Cheap (free) places to start better cyber security

So you’re new to the cyber security world and you don’t know where to start?  Where do we begin?  Firewalls? Intrusion Detection Systems (IDS)? Anti-virus?  It’s all very complicated and can be quite expensive…  Many of these suggestions sound quite simple and appear to be common sense, but for one reason or another, they are reoccurring problems within many organizations.  Let’s explore a few simple and inexpensive ways to lower your threat surface.

***This is by no means an all-inclusive list!  Please consult your local IT security specialist***

1. Use strong passwords.  The longer and more complicated, the better.  The more complicated your password, the more difficult it is to guess.  A strong password is defined as:

  • 8 characters or longer
  • Combination of upper and lowercase letters
  • Include at least 1 numeric and/or special character (@,#,$,*, ect), punctuation and spaces.
  • Using a phrase or sentence for your password can help increase complexity while still making it memorable (example P@ssw0rd(2014) is a good strong password).  http://www.columbia.edu/acis/security/users/passwords.html

2. You must resist the urge to use the same password for everything.  I know that it’s harder to remember multiple passwords, but this limits the damage if/when a password is compromised.  Never use the same password for email/Facebook/twitter/online banking.  This could give someone access to your entire digital life with a single password!  http://macgroup.org/blog/2012/08/06/the-dangers-of-using-the-same-password-for-everything/

3. Patch your systems early and often!  This is more than simply running Windows Updates.  Adobe Flash, Java, and Microsoft Office must also be continuously patched and updated.  Major software manufacturers like Microsoft, Adobe and Oracle release software updates for a reason.  The primary method of attack for most hackers is through known vulnerabilities in common applications.  If you are a Mac or Linux user, you are still at risk!  Although these Operating Systems are less likely to be targeted, their applications are still vulnerable.  Even mobile devices running Android and iOS have vulnerabilities that can be addressed with software updates. http://www.lavasoft.com/company/newsletter/2011/02/article_patch_time.php

4. Retire that old OS.  Once an operating system gets too old, the manufacturer stops releasing software updates.  If you are still using Windows 98, Windows 2000, Mac OS 9, early Mac OS X or Windows XP (end of support in April 2014) you are at much higher risk of data loss.  Since the manufacturer no longer releases updates for these systems, hackers are able to find new vulnerabilities and exploit them with impunity.  Yes, upgrading or replacing your old PC can be painful, but so is losing your personal / sensitive information. http://www.bcbr.com/article/20131011/EDITION07/131019987

5. Think before you click.  Many security professionals agree that most system breaches occur through phishing emails and “free” apps downloaded from the internet.  Phishing is the practice of using email or websites that look legitimate to deliver malicious software (malware) to your computer.  Most of these emails will contain a malware laden attachment or link to a dubious website.  Attackers are very good at disguising these attempts as legitimate messages and may appear to be coming from known family, friends or co-workers.  This makes it important for you to critically evaluate each and every message before you blindly click on the link or attachment contained.  When it comes to free downloads, always ask yourself how are the developers making money?  If they aren’t charging for their product, could it be a scam?  In many cases it is! http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

Advertisements

2 thoughts on “Cheap (free) places to start better cyber security

  1. This is an excellent article; I have forwarded the link to the faculty and staff at my two schools. One thing I would add: most of us have trouble remembering multiple complex passwords, but there are several good password managers out there (e.g. KeePass, LastPass) to help us keep track of them all. These programs store all of your passwords and themselves are protected with a password. You just need to remember the one password to your password manager, you have access to all the rest.

  2. Great Advice – It’s easy to fall into the same routine with passwords. Thank you for the reminder — and I love that your tips and easy and inexpensive. Great for everyone to take advantage of!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s