There’s no silver bullet for online privacy and security. In fact, no matter what you do, if someone wants your information badly enough, there’s likely a way for them to get at it. That said, there are several measures every web surfer should be using to employ a solid level of security.
This one’s been mentioned a number of times on this blog and should pretty much go without saying. Unfortunately – and I’m looking your way Mac users – there are still a lot of people out there who just don’t use this basic security measure.
Anti-virus software typically works with a two-pronged approach. First and foremost, the software monitors all programs opened on the operating system and compares them against a dictionary of known malware. Anything that matches up is snuffed out. The dictionary approach requires regular updates, so, for the love of God, don’t ignore that update prompt!
The second approach monitors programs for suspicious behavior. This part is key for picking up new malware that might not be part of a dictionary yet. So, if one program starts writing code on another program, your anti-virus software will let you know. The trouble with this bit, however, is that is tends to pick up a lot of false positives and users are often numb to the warnings by the time an actual piece of malware is detected.
And remember, even if you have a Mac or Linux system, malware is out there, so get that anti-virus program installed!
Manage Tracking Cookies
It’s like being on a reality show where viewers see everything you do, except the viewers are trying to sell you things and the cameras are little devices called tracking cookies.
Online advertising is a big business and top dollar is paid to sites that provide advertisers with your most intimate details. Tracking cookies are little files installed by advertisers through your favorite websites that tell companies what sites you go to and what links you click on. And while tracking cookies aren’t the only way advertisers learn about your habits, it’s a big step in the right direction to stop them from reporting your activity.
Currently, nothing’s available that flawlessly blocks tracking, however, most browsers offer plug-ins that do a pretty good job. Notably, Taco (Targeted Advertising Cookie Opt-Out) for Mozilla Firefox maintains a list of opt-out cookies and regularly updates to keep advertisers at bay.
Virtual Private Networks or VPNs are simply awesome and among the best ways to keep your information safe online. If you work in an office environment, you probably use a company VPN to connect to your work email and files. But the incredible level of security offered through a VPN should not be limited only to your work materials. Logging onto a VPN client should be as second nature as opening your laptop.
Imagine a VPN as a tunnel through which all your online activity runs. When you web surf – especially if you’re surfing over an unsecured wireless network – your information is floating out there, ripe for the taking by unscrupulous hackers. But if you have VPN software installed and you log onto the Internet through it, all your data is encoded and appears as only garbled gibberish to cybercriminals. Better yet, since VPN’s route your information through their own servers, companies that want to track your IP address’s activity will never know who you actually are – all they get is the VPN’s address.
SumRando is pretty much the best VPN ever and you can sign up for its beta here.
This issue popped up recently, but deserves another mention. Whenever you are prompted to run a plug-in, program, or anything by a website, your operating system will tell you whether or not it trusts the program’s certificate.
Think of a certificate as a signature. These signatures are issued by established third party organizations that verify the content on the web site is legitimate and trusted. If a window pops up to tell you the certificate is not trusted, stop. Make sure you know what you're downloading or running.
This should be pretty obvious, but a frightening number of people don’t take password security seriously. Remember the big Yahoo! password leak last week? The list below represents the 10 most popular passwords.
Admittedly, ninjas are pretty neat, but maybe not so great when it comes to online security.
A good password should avoid words or numbers that are obviously relevant to you. Baxter416 might seem like a good password since it mixes letters and numbers and has a change of case, but if your dog is named Baxter and you were born on April 16th, it won’t take long to figure out.
Use a separate browser for online banking
Attacks through browser vulnerabilities are very common and typically work to gain access to users’ sensitive data. And, without a doubt, banking information is the holy grail of sensitive information we’d rather not see in the hands of cybercriminals.
One of the best ways to avoid any sort of security compromise is to keep your banking sessions on a separate browser. That way, even if a hacker reveals your passwords and other login information, your hard earned money will remain safe.
Don’t be stupid
Your brain should be your first line of defense. I’m sorry, that Nigerian prince didn’t actually leave you $8 million in his will and nobody is sending you anonymous love letters.
When you are given a link to a website, look at it. Does the domain match where you should be going? The fact is, if something sounds too good to be true, it probably is. None of the mentioned security measures will do much if you're going to voluntarily put yourself in harm’s way.