As many you already have learned, the straits of Internet are dire to navigate. Just to have a presence online open you up for several new ways to get into trouble. I might not be a bonafide security expert, but I am a computer professional, advanced user, developer and software architect. Thus I will attempt to give a few advice for all you people online, both safe practice and software that might help you. I prefer software that do not cost too much, but I am not afraid to pay for useful tools.
So below you will find my top 5 tips for being secure online:
1. Be up to date
The most important thing to do is to always keep your operative system and software up to date. If there are updates from Microsoft, Apple, Google, Ubuntu or whatever software vendor you are using, remember to install the latest security updates. Most software today have features that help you perform this task, but there are tools that may help you even further along. One of these only exist for Microsoft Windows, but if you are a Windows user check it out, it is free.
Secunia Personal Software Inspector (PSI)
This program analyzes your computer and detects all software that have new updates you should consider applying.
2. Anti-Virus software and internet security suites
There are several that you might find interesting, especially for Windows. One that is free and probably safe enough is Microsoft Security Essentials. Other well known vendors are Norton (Mac & Windows), Norman (Windows), Kaspersky (Mac & Windows) and F-Secure (Mac & Windows). (There are several other brands as well do a Google search).
Several of these brands even have smartphone and tablet versions of their anti-virus software.
3. Secure passwords
One thing we have learned several times recently is that your passwords are under attack. Some days ago (when I wrote this blog-entry) someone managed to steal 6 million encrypted passwords from LinkedIn.com. One security professional got hold of this file and within 6 hours of playing around using a regular laptop he had broken 2 million of those passwords. If your username on LinkedIn is a name you also use at other sites, and you use the same password at those sites you are in deep trouble. You can be hacked any moment. Please read his article on this.
In order to get around this, use a password manager! These tools help you create secure passwords and to remember them afterwards. Some of the best are listed here at Lifehacker.com. Personally I prefer 1Password (Windows, Mac, iPhone, iPad and Android versions), but KeePass is also very good. 1Password let you sync your passwords across all these devices, and have plugins for all the big web-browsers. It will be slightly harder to log-in, but the upside is enormous security wise.
A quick user-tip, most of us are not able to remember that many passwords. Let the password manager create random passwords wherever that is possible. Some passwords you need to remember though. Create a random password that you will be able to remember, and add some rules to that for using on several sites/log-ins. For example you might get a random part of dYzzb12%tw. You might even be able to remember that. A password I frequently have to use is my Windows login. In order to have different passwords for several sites I might add some letters to this base password for every site I need to remember my password. For example if I am using Windows 7, I might do W7dYzzb12%tw. Personally I will use something else though, I will take the first letter and add a number, and the second letter and reduce a number. W+1 = X and 7-1=6 so my to first letter will then be X6 and the rest. By doing this I am reasonably secure, and I am able to remember my password for several sites. I will then change the random password part quite frequently. By using the password manager I will also be able to remember where I used each password if I ever forget.
4. Safe networking
This is also quite a large point, but mostly do the following. If you are on another network than your home network, then prefer encrypted WLAN/WIFI networks. If you are not able to use any of those, use a VPN for a safe connection (this also applies to your smartphone or tablet). If you cannot use VPN, always try to use a site over SSL (use the https://…. address). It is quite common for cyber criminals to set up “open” WLAN/WIFI networks at airports and conferences and trick you into using their network. When you type your password or other private information they then try to grab it. If you are not using some protection you are in big trouble.
5. Be smart
Do not use pirated software, don’t visit shady sites. Do not believe in offers to good to be true. Do not trust links from friends or email from strangers. Behave online like you would in an unknown city and walk only along the safe paths.
By doing all these things you will be reasonably secure online. Good luck.