10 Things You Can Do to Make Your IT Security Safer

We read daily about Identity Theft and how easy it is for people to gain access to computer/tablet/phone data.  So I thought it might be useful to summarise some of the key things you can do to keep your data safe.

1.     Consider Encryption

It is relatively easy to encrypt your data now.  The latest Mac OS and Windows OS come with encryption programs.  Android and Apple both supply system encryption for phones and tablets.  There are varying reports on how good these are, but if you store confidential personal data then even poor encryption is better than none.
There are also software encryption programs such as http://www.truecrypt.org/ that you can use to encrypt specific folders on your computer – for example those that contain your bank details.  The downside of encryption is that it can slow down your computer/tablet/phone and you really do need to remember your password – if you lose it you will lose your data.

2.     Enable Remote Wipe

It is now possible to remotely erase a phone’s data – very useful if it has been stolen.   If you do online banking via your phone then this is worth enabling.

3.     Use a Logon Password

It is terrible if your phone/tablet/computer is stolen, but it is even worse when you fear they will have access to your personal information.  A logon password helps to protect you from this.  If you have a laptop, consider a power on password.  It is another layer of security and makes it difficult for thieves to even start your laptop.
Also with computers, ask yourself does anyone else logon to the computer WITHOUT a password.  Often as an IT person this is how I get access when people have forgotten their password or cannot log on for some reason.  It gives me complete access to ALL their files.

4.     Use Strong Passwords

A strong password is more than 12 characters.  Combines letters, numbers and other characters and does not use dictionary words.  Whenever I say this, people ask how they can be expected to remember more complicated passwords.  Initially it is a real pain, but persist and it becomes easier.  Here is a link which may give you an incentive to try http://www.wired.co.uk/news/archive/2013-05/28/password-cracking .  It is a bit techy but it does illustrate how easy it is to crack a poor password.

Try using a sentence: My Mum Is Really An Absolutely Lousy Cook But I Would Never Tell Her would become MMIRAALCBIWNTH.  Mix capitals with lower case:  So MMiRaALCbIWNTH.  Throw in some numbers and other characters: MM1RaALC61WNTH!  The result is a lot more difficult to do than if your password was MUMCANTC00K.

5.     Think Before you Sell/Chuck

Remember Phones Hold Personal Data    Is there confidential information on your computer/tablet/phone?  As I am sure you are aware IT people can get access to files even if you have deleted them.  What many people do not think about these days is that confidential data is also stored on tablets and phones.

There are good free ‘shredding’ software programs that you can download to shred your data on computers such as DBAN Nuke and Destroy.

I double checked with @essexeye about mobile devices as I know there has recently been changes to the recommendations on how to erase date from phones.  @essexeye recommend encrypting the data, doing a factory reset and formatting any memory cards.  http://lifehacker.com/5808280/what-should-i-do-with-my-phone-before-i-sell-it/all give more instructions on how to do this.  @essexeye did state that no method is 100% secure and recommended that you should never rely on third parties.  The most reliable method though is to completely destroy the parts of the device that stores your data.

6.     Be Careful What You Post on the Internet

Social media is brilliant, but be aware that it can give people access to information that you may not want them to have.  You post on Facebook that it is your birthday – fine they have your date and month.  Next you post that you are not looking forward to being 50.  Now they have your full date of birth.  You post a photo saying what a fantastic sunrise it was when you walked the dog in Colchester Park.  So they have your name, your date of birth and the town you live in.  Scary isn’t it!

Never post personal or financial information over a public network – always use a network you know is secure for this.

7.     Be Aware that “Free” can come with a Price

We get lots of computers pass through our office with viruses, etc. and at least half of them have been compromised because the user wanted to get something for free.  Downloading free music and videos is the most common one.  Betting and adult sites the next danger area.

Ask why they are giving it to you for free?  What do they get out of it?  Some companies offer free programs because they then charge you for extra features.  Some companies offer free software to promote their business.  These are normally (not always) safe.  If in doubt do a Google search, type in “Is xxxx safe to download”, “Is xxxx malware”.  See if anyone else has had problems.

8.     Hesitate if Something Feels ‘Wrong’ on the Internet

Criminals make money by replicating genuine sites.  These replicas can be extraordinarily good.  If something looks wrong or feels wrong don’t ignore your instincts.  Think how you got to the site – did you type in the full web address or did you click on a link?  If the latter, are you sure the link is genuine?  Companies do update their websites, so things may have changed, but don’t enter any personal or confidential information until you are sure.

9.     Use a Good Internet Security Program

Internet Security    It really is worth getting the best Internet Security software.  There are free programs and there are paid programs.  All will have a list of features on their websites so that you can compare one against the other.  The success of individual software programs can vary from month to month and year to year.  http://www.av-test.org/en/home/ is a good place to get the latest results.  I would recommend that you check yearly and confirm that your program is within the top ten.  If not, change it.

10.    Read Before You Click

Some people never read messages that appear.  If you have ever wondered how a software program suddenly appeared on your computer, then you are probably not reading the windows that appear before you click.  McAfee Online Virus Scan, Norton Online Scan, Ask Toolbar – they all probably got onto your computer because there was a window you did not read when downloading a genuine software program.  These are all fine, but the biggest security tip I can give you is to read the screens that appear.  It should be obvious I know, but it is quite common for people to see their Internet Security software pop up a warning and ignore it.  Or click ALLOW when they should clicked DENY.

Rebecca Mansbridge
1st April 2014