The best security starts with you!

It’s something you’ve probably heard or read many times over, I know I’ve repeated it often enough… ‘the best security starts between the ears’. It’s always been a truism and never more so than in these days of ever increasing threats and cybercrime.

Getting the priorities right

Lately the net has been inundated with stories of tracking cookies and targeted advertizing, with most tech sites and blogs attacking them as though they were evil personified. While I concede that privacy is certainly an important issue, I am suggesting that perhaps the emphasis is just a tad skewed. Targeted advertizing can be a nuisance, an irritation, but I don’t believe anyone’s bank account has ever been drained of funds, or credit card details stolen, because of one or even one million tracking cookies.

If it upsets you to see ads displayed for products you’ve researched previously, you’re certainly not Robinson Crusoe. To be honest it doesn’t bother me unduly, in the overall scheme of things tracking cookies are a minor issue. And if you’re smart you too won’t allow the current preoccupation with tracking cookies divert your attention away from what are much more serious threats.

How you are more likely to get hacked

Many people perceive the ‘baddies’ as a bunch of seedy characters, working away in grubby basements, hunched over their souped-up computers incessantly attempting to hack into PCs so they can steal your information or hard earned dollars… a common misconception. Generally speaking, cybercrooks prefer to take the path of least resistance. Why spend long hours attempting to hack into computers when it’s much easier and quicker to just trick the user into doing it  for them them? I see this almost every day when dealing with my clientele, many of whom are what I term ‘clickaholics’.

Scamware and malware infections are probably the most prevalent cause of call-outs among my clientele. Almost every single machine I deal with is infected, often with multiple instances of malware. How can this be? Because they are clicking on links in emails they shouldn’t be clicking on, opening email attachments they shouldn’t be opening, inadvertently clicking the wrong download buttons, downloading from sites they shouldn’t be trusting, and generally not applying due diligence… clickaholics! You’ll all be familiar with the saying “look before you leap”, that old and wise adage applies equally to online life… ”look before you click!”.

What can be done to help improve security

Socially engineered threats, those which rely largely on user interaction to perform their dirty deeds, constitute the largest and fastest growing group of threats today. Wikipedia describes social engineering thus… “The art of manipulating people into performing actions or divulging confidential information.”

The strange thing is… many people who adopt a common sense approach throughout their offline lives seem to throw that philosophy out the window when it comes to their online lives. They know darn well that ‘something for nothing’ is an illusion yet seem to believe the net somehow magically alters that concept. No, you are not the 100,000th visitor on that website, and no, you haven’t just suddenly won a large sum of money. No, you won’t get a free iPad if you help test one, and no, that email almost certainly did not come from your bank. If many of these techniques were encountered during everyday offline life they would be treated with the skepticism they deserve, the very same philosophy should be applied when operating within the realm of the Internet.

I would never suggest that users do not require anti-virus, and would always recommend installing a reputable anti-virus, but that is just the beginning of security, the first step, it is not the final be-all and end-all. Too many people allow installing anti-virus software to lull them into a false sense of security. The fact of the matter is you cannot rely on your anti-virus to protect you against everything, a goodly dose of common sense is also required.

I also highly recommend utilizing a good password manager. Weak passwords and using the same password on multiple sites creates a high level of risk. I put a theory of mine to the test during a recent social gathering. I commandeered the host’s PC, gathered all the party goers around, and randomly input their passwords into Daves Computer Tips online password test. This involved around 20 people of varying ages and backgrounds who could all be described as ‘average’ PC users. Results were shocking to say the least. I already suspected that their passwords would be very weak of course, but visual confirmation from an official source was bound to have a greater impact. A good password manager will not only record and maintain passwords in a secure environment, it will also help you select strong passwords and ‘remember’ them for you, including different passwords for each site and account.

You might also like to read through an article we published recently regarding sandboxing and site advisory services. You can read the article in full here: Increase you browsing security easily and effectively.

Last but absolutely not least: Everyone has in their possession one of the most potent and effective forms of security money can’t buy… their very own common sense. Make sure to take it along with you whenever you are visiting the Internet.