Improving online Security
In order to stay safe online, here are a few security practice recommendations that we can all try and follow where we can.
– Update Windows / macOS / Linux / smartphone regularly whenever a security update is released. This should be automatic but it is worth manually checking periodically. For Windows updates, these are published every second Tuesday of the month (morning US time). There can also be updates during the month if there is an important security issue.
– If you do not need the Oracle Java client or the Adobe Flash Player client that IE/EDGE requires, remove these from your computer. They are both prone to security issues.
– Update anti-virus/malware application to have their latest definitions.
– Update applications to their latest version. Use an application version checking application such as ucheck
– It is very, very important to never reuse website passwords – if there is a breach of one site, more of your sites could then be at risk if they share logins.
– If you need to physically write down passwords, do so. Just don’t put these on a post-it note on the monitor or on a Facebook post!
– Using a password manager secures passwords and removed the need to manage them yourself. You just need to remember a master password to get into the password manager!
– For websites and accounts with personal/financial data, setup 2FA – “two-factor authentication”. This is where in addition to the password of the account, you need a code from a phone or an app. If a bad guy gets your password, they will not be able to get into your account as they will not have your second-factor login. Most bigger sites offer 2FA – all main email providers, PayPal, Amazon, Twitter, Facebook, Dropbox and many more.
– Change the default login password on any home routers, IoT devices (for example, baby monitors, heating devices) that you own.
– Sign up all of your email addresses to haveibeenpwned.com – this will alert you if an address you have is found in any compromised data dumps on the Internet.
– When using websites and you find a site that does not have a locked padlock in the browser address bar (https) and is, therefore, not secure, it may be useful to advise the website owner and ask them to secure the site. This way, you know that all data going from you to them and back is encrypted and not susceptible to a hacker looking in.
– If your browser supports it, add in the uBlock Origin browser extension. This blocks unwanted page calls that most websites have that improved load time, reduces data transferred, reduces unwanted adverts and any malicious code that may try and get onto the page.