Secure Computing Habits
There are several different types of computer users, but there are some fundamental best practices that everyone can follow to help protect themselves, their data, and their computer. Secure computing habits will do more to protect your computer from harm than any piece of software available on the market. As our lives increasingly depend upon the internet, we owe it to ourselves to understand the different types of risks out there and learn some skills for how best to mitigate them. Even advanced users engage in behavior that is unsafe in regards to their computers and mobile phones. As we’ve explored previously, malware is experiencing exponential growth as the tools to create it become easier to use and more widely available as many countries lack the skills and resources to go after the bad guys.
This article will show you some of the things that every computer user should do and practice in order to remain secure on the internet. More than anything else, it is your behavior that dictates the level of risk that you are exposed to online.
Basic Best Practices
What follows are a list of some of the easiest and most basic things that everyone should do to protect their computers. Every single one of these practices should be something that you do and feel comfortable with and forms the foundation of secure computing habits.
Turn on Automatic Updates
Modern software has many thousands of lines of code (some has many millions) and when you account for all of the things that software can do and must interact with, there is a huge potential for an attacker to find their way into your system through a vulnerability. There is a constant battle between attackers and software vendors to keep their wares patched and up to date to protect their customers.
You need to keep your operating system up to date. It doesn’t matter if you are using Windows, OS X, or Linux – every one of these systems has vulnerabilities that can be exploited to infect your machine with malware.
To turn on automatic updates for Windows (this is turned on by default):
- Click the Windows icon and type Update
- Select Windows Update
- Select Choose how updates get installed (Windows 8+)
- In the dropdown menu, select Install updates automatically
- Click Apply
To turn on automatic updates for Mac OS X(this is turned on by default):
- Go to System Preferences – App Store
- Ensure that the Automatically check for updates checkbox is checked
- Ensure that the Install app updates checkbox is checked
- Ensure that the Install system data files and security updates checkbox is checked
- I would recommend also selecting the Automatically download apps purchased on other Macs
- Go ahead and click Check Now
To turn on automatic updates for Linux (this example is for Ubuntu):
- Go to the Ubuntu Software Center
- Go to Edit – Software Sources
- On the Updates tab, in the Automatically check for updates dropdown, select Always
- Ensure that the following are checked under the Install updates from section: (Important security updates, Recommended updates)
- Click Close
Now that you have your operating system updating itself automatically, you must turn your attention to all of the other software that you have installed on your computer. For some time now, the vast majority of security exploits have come from 3rd party software – not from the operating system. I know what you are thinking…how the heck can I do that!? I have programs from 20 different companies!
Let me introduce you to a free utility called Secunia Personal Software Inspector:
Use Security Software
If you are going to develop secure computing habits, it is very important that you use a security program on your computer. I know that your computer probably came with McAfee or Norton, or someone told you to download Microsoft Security Essentials (*ahem), but I am here to tell you that there is a better way. A free way. Do not pay for McAfee or Norton. Or any other security software for that matter. Every so often you will come across a test of the different antivirus programs out there pitting them against a bevy of malware in the effort to crown a winner. I have news for you – those tests are almost meaningless. The threat landscape changes so frequently that the winner on one day could come in dead last the next if they haven’t updated their definitions recently. When evaluating antivirus software, what we are looking for is a proven track record over time. With that in mind, I am going to recommend two antivirus products. One of them is free and the one that I recommend and the other is a paid version if you are one of those people that insists on paying on the belief that it will somehow provide you with more protection:
It is vitally important that you back up your data regularly. This is probably the most important thing that you can do and will provide you with the greatest peace of mind. Computers can fail, become damaged, or stolen. Hard drives can fail. In fact, you can count on at least one of these things happening eventually. Hardware can be replaced – data cannot (for all intents and purposes). You need to have a backup of your data. In fact, you need to have multiple copies of your data in different locations and preferably on different forms of media.
You should be practicing the 3-2-1 strategy for backing up:
3 Copies of Your Data
One on your computer. One on an external hard drive. One in the cloud.
2 Types of Media
Data should be on your hard drives and in the cloud
1 Copy Off-site
I know that the cloud can be scary for some and there are some concerns, but I am here to tell you that for the vast majority of people, the cloud is the best option. Sending copies of your data up to the cloud ensures that you have a copy stored off-site and one that is stored on more than one hard drive. Cloud providers handle all of the redundancy for you. Luckily enough, cloud storage is easy to use and provides enough storage for your documents for free and very affordable storage if you wanted to upload a bunch of photos and videos.
There are two options that I recommend for cloud backup: Microsoft OneDrive and Crashplan. Microsoft OneDrive provides enough free storage (15GB) to handle your documents (Word, Excel, Quicken, etc.) and has the best deal going should you wish to upload a bunch of data. Other cloud providers such as Dropbox and Google charge as much as $10 a month for a minimal amount of storage, but what if I told you that for less than that you could get 5TB of storage AND 5 desktop copies AND 5 mobile copies of the latest version of Microsoft Office? I hope that I just blew your mind. This is a no-brainer, and if you are using a modern Windows machine, you probably already have an account. You can then upload all of your data into the cloud and rest easy. Should you be looking for something more automated, I highly recommend Crashplan. Crashplan installs on your computer and automatically backs up your files to the cloud without any effort on your part. Crashplan does not have a storage limit and costs around $5 per month.
Don’t Install Unsolicited Programs
Sadly, the software market has changed and in order to make money, many software makers have turned to bundling. Even if you are downloading the program that you intended, there is a good chance that you might also be installing some add-on or utility that you did not intend to. Many websites that host program files to download will interject these add-ons into the program installer and unless you are careful, you can easily install something that you didn’t want. Or, perhaps you have went to a download site, found your program, and seen three similar looking download buttons? What one do you click? My advice to you is this:
- Avoid Download.com – it is the plague
- Try to download the file from the authors site and not from a third party
- If you can’t find a clean site hosting the installation files, perhaps reconsider whether or not you need the program
- If all else fails, contact me and I will see what I can do to help you