Pulling Off a Cybersecurity Makeover
Follow this wise advice and simple tips for protecting your laptop, tablet and smartphone—before it’s too late.
By Marc Saltzman
Scan today’s headlines and you might question just how much you really want to do online: An Equifax hack exposing up to 143 million credit records; fake apps that contain “malware” (malicious software) that targets Android smartphones; and a new “phishing” scam that tricks computer users into revealing all of their personal information. And, lest we forget, “ransomware” is on the rise, too, where cybercriminals lock you out of your files until you pay up.
But fear not…You don’t need to unplug or go back to snail mail and the Encyclopedia Britannica. I’m here to tell you that there’s no need to be held captive by a lack of tech-savvy wherewithal. Simply set up these few security measures to ensure that you and your family are able to keep out the “bad guys” and safeguard your information. Here’s how to up your game in only a few minutes.
Step 1. Use strong and unique passwords
Never use the same password for everything—especially all of your online activity. Why? Because if a service is hacked and your password is exposed, cybercriminals won’t be slow when it comes to trying it on another of your accounts.
After the last Yahoo breach, for example, stolen email passwords were most likely cross-referenced with users’ bank accounts, say cybersecurity experts.
Not only should you use different passwords for all accounts—and password manager apps are a handy way to remember them all—but you should also try to use a passphrase instead of a password. In other words, a sequence of words and other characters, including numbers and symbols.
Step 2. Enable two-factor authentication
Make it harder for hackers to access your data by adding a second layer of defense. Wise advice is to use two-factor authentication. Highly recommended for all your online activity, such as your web mail, online banking, cloud accounts and so on, two-step verification/two-factor authentication means you not only need a password or passcode (or biometrics logon, such as a fingerprint or facial scan), but you will also receive a one-time code notification to your mobile phone that you will need to type in.
After the Equifax hack, everyone should set up a “credit freeze” with credit-reporting agencies. This involves the use of a personal identification number (PIN) that is required by anyone trying to access your credit report. Another takeaway from security experts: Regularly check your credit history for anything suspicious, along with bank statements and notices from insurance companies after medical procedures.
Step 3. Have good anti-malware
Just as you wouldn’t leave the front door to your home unlocked, you shouldn’t let your tech be vulnerable to attacks. Whether it’s a virus (or other malware) that sneaks onto your device or is let in by “social engineering” (such as the use of ransomware or a phishing scam), don’t be deceived into divulging confidential information.
Reputable anti-malware software installed on all your devices—laptops, desktops, tablets and smartphones—can quickly identify, quarantine, delete and report any suspicious activity. The most robust software offers a suite of services, including a firewall and encryption options. Personally, I use ESET Internet Security. It can be installed on multiple devices and runs quietly in the background to protect from intruders.
Step 4. Update your software
If we’ve learned anything at all from this past spring’s “WannaCry” global attack that is said to have infected some 230,000 Windows machines that were running an out-of-date operating system, it’s to set all of your software to update automatically so you don’t have to remember to do so.
Automatic updates can be set up for all of your operating system, browser, plug-ins and other software.You’ll only need to do this once. For software that doesn’t allow for automatic updates, add calendar reminders to check for regular updates.
On a related note, take a moment to secure your wireless router, too. Put a password on it—both to gain access to the internet (so your neighbours don’t steal your Wi-Fi time) and for entering the settings of the router (by changing the default password, such as “admin”).
Step 5. Back up, back up, back up
It doesn’t really matter how you want to do it—a free cloud service, external hard drive or USB thumbdrive—so long as you’re proactive about backing up your important files on an ongoing basis. It’s the only way you’ll minimize the damage if, or when, you’re hit with a direct or indirect attack.
Other assorted tips: Set up a “find my phone” app to locate your device if it’s lost or stolen; exercise common sense when reading emails and text messages (no respectful company, such as your bank, will ever ask you to urgently confirm your identity by filling out a form); and never click on suspicious attachments or links.
Forewarned is forearmed
Most of these “fixes” are foolproof and can be done without major technical know-how. However, if you still feel daunted then consider inviting your grandchild over to show you how, bribe a tech-savvy relative or friend with a good meal or go online for expert advice. After all, it’s no fun crying over spilled milk.
Marc Saltzman is a recognized expert in computers, consumer electronics, internet trends, and small business technology. You can see him on CNN, CTV, Global TV, and on Cineplex movie theatre screens across Canada. Follow him on Twitter @marc_saltzman.