- March 18, 2016
The Layman-terms guide to online security and staying secure:
The world isn’t what it used to be, but what’s a person to do about it…you can’t stop using a computer or phone? There are ways to keep yourself safe and secure, without having to get a degree to understand it all. Technology changes often, so keeping up with the newest security features isn’t easy, but the latter option is…NOT AN OPTION. STAY AHEAD FOR FALL BEHIND!!!
Today…the news is a buzz about Apple vs. U.S. Government and what really are the expectations on a private company and the U.S. government. There’s that word again, “expectations”…and rather than having the void and uncertainty “expectations” brings, new laws beckon to rewrite the two hundred+ year-old laws governing this topic. It’s time the government dust off their books and realize we are in the twenty-first century making legal decisions with laws created before computers, phones and the Internet. Changing the laws to reflect the digital world we live in today stops future issues like this from happening. However, how do we handle it now and what should you be looking for when keeping your personal information secure?
Top 25-Ways to protect yourself online:
- A strong virus protection software. Do your research first at downloads.com
- A strong firewall (software or hardware).
- Pick a strong password. Never a real word, include caps, lowercase, numbers, and a symbol.
- Only surf secure sites (Banking, Credit Accounts, Shopping, etc.) while on a secure network.
- Never use your ATM card at gas pumps. Criminals break the locks placing key loggers within.
- Never use your ATM card for online purchases. Use a credit card with online fraud protection.
- Never use your ATM card overseas, use a credit card with fraud protection.
- If shopping online, make sure the site is credit card PCI compliant…if not move on.
- Use 256-bit Encryption or higher.
- Do not work on confidential information when visiting Starbucks or alike. Hide your screen!
- If you received an email with a link within, you’re best to copy the link and paste it into a web browser. The clicking of the link could activate (.exe) a virus software to launch.
- Never post on social media that you are away on vacation.
- Post vacation pictures when you get home.
- Stop checking in on Facebook or other social media sites, just because you can doesn’t mean you should.
- Stop Geo tagging pictures, there is no reason to show a person exactly where you are or have been.
- Control your friends list on social media, many criminals, and perverts alike are cat-fishing and attempting to friend you for the wrong reasons.
- Use bio-metrics to access systems whenever possible. Use FIPS 201, PIV biometric
- Email addresses can be spoofed (altering a sender’s email address). If an email comes from a friend or relative but appears ‘off’ and not right…there is a good chance its spam and a virus.
- Children’s Internet Safety: There are many products to protect what your child can’t surf, please be proactive and protect your children! Research products at, downloads.com
- If necessary, hide your email address and/or IP address so no one knows who you are and where you are located. There is free software out there and websites to assist with sending anonymous email and even browsers that will hide your IP address, e.g. Tor, Onion…etc.
- Never send a username & password in the same email. Send it within two emails, separately.
- If you use an ‘Online System’, make sure it deactivates an account if a user/pass are entered incorrectly multiple times. This protects against brute-force hacking attacks guessing passwords.
- If using an ‘Online System’, make sure it ‘Times-Out’ after a delay in usage.
- If you use a CRM, CMS, ERP, or some other type of ‘Online System’, ask questions about the Servers and Hosting provider. Is data encrypted on servers and during transit? How is the data structure, how is data written? Is the site credit card PCI compliant, and don’t forget to obtain the full SOC Reports (Service Organization Control) (1, 2, & 3) or SSAE 16 report. Have the company provide results of any internal or external vulnerability assessments or penetration testing. What is their up-time and estimated down-time? Have them provide a disaster recovery/business continuity plan and lastly…check it against an online security system like, https://www.ssllabs.com/ssltest. Make sure the grade is an A or B.
- Before doing business, run the company name adding the word ‘scam’ to a Google search.
© 2018, Darren L. Epstein, PI. ALL RIGHTS RESERVED, NOT TO BE COPIED
Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to [Darren L. Epstein] and [Counter-Intelligence.com] with appropriate and specific direction to the original content.