Cybersecurity tips. Part 3: Digital hygiene.
This is the third installment of a three-part series on cybersecurity advice. In part 1, I covered general awareness and protection of personal devices. In part 2, I covered ways to protect yourself in online interactions. In this third and final post, I will focus on ways to practice good digital hygiene such as backing up data, managing passwords, keeping data clean and managing your social media information.
Protect your data – back it up and encrypt it…
If you are like me, your personal computer has collected a lot of important data over the years. Home ownership information, historical financial information and health records are some of the vital documents I want to ensure stay protected. Equally important to me are the pictures I have collected over the years. In addition to the pictures I have taken, I recently digitized my old family photos. I would be heartbroken if something happened to those photos.
Because of this, I’ve deployed the “3-2-1 backup rule.” Simply put, this rule suggests: have (at least) three copies of your data, (at least) two of which are local but on separate physical devices, and (at least) one copy offsite. For my situation, I possess two separate physical hard drives: the one built into my Apple laptop and a 5TB Seagate external hard drive. I use the Time Machine software built into macOS to perform periodic updates from my laptop to the external hard drive. My third copy is stored offsite via the iDrive service. I use the external hard drive when I need to do a quick restore to my laptop. You can choose an online backup service from this list. I use iTunes on my computer to back up my iPhone and iPad, although I do hear a lot of people back up their phones to Apple’s iCloud (I have too much data on my devices for this approach). If you are a Windows 10 user, check out this guide for backup methods and products.
Fortunately for me, as an Apple user, all my devices are encrypted once they are in locked mode. It makes a strong case to use a password on your Apple devices – computers, iPads, iPhones, etc.
Smart password management…
The number of online accounts that I have seems to have quadrupled in the past five or ten years. With so many services and my desire to avoid reusing the same password for different services, it has become virtually impossible to remember all of my passwords. Keep in mind, if you reuse the same password on multiple accounts and one of those accounts gets hacked, the other accounts with the same password will be easily accessible. I used to store my login details in a password-protected document on my computer hard drive until I learned the dangers of this practice.
Try choosing a password manager and using it. I have used LastPass for years and have been happy with it. It will make your life a lot easier. In addition to storing your passwords, it can inform you of the accounts where your passwords are ripe for hackers. I especially like how easy it is to go into the service and change a password for a compromised service; for example, after the Yahoo mail breach, I quickly changed my Yahoo password.
It is a good idea to use the 3-2-1 backup rule with LastPass as well.
Enable two-factor authentication (when possible)…
Two-factor authentication, also known as 2FA, is an additional authentication mechanism used to confirm the claimed identity of a user attempting to complete a transaction by taking advantage of the combination of at least two different pieces of information or factors. The factors could be an item they possess, information they know or some part of themselves (like a fingerprint or facial scan). At least two of the three factors, supplied simultaneously, are required to complete the requested transaction.
A simple, easy-to-understand example of 2FA is using an ATM to withdraw money. Only through the process of inserting your bank card (an item you possess) into the ATM machine and providing your PIN (information you know) will the transaction be allowed. Increasingly, companies are offering two-factor authentication for added security. You have likely experienced 2FA if you have had to reset your password for a technology company. Typically, a text or email with a six-digit code is sent to you and you need to supply the code to finish resetting your password. When it is offered, utilize 2FA.
Other authentication types include multi-factor authentication (MFA) which require you to “have something” and “know something.” The “know something” could be one-time passwords (OTPs), SMS text codes or biometric responses. The next generation of authentication is continuous multi-factor authentication (CMFA) which leverages both biometric and behavioral traits to build an assured digital identity. With this assured digital identity users will be able to authenticate into systems by simply being next to the computer, building door, car or anything that can receive a signal from the authenticator. For a sneak peek into what assured identity could look like, watch this video from Army Lt. Gen. Alan Lynn.
Get rid of unnecessary items…
I recently took a look at the WiFi connections on my laptop and found hundreds of saved connections going back multiple years, all the way back to when I first bought the machine. There were even connections to the old (unsecure) WiFi protocols WEP and WPA (I described those protocols in part 2 of this blog series). You can quickly clean those up and delete everything unless it’s a connection you use on a weekly basis. You can always reconnect.
It might be a good idea to go through all the apps on your smartphone and tablet and remove the ones you rarely use. Oftentimes, we download the latest app and grant it permission to access our contacts, microphones or cameras. Spare yourself the trouble of digging into the settings of each app to manage the permissions. Instead ask yourself how important the app is and if it is of little value, delete it.
Manage your social media information…
Given the situation with Facebook lately, I elected to add some information on social media since so many people are second-guessing the value of the service altogether. If you use social media, follow this link to learn how to check to see if anyone else has been accessing your Facebook, Google+ or Twitter accounts. If you are interested in moving away from Facebook, this link walks you through three options: deleting Facebook altogether (including instructions for downloading your data first), deactivating your account (if you think you may want to return someday) or restricting usage. At the very least, if you are a Facebook user, take a moment to read “The Complete Guide to Facebook Privacy” from Wired to ensure your settings are as you intend them to be.
It is also prudent to avoid the temptation to post vacation information on social media. There have been documented cases of people’s homes being robbed during their time away because they announced their plans.
Close and summary…
It is my hope that the steps I have outlined in this post will help people take the necessary steps to practicing good digital hygiene. This entire series has been written with an individual in mind; if you are interested in learning about digital hygiene at an organizational level, follow this link for more information.
When I started to write this mobile security blog series, my intent was to provide people with straight-forward actionable cybersecurity tips, and I hope I accomplished that. Feel free to share it with others if it was helpful for you. While it may seem like I provided a lot of information, there are endless amounts of additional cybersecurity advice online. For a more comprehensive document on anti-hacking, please take a look at the “Motherboard Guide to Not Getting Hacked.” The US government also offers a host of useful security tips. The fact remains, while it might be impossible to keep yourself and your data safe 100% of the time, there are steps you can take to significantly reduce your risk. Read more about Privoro’s smartphone security solutions and SafeCase for iPhone today.