General Computer Security

I sometimes get asked to make some recommendations about how to keep your work computer secure, or home one and these are my basic starting tips without getting technical.

This was written in May 2019 so some examples may be dated when yuo read this.

I am not a security expert, so my points below are my opinion only.  However I have done more than the average person with sorting out some security issues but I am not formally trained in the area, only self taught.  That's my disclaimer by the way so get expert advice from someone else when looking to secure things. 

STEP 1 - SOFTWARE

1. Upgrade to the latest Operating System

If you are on windows XP, 7, 8 then you cannot be secure.  You need to be on the latest operating system. 

If you do not then make sure you have backups that are disconnected from your network and are regularly updated so you have a way to recover if you get compromised or your computer dies from being too damned old.  Have most of your data in the cloud via Office365 exchange and reputable online accounting platforms.

2. Use Windows Free Antivirus - Windows Defender on PCs

• Windows free antivirus is comprehensive.
• Make sure it is on.
• Make sure it is updated
• I personally don't like other antivirus programs on a windows machine with the exception of Malwarebytes

3. Use WEBROOT on a MAC

• I have found Webroot to be good software for small business. Small cost and small footprint

3. Set Windows Updates to Automatic - Set Mac Updates to Automatic

• Type in windows update settings and make sure they are on automatic.  This updates your vulnerable software

4. Install Malware Bytes - Pay for this on Windows

5. Only install Software that you use.  Remove software you are not using

• Software has vulnerabilities. They just don't know it yet. The more software. The more holes.  Remove software (that you installed) that you are unlikely to use again but be sure to diligently record software keys and codes so that you can install again for free later should you need to use that software again.

6. Keep Any Remaining Software Up to Date Using Patch Management Software

STEP 2 PASSWORDS

1. Buy Yourself a Password App For Your Phone and Synchronize It With The Cloud

If you have a phone you must get a password APP.  By having it synced to the cloud, if your phone is stolen, drowned, dies, lost you can download your encrypted passwords from your new devices and continue on like nothing has happened.

Passwords apps are from $5 - $100.

2. Use the Password APP to store passwords when you create accounts

Don't be lazy, that's crazy.  Be diligent to store your passwords on your phone app. Your phone is with you all the time so its perfect for this.

BUT Write down and record your Password APP password on Paper in secure location at home.  You could encode this too. if need be. If you forget this you are back to square one.

3. Don't Set DUMB EASY Passwords Like Your own Name, Your Kids Names, Your Pets Name, Your Company Name and Your Birth Year, Month or Day.

Brute force attacks take your basic information and blast thousands of options over a few hours and easily crack passwords.

Make up a random saying such as  - "I love to drink Beer and eat chips" and then you can make the password the first letter of each word.   Iltdbaec5%5

another Random saying "My mum use to smack me and I cried"  which can become with some numbers and characters on the end. Mmu2smaic6#4

Use song lyrics from two different songs or sports players numbers you like.

• Passwords should be at least 10 characters now.  Use Upper Case, Lower Case, Numbers & Special Characters
• Brute force is brutally fast on simple short passwords now.

4. Set Up 2 Factor Authentication Where You Can

• This means that each time you login, another device like your mobile will get a text with a random code or you use an app to get a code.

5. Make Sure Your Computer Logs Off when Unattended and You Have to Enter a Password to Open Your Computer

• Always log off your computer when leaving it.  Hold the WINDOWS KEY and L on windows.
• Mac has a keyboard shortcut as well. Google it : )

STEP 3 EMAIL

The number one way your computer is compromised is through opening a malicious file attachment  or clicking on a link which then downloads a tiny amount of malicious code in micro seconds that starts your undoing.

1. Never click a link or open a PDF you are not absolutely sure of

The number one way your computer is compromised is through opening a malicious file or clicking on a link which downloads a tiny amount of malicious code in micro seconds that starts your undoing.

Delete any suspicious emails and empty your trash regularly

Mouse over links without clicking on them in email and look at whether the domain link looks suspicious.  They can often look very close to an authentic domain but be subtly different. Any doubt , throw the email out.

2. Never click a link or open a PDF you are not absolutely sure of

The number one way your computer is compromised is through opening a malicious file or clicking on a link which downloads a tiny amount of malicious code in micro seconds that starts your undoing.

3. Use Office365 Exchange Email as opposed to POP or IMAP

POP and IMAP are cheap alternatives but dont carry the weight of security that microsoft offer. But microsoft office365 is by no means invincible.  Plenty of big companies using microsoft products get into trouble.

4. Do Not Open Any Attachments You Are Not Explicity Expecting

If you were not expecting an attachment don't open it.  Email or SMS your contact and ask if they sent you a file.  Even if you are expecting it, double check the source.  Everyone is getting parcels delivered these days, so virus emails sent as delivery confirmation are a common tactic that are very effective for hackers and scammers.

5. Do Not Click on Any Links Unless You Are Explicitly Expecting Them

Have I made myself clear.  Dont click bloody anything you are not absolutely sure of.

STEP 4 WEB BROWSING

1. Avoid Porn Gambling or Anything Insidious on Work Computers and Networks

Some of the most unethical nasty people in the world use the lure of porn and gambling and other insidious vices to entrap your business computer systems.  Do not search up or visit these sites.  Malicious software can be downloaded onto your computer costing you thousands, tens of thousands of dollars, your entire business, your staff's jobs, your marriage, the respect of your children.  Ask yourself is it worth it.  If it is, get a cheap or old reformatted laptop you can ruin and make sure its never on the same network as your office systems.  The few hundred you spend here will save you thousands to tens of thousands.

2. Make Sure Your Web Browser Software is Up To Date and Check HTTPS Status Before Entering Logins to Accounts

When logging into bank accounts and online accounting software, check you are where you should be and that the appropriate security indicators are in place.  You can click on these to check. If in doubt, stay out.

STEP 5 REMOVE WIFI OR MAKE THE PASSWORD COMPLEX

WIFI networks are gold for hackers.  Usually passwords are set to be ridiculously guessable or can be brute forced becuase they are too short.

• Turn off WIFI and use cables
• Or make sure wifi password is greater than 14 characters
• Specify in your modems configuration which devices are allowed to connect to your wifi so others cannot.  This is done using your devices MAC address which has nothing to do with Apple products.

STEP 6 HAVE PROFESSIONAL OFFSITE BACKUP OF ANYTHING VALUABLE THAT IS ON YOUR SYSTEMS

• Do NOT do a dodgy DIY offsite backup system as your main back up process. Sure do a backup but you also need to

• Get a professional cloud backup service to backup your critical data and files so that they can be restored if you are hit with a virus, encryption attack, computer failure.
• Use a well regarded experienced local company where possible so you can get fast local support.