These days, it seems that no one is completely secure online. Cybersecurity threats are everywhere, from the hacks on Yahoo and Sony Pictures to WannaCry, a ransomware that affected 150 countries and more than 200,000 computer systems including the UK's National Health Service (NHS), FedEx, and a number of U.S. hospitals.
In an era where our digital footprint can tell the story of our lives, it has become more important than ever to keep our information secure. Everything from our email to online banking, credit cards, and personal photos need to be protected.
So, what can we do to protect ourselves? I recently sat down with Dan Guido, the founder of Trail of Bits, a leading security company with clientele ranging from Facebook to DARPA. Dan has spent most of his life figuring out how to break into computer systems to make them more secure and protected from malicious attacks. These are the six security tips he shared.
1. Forget all your passwords.
Most people use the same password for multiple accounts. If one account gets hacked, hackers can gain access to all of your accounts. Instead, use a password manager like 1Password or Dashlane. These apps create complex passwords that no one can predict and that will keep your accounts secure.
2. Turn on two-factor authentication or a FIDO key.
For your most critical accounts that you use every day. such as online banking, email, Facebook, etc. use two-factor authentication.
Every time somebody attempts to log into the account a message is sent to your phone containing a temporary verification code. To log in, you must enter the code. If somebody figures out your password, they still need your phone and access to it to get into your account.
You can also add an extra layer of security by using a FIDO key. This is a physical USB key for accessing certain accounts. Think of it as an ignition key for your car but for your email and other logins. If it's not plugged in, you--or anyone else--are not going to be able to get in.
3. Replace an old computer with a new, simpler one.
Old computers simply can't be secured. There isn't any security software that you can buy to protect them. Get rid of your old clunker without seatbelts and upgrade your equipment. If you are really concerned about security use a Chromebook, iPad, or Windows 10 S device. They each come with security measures built in that put you ahead of hackers.
4. Clean up after yourself.
Think of data like pollution: dangerous, long-lasting, and once it leaks there's no getting it back. If it is sensitive or private, "sequester" your data by storing it offline or deleting it if you don't need it. You may have old accounts with old passwords that you never use. Take the time to clean out your digital files and store them somewhere safe.
5. Don't use email for the sensitive stuff.
6. Use a VPN when necessary.
If you're not at home and need to get online, use a virtual private network (VPN). However, be careful. Most of them are not as secure as you hope. Unless you can setup your own VPN, which you can do with Algo VPN from Trail of Bits, you may want to look into Cloak, Freedome, or PIA.
It is impossible not to be online today if you want to be productive. However, with these systems in place, you can do it with security and peace of mind. It takes as little as 15 minutes to set up the right measures to avoid having your identity stolen, your email hacked, or sensitive photos and other information leaked.