Tuesday, December 22, 2015

What's in Your Home Computer Security Toolkit?

   It's always great to get questions and comments from readers.  I received this question recently:
My home recipe is Windows Defender, Malwarebytes and KeePass. Is that a good approach or should I be thinking about adding something to my security toolkit in 2016?
   Thanks for the great question!  You’ve got some good bases covered:
  • Anti-malware (I also use defender)
  • Malware removal (I also use malwarebytes), and
  • A password vault (I use LastPass)
   That’s a great start. To round out the core toolkit, I’d add 2 things:
  1. Backups – you’ve got irreplacable pictures, tax returns, music and info of all sorts. There are many of good online products available that encrypt your data before cloud storage. I use CrashPlan, but there are many others.  For extra bonus points, you can both backup one computer to another computer and to the cloud.  That way you have more than one way to recover.

  2. Next, 2-factor authentication should be added for any sites and accounts where available.  This nicely complements your password vault so that even if an attacker stole individual or multiple passwords, they still couldn't log in to your accounts without your phone or other second authentication device.  I wrote about this recently.
   There are also a few things to do:

  1. Turn on automatic updates.  Most systems, operating systems, browsers, programs and apps have an update function.  Problems are round in code regularly.  The support groups creates a fix and then sends out an update.  Computers, tablets and phones all have this... often.  You can turn on Automatic Updates for Windows or MacOS, and most of the applications on those platforms.  Your tablets and smart phones regularly offer updates, both to the base operating system and the apps.

    • Whenever possible, choose "automatic updates", unless you have a specific reason to not do this.  Be sure to keep your browser updated.

    • As a bonus tool, I use SecuniaPSI on Windows.  It's a free tool to help you keep your software updated.  It scans to see what applications you have, then watches for available updates and can auto-update.  The current version is v3.0, but I actually like the older v2.0 interface better.  The program is the same, just the interface is different.

  2. If you don't need it, don't get it or get rid of it.  The more things you have installed, the more things you have to update.  If you have old programs that you don't use, uninstall them.  Maybe you were testing out a few different photo processing programs or games, downloaded and installed them, and chosen just one to use.  The others should be uninstalled.  This is especially true for apps on smartphones and tablets.  It's too easy to download way too many apps.  Keep the ones you want, but get rid of those you don't need.

  3. Change the default password on your broadband router.  If you have home broadband then your service provider issued you a router.  Most people don't need to configure or change this router.  You should, however, change the default administrative password on this router so a random attacker can't make changes!  There is too much variation among these devices for me to list the instructions here, but your service provider can give you instructions or you can look up your router model online.
   One last thought about portable devices, particularly smartphones and tablets.  These devices are great because they are small, easy to carry and give us access to everything!  Unfortunately, that also makes them valuable to thieves and easy to steal.  All of the tips above also apply to your portable devices.  In addition to those tips, keep an eye on your devices.  As we enter the winter holiday season, check out these tips for traveling with your devices.

   I talk more about these ideas, and some others, in my four part online self-defense series.

   What are your favorite home information security tools?

No comments:

Post a Comment