• December 18, 2017

Written by Darren L. Epstein, all rights reserved.  Copyright © 2019 / (DO NOT COPY)


The Layman-terms Guide to Online Security and Staying Secure:

 

The world isn’t what it used to be, but what’s a person to do about it…you can’t stop using a computer or smartphone?  There are ways to keep yourself safe and secure, without having to get a degree to understand it all.  Technology changes often, so keeping up with the newest security features isn’t easy, but the latter… ISN’T AN OPTION.   STAY AHEAD OR FALL BEHIND!!!

Today…the news is a buzz about Apple, Google, Facebook and Tweeter vs. U.S. Government and what really are the expectations on a private company and the U.S. government.  There’s that word again, “expectations”… it seems it always follows us.  Rather than having the void and uncertainty “expectations” brings, new laws beckon to rewrite the two hundred+ year-old laws governing this topic.  It’s time the government dust off their books and realize we are in the twenty-first century making legal decisions with laws created before computers, phones and the Internet. Changing the laws to reflect the digital world we live in today stops future issues like the many happening today.  Until the laws catch up with the companies taking advantage of their customers… we must act!  How?  What should you be looking for when keeping your personal information secure?

 

Top 30-Ways to protect yourself online:

  • A strong virus protection software. Do your research first at downloads.com
  • A strong firewall (software or hardware).
  • Pick a strong password.  Never a real word, include caps, lowercase, numbers, and a symbol.  BETTER YET… use a “Passphrase” which is easier to remember and more difficult to guess.  Make sure it’s a made-up phrase, BOTS and AI can search song databases, books and alike and brute force your password or passphrase. 
  • Only surf secure sites (Banking, Credit Accounts, Shopping, etc.) while on a secure network.  If out and about, use your smartphones Hotspot staying within your private network.
  • Never use your ATM card at gas pumps. Criminals break the locks placing key loggers within stealing your CC details.                                               
  • When using an ATM, make sure it’s secure and when possible walk into the bank to obtain money from the teller.  Criminals exploit ATM machines various ways along with the ability to hack these machines today.   
  • Never use your ATM card for online purchases. Use a credit card with online fraud protection.  
  • Never use your ATM card overseas, use a credit card with fraud protection. 
  • If you use electronic Door locks, don’t add them to your web-hub.  You can still use all the great features, besides being able to unlock your door from miles away… and why would you want to.   When you make these electronic door locks ‘Net-enabled’… that’s when you open your front door to the world of hackers.  Keep it local, like a key! 
  • If shopping online, make sure the site is credit card PCI compliant…if not move on.
  • Make sure the site is secure using 256-bit Encryption; click the lock.
  • Do not work on confidential information when visiting Starbucks or alike.  Hide your screen!  
  • If you received an email with a link within, you’re best to copy the link and paste it into a web browser. The clicking of the link is the executable action, it could activate (.exe) a virus software to launch.
  • Years ago, you could spoof caller ID, making it look like someone else was calling.  Today, you can spoof almost anything… e.g. spoof Caller ID, Spoof Emails, Spoof a website, etc.  Another trick online criminals often use.  Just because you think you got an email from someone you know… doesn’t necessary mean so.
  • Never post on social media that you are away on vacation; post vacation pictures when you get home.
  • Stop checking in on Facebook or other social media sites, just because you can… doesn’t mean you should.
  • Turn off your GEO tagging in pictures, there’s no reason to show a person exactly where you have been.  
  • Control your friends list on social media; many criminals, and perverts alike are catfishing and attempting to friend you for the wrong reasons.  Once in they spread to other users.
  • Use biometrics to access systems whenever possible.  Using fingerprint or facial recognition.  Use FIPS 201, PIV biometric or above.
  • Children’s Internet Safety: There are many products to protect what your child can’t surf, please be proactive and protect your children!  Research products at, downloads.com
  • Start using a VPN (Virtual Private Network), you can download a software one and use it on multiple devices, e.g. (computer, smartphone, TV, gaming system, etc.).  A VPN hides your actual IP address, no one truly knows who you are and where you’re located.  There are free versions, hardware versions, etc.  Check out the differences before you make your decision. 
  • There and websites to assist with sending anonymous email and even browsers that will hide your IP address, e.g. Tor, Onion…etc. 
  • Never send a username & password in the same email. Send it within two emails, separately… or better yet text the password.  This goes for credit card data as well.
  • If you use an ‘Online System’, make sure it deactivates an account if a user/pass is entered incorrectly multiple times. This protects against brute-force hacking attacks that guess passwords.
  • If using an ‘Online System’, make sure it ‘Times-Out’ after a delay in usage.
  • If you use an ‘Online System’, ask questions about Servers, Hosting provider, is data encrypted on servers and during transit, and the Structure how data is written? Is it PCI compliant, and obtain the full SOC reports (Service Organization Control) reports (1, 2, & 3) or SSAE 16 report.  Have the company provide results of any internal or external vulnerability assessments or penetration testing.  What is their up-time and estimated downtime?  Have them provide a disaster recovery/business continuity plan and lastly…check it against an online security system like, https://www.ssllabs.com/ssltest.   Make sure the grade is an A or B.  Ask about their server setup – 2-server setups ONLY!  App Server / Database Server.  
  • Turn off ports within your server so hackers can’t ping attempting to access your system.  FYI:  Use other remote desktop software, Microsoft Remote Desktop is known to have vulnerabilities.                  
  • All Cloud-Drives (OneDrive, GDrive, etc.) are vulnerable, while they’re mostly secure… it’s online and can be attacked to gain access.  Use these drives for convenience for MOST of your business and personal documents.  However, the highly sensitive ones (e.g. an accounting document with lots of sensitive data) should be stored on a thumb drive off of the web and your local computer.  This along with other sensitive documents should also be printed, ALWAYS have a paper copy for emergency purposes.     
  • Before doing business, run the company name adding the word ‘scam’ to your web search, see if you locate any results.  Additionally, check the BBB and their reviews.  Lastly, always get 3 quotes!                
  • Before getting too serious in any relationship, check them out!  If something doesn’t sit right and your inner gut is speaking… listen!

Written by Darren L. Epstein, all rights reserved.  Copyright © 2019 / (DO NOT COPY)

1 thought on “THE LAYMAN-TERMS GUIDE TO ONLINE SECURITY”

  1. Joanna Stevenson
    May 20, 2019 at 1:50 pm

    I’m going to inform my little brother, that he should visit this weblog
    on regular basis to get updates from hottest information.

Leave a Reply

Your email address will not be published. Required fields are marked *