smart to backup regularly, so that you can restore the latest changes you’ve made to your device or the latest data you’ve added. But it’s also important to ensure that the hard drive or service you use to backup your computer isn’t always connected to it. The latest versions of ransomware, a type of malware that encrypts data and extorts users for money to unscramble it, can jump from a PC to attached drives, potentially affecting backups as well.
You can avoid such problems by disconnecting your hard drive after it backs up your computer; burning your data to DVDs; or using an online backup service like Carbonite that only connects to your computer periodically and keeps multiple versions of your data.
Just by keeping your software up to date, “you will be far less vulnerable to attacks,” said Cooper Quintin, staff technologist at the Electronic Frontier Foundation, a digital rights advocacy group.
Some of the key advice from security analysts: Generally, the longer the password and the more random the characters used, the better. And don’t reuse passwords, at least not with the accounts that house your most valuable information. If that password is compromised, it puts multiple accounts at risk.
Of course, following such advice can make it difficult or impossible to remember passwords. One thing that can help is a password manager. Programs like LastPass and 1Password can store all your complicated passwords, help you create new ones and allow you to access your list on different devices.
That doesn’t mean you should close your Facebook and Twitter accounts. But it does mean you should think about what you post and who has access to it.
Instead of clicking on a link that appears to come from your bank, go to the bank’s website directly. Rather than open the attachment that appears to come from your friend, text or call the friend to make sure they actually sent it to you.
Advertisements for free software or notifications that urge you to download anti-virus programs can be vehicles for malware. And the internet’s pornography and gambling sites can be havens for malicious software.
“Moral issues aside, there are solid technical reasons why to not visit the seedier sites on the internet,” said John Dickson, principal at the Denim Group, a security consulting firm.
Contact Troy Wolverton at 408-840-4285 or twolverton@bayareanewsgroup.com. Follow him at www.mercurynews.com/troy-wolverton or Twitter.com/troywolv.
HOW TO KEEP YOUR INFORMATION SECURE
1. Assess your personal risk
2. Backup the information on your devices
3. Be sure to keep your software up to date
4. Run anti-malware software (and keep it updated)
5. Don’t ignore advice on creating strong passwords
6. Watch what you share on social media
7. Think before you click
8. Be cautious online