Spring Cleaning: Digital Security Edition

Cyber Security Posted Mar 30, 2018 by Carro Halpin

It’s been a slow transition into spring here in Boston with a chilly Nor’easter dropping snow just last week. We’ve been stuck inside longer than we hoped – it’s hard to find an excuse to not spring clean. Tidying up at home is obvious, but we all spend a fair amount of time online and on our devices, too. It’s important to step back and assess our digital presence. Here’s a quick list of suggestions for creating new habits to secure your online identity.

Improve Password Security Posture

Use a Password manager. Collecting all my passwords in a note book felt like a huge success – yet I still find myself requesting emails to reset my password. It’s frustrating and not secure. I’ll be signing up for the free version of LastPass, but there are several options out there. You’ll be more inclined to choose a unique password for every online account you have account if you possess a password manager.

Commit to creating better passwords. Short words with complicated numbers, capitalized letters and special characters are standard, but actually not very secure against brute force attacks. Plus, they are a pain to remember and it’s easy to reuse such passwords by making single character changes (like changing the last number). Instead, stick to long phrases of words you will remember. One of the most popular password of 2017 was “starwars.” Did users forget their passwords? No. But was their password secure? No. A better choice would be “episodevtheempirestrikesback.”

Secure your accounts with multi-factor authentication. There’s many options to choose from, but they all require something you know (password) and something you have (device). Gmail has a built in 2FA option that requires you to enter a code texted to your phone. This is the least secure option as SMS messages can be intercepted – but certainly better than nothing for the average user. The free Google Authenticator app generates tokens that can be used for many of the most popular online accounts. Here at CHEN PR we use Duo Security to connect to our VPN by accepting a simple push notification on our phones. I love that I can also use it to secure my Amazon account. For any website that stores your personal health or payment information, opt in to any multi-factor authentication it offers.

Use Anti-Virus Software

If you don’t have anti-virus (AV) installed on your computer, there’s a number to choose from. Now, if you already use Kaspersky AV, I highly suggest uninstalling and removing it. Probably a good idea to reset all your passwords too…

I’m kidding. If you don’t work in national security, this is probably overkill. Regardless of what AV you do use, configure it to not to send your data back to the vendor.

Review Data Privacy Settings 

The recent wave of Facebook criticism following news of unsavory consumer data practices – such as tracking Android users’ phone calls – has been an overdue wake-up call for consumers. Even Playboy joined the #DeleteFacebook movement citing their “values.” If you don’t want to sever ties with the platform, there are many settings you can adjust take control of your data – such as limiting third party apps and plugins. Check out WIRED’s Complete Guide to Facebook Privacy.

Physically clean your devices

Seriously, grab Clorox and screen cleaner and wipe down your devices – especially your phone. My laptop needs some serious TLC – a can of compressed air and a silicone keyboard cover will do the trick. I might pick up several cans for the office – we’re all guilty of eating a meal (or two) at our desks during the day.

Back Up Data

Finally, be sure your data is stored on an external hard drive or in the cloud, and updated regularly. I pay 99 cents per month for a lot of space on iCloud, which automatically syncs with my iPhone – it’s worth so much more than that. In the off chance you’re hit with ransomware or more likely spill coffee on your laptop – you’ll be aces.