Cybersecurity Basics

It’s April Fools Day, and in honor of those people who are still trading away safety for convenience when working with a computer or online, we have a short list of simple and basic security methods.  If you are someone who provides “tech support” for a family member or are the “go-to” unofficial tech support in a small business, this is a good place to start.

Behaviors

This is simple stuff, but important, because all the cool security hardware and software will not prevent the computer user from doing something dangerous.

  • Every email might be a phishing email, learn what to look for
  • If it seems too good to be true, its a scam.
  • Do not click on clinks or open attachments in emails unless you know the person who sent it, and the reason they sent it.
  • If you do click on the link, and it takes you to a page where you need to enter your user ID, password, or other personal information, just stop
  • Ignore phone calls from “tech support” or pop-ups that say your computer is infected.  It is not, and this is a scam.
  • Stay away from “system optimizer” software.  It doesn’t help.  If your computer is slow, you have a malware infection, or your computer is too old.
  • Use an up-to-date web browser.  My favorites from a security perspective are Firefox or Chrome.
  • Use a password manager.  I bit of a pain to set up, but saves loads of time down the road, as it automatically fills in your user ID and password everywhere.
  • Use two-factor authentication where you can.

Hardware

  • Use a Chromebook.  Since Chromebooks access everything through a web browser, they are easy to secure.  Since you can’t install software, the bad guys can’t install their software (malware) either.

Software

  • Use an anti-malware product.  If you are running Windows, Windows Defender is fine, just make sure it is active.  If you have to buy something to feel secure, then Malwarebytes is my choice.
  • Free software is nearly always ad supported, and will tend to slower your computer down.
  • Stay away from software download sites such as Download.com, Major Geeks, or Cnet.  Often the software you want comes bundled with a bunch of other unwanted and useless advertising programs.
  • Download software only from the manufacturer or developer website.
  • Software pop-ups and error messages may be fake malware exploits, or may be real.  Look at the title bar at the top of the pop-up window to see what program is sending the message.  If its generic, its probably a scam.  Googling the error message will help you decide if its fake or real, and what to do about it.

Browser Add-Ons

  • Good browser add-ons can help block malware, excessive tracking, and advertising.
  • Bad browser add-ons can change your search provider from legitimate Google and Bing search pages to dodgy look-alike sites that push adds and worthless software programs.  Any add-on that adds any sort of browser toolbar can be considered bad.  This includes mapping, shipping, coupon, and other gimmicks.

So there’s the short list.  Not too difficult.  So get to it!

1

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Comments

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.