Marc Goodman has worked with the FBI and Interpol and in his New York Times bestseller “Future Crimes” outlines that everything is connected, everyone is vulnerable and what we can do about it.
He advocates the UPDATE Protocol which provides practical everyday tips to protect yourself and your business from today’s most common technological dangers. By following this protocol (the digital equivalent of locking your front door and not leaving the car keys in the ignition) you can avoid more than 85% of the digital threats that pervade our lives daily.
- Update
Update frequently as modern software programs are riddled with bugs which hackers can take advantage of. So update your operating system software and pay particular close attention to browsers, plug-ins, media players, Flash and Adobe Acrobat as they are favourite targets for hackers.
- Passwords
The strength of a password is one of the key factors in protecting you and so should be changed frequently. Passwords should be long (20 digits or more per Goodman) and contain upper and lowercase letters as well as symbols and spaces. Memorising long and unique passwords is not easy so consider using password managers such as 1Password, LastPass, KeePass and Dashlane. Be careful on what manager you use as criminals have created their own password managers to trick you into giving up your passwords. You should absolutely not use the same password for several different sites. Many major services offer two-factor authentication which involves sending you a separate one time password every time you log in, usually via an SMS message or app directly to your mobile phone. This means that even if your password is compromised it cannot be used without the second authentication factor which means the hacker must have physical access to your mobile device itself which is unlikely.
- Download
Download software only from official sites and be highly skeptical of unofficial app stores and third party sites hosting free software. They are “free” for a reason and you are paying for your privacy. If it tells you it needs access to your location and contact run the other way. Also avoid pirated media and software as it frequently contains malware and viruses.
- Administrator
Administrator accounts should be used with care. Both Windows and Apple allow users set account privileges with administrators having the highest privileges. While you will need an administrator account on your computer, it should not be your default account for everyday use and online browsing. Instead create a standard user account to do the majority of your work and for day to day use. When you are logged in under administrative privileges and you accidentally click on an infected file or download a virus, the malware has full privileges to execute and infect your machine. However if you are logged in as a general user and the same thing happens, often the virus will require your specific permission to execute, giving you a warning sign that there is a problem. So always run your computer as a non-admin user.
- Turn Off
Turn off your computer when you are not using it. This simple act of turning off your computer while you sleep will automatically reduce your threat profile by one-third because hackers cannot reach out and touch your machine when it is not in use and connected to the internet. In addition, turn off servers and connections on your smart phones when you are not using them. Keeping Bluetooth and cellular hotspots on at all time provides additional avenues for attack, which can be used to hack your phone, spread malware and steal data. Also keeping Wi-fi on allows retailers and advertisers to persistently track you through your physical world, further encroaching on your privacy. Only turn these services on when you need them.
- Encrypt
Encrypt your digital life, protecting your data both locally while at rest and when in transit across the web. Both Windows and Mac include free programs for full hard-disk encryption (BitLocker and FileVault). Encrypting your hard-drive means others cannot read its contents if it is lost or stolen. You should also encrypt your internet traffic by using a virtual private network (VPN) particularly when using a public Wi-fi network in airports, universities and coffee shops as they are frequent targets for hackers. Your phone too should be encrypted because today’s mobile devices can have as much personal information as our laptops if not more. Also use a password on your mobile phone and enable biometric security.
Additional safety tips
To further secure yourself follow these tips:
- Use common sense with all your emails. As a general rule of thumb, be wary of any request to click on a link or open an attachment sent to you – even when it looks as it is came from someone you know. Phishing attacks only work because unsuspecting individuals click on files and links that look realistic or enticing but contain a malicious payload that will infect your machine. When in doubt, check with the individual who purportedly sent you the email to verify it came from him but don’t ever reply to the email itself.
- Avoid USB drives if you can. USB drives are one of the most common ways to spread malware and computer viruses so be very careful when using them. Do not plug one into your machine without first scanning for viruses. Disable “auto run” on your computer to ensure that any viruses do not automatically execute, thereby infecting your computer.
- Backup your data frequently. You can back your data up onto an external hard-drive or use a cloud provider. When you utilise a cloud provider it is wise to encrypt the data before uploading for an extra measure of protection. In addition, you should always have multiple backups of your data. Keep one or more physical drives for backup, and ensure that at least one of them is stored off-site so that in time of disaster a backup will be stored in a safe and secure location.
- Cover up. It is easy for hackers to access any internet connected cameras so when the camera is not in use cover the lens with a post-it note or tape.
- Sensitive browsing, such as banking and shopping, should only done on a device that belongs to you and on a network you trust.
- Think before you share on social networks. Criminals, ranging from stalkers to burglars, routinely monitor social media for information. Posting travel itineraries can let burglars know that you will be away from home on holidays for a period of time. This is an invitation for trouble.
- Use your operating systems built-in software firewall, available in both Windows and Mac, to block unwanted incoming connections to your machine, and enable “stealth mode” to make it more difficult for hackers and automated crime bots to find you online.