2021 New Year's Resolution? Improve your online security!!
As we move from 2020 into 2021 inevitably the discussion arises about what can we improve moving forward and what resolutions might be adopted to inevitably discard after the holiday fog wears off. Here's one to consider that delivers immediate value, is relatively easy to do and is likely something that you've neglected if you're like most people.....IMPROVE YOUR ONLINE SECURITY!
Believe it or not, preventing a hack is much easier than most other New Year's Resolutions you might be considering - while resolving to resume your fitness regime and lose those extra holiday pounds is still a good idea, the value-for-effort equation might pale in comparison to the additional personal security and privacy guaranteed with just a few simple steps. Whether it's protecting against identity theft, preventing the potentially significant impact of a ransomware infection or just ensuring that all of your financial information remains private and your banking secure, taking some relatively easy precautions with 20 minutes of effort is more than worth the investment.
HOW, you ask?
Step 1: Update, Update, Update
The most frequent vulnerabilities successfully exploited are usually related to software or hardware updates that have NOT been done in a timely fashion. A zero-day exploit in a desktop operating system or a buggy firmware update for a hardware device or maybe an application update on one of your favorite mobile apps - any of these can introduce a vulnerability that can result in malware, remote takeover, data exfiltration or all of the above. The easiest way to protect against these exploits is to stay on top of your updates. ALL OF THEM. While this is something that you SHOULD be doing regularly, and it's a good habit to apply updates as soon as they're available, the start of the New Year is a great time for a check up. And it's good advice to make a list and check it twice, just like Santa. These days there are more items to update than ever before, some obvious ones and some no-so-obvious.
While the basics are evident, it can be challenging to identify everything that might need to be checked or updated - a good rule of thumb is if it's connected to the internet, you need to check it. While this is by no means complete, here's a starter checklist:
Desktop Operating Systems - Windows / Mac OS / Other
Desktop Applications - Windows / Mac / Other
Mobile Devices - iOS / Android
Mobile Applications - iOS / Android
Gaming platforms Operating Systems - Playstation/XBox/NVidia/Etc
Gaming platforms Applications - Playstation/XBox/NVidia/Etc
Smart TVs - System update AND applications
Media Players - NVidia/Roku/Amazon Firestick/Apple TV
Smart Home Connected Devices - Philips Hue/Nest/Security Systems/Amazon Alexa/Google
Home Audio Systems - Connected Amplifiers/Speakers/Sonos
Wireless Routers - check firmware version and update availability
Wired Router/Internet Gateway - check firmware version and update availability
Step 2: Throw out the trash
Imagine how cluttered your home would be if you never threw out the garbage and just let it keep accumulating. That's how your devices feel if you don't regularly get rid of the trash. Go through all of your apps on your desktop and mobile devices and delete what you no longer need or use. We'll get to backups in a minute, so this isn't about deleting your pictures or videos, this is about all of the crap applications that have inevitably ended up on your computer, phone or tablet. At some point there was a valid reason for downloading and installing said crap, but that might no longer be the case. If you don't need it, delete it. Not only will you free up space, you'll reduce your threat profile with one less application to worry about. While some operating systems have gotten better at firewalling apps that you haven't used for a while, it's safer to delete them, especially if you're not regularly updating.
Step 3: Check your backups
This one's important. It has ALWAYS been important, but more so now with the additional ransomware risk. Whether you're a smart user or not, the likelihood is relatively high that you might be targeted in a ransomware attack. The best defense is to simply not care since you're diligent about making sure your data is regularly backed up. While it might be slightly painful to lose a few hours of data or a day's work, it's better than paying a ransom to MAYBE have your data decrypted. If you're already backing up your data, kudos to you. Check to make sure your backups are working. Don't just assume they are. The worst time to discover a problem is when you're trying to restore. And if you're NOT currently backing up your data, the excellent news is that it's easier now then it ever has been. Whether you're an Apple nerd using Time Machine or a Windows diehard using the native backup tools or a cloud storage fan using one of the multitude of secure services out there, data and storage is cheaper than it's ever been. Use it. If you don't like any of those options buy a portable hard drive and go old school if you must. There's no excuse. It's as simple as setting up a recurring schedule. Set it and forget it. And not just on your desktop - don't forget your mobile devices. You'd hate to lost that cute cat picture you took last week.
Step 4: Password Security Checkup
Password security is becoming more difficult to effectively manage without some help, especially in today's world where it's likely that you might have countless online accounts. How many of them use the same username, or worse, passwords? Can you even REMEMBER your passwords, or are you one of those yellow sticky note people that your IT team hates? The start of the New Year is a great time to fix the problem if you have one. There are many decent password managers out there that can help you - use one. Whether it's Dashlane, LastPass or one of the other secure services, take advantage of the tool to make this problem go away. Yes, there is some up front effort, but the payoff is worthwhile. Once your tool of choice is set up, password management and synchronization across devices becomes seamless. To do this right, though, you should check first to see if any of your email addresses are recorded as having been compromised across your many online accounts. While it's a good idea to change your main passwords regularly and a password manager will help with that, you need to know where the main risk is first. Some services like Credit Karma will monitor your accounts for compromise - you can also check it yourself at
Step 5: Multi-Factor Authentication
This is a recommendation that we continue to reinforce and it's been the subject of many previous posts. Use multi-factor authentication for any services where it's available. Even if you do a good job with meeting the recommended password strength requirements, you can still be compromised. Because of the proliferation of stolen credentials and data breaches, most services now offer dual-factor authentication as an available login feature. Use it. Whether it's via an SMS message login code sent to your phone or via an authentication app like Google Authenticator, opt-in everywhere you can. And the authentication app mode is preferred as more secure than SMS messages - there's a chance that SMS comms can be intercepted since they're sent via the public switched telephone network. Requiring that second code, or 'factor,' means that anyone who might have your password would also need access to your physical device to successfully compromise your account. While using strong passwords and multi-factor authentication isn't foolproof it's usually enough to ensure that your accounts will remain secure and private.
Step 6: Social Media Privacy Checkup
An often overlooked security vulnerability is related to your previous social media activities, and specifically to apps that you may have granted permissions to or 'linked' to your social media accounts. How many times have you logged into a service or created an account that's asked 'Would you like to login with your Facebook or Google credentials?' How often have you said yes? In general, that's a bad idea and not a secure practice - now if one service is compromised, you're compromised on both. It's ALWAYS a better idea to create separate credentials for every account. More effort, yes, but also more secure. The good news here is that social media platforms like Facebook allow you to manage and inspect all of those settings to see what other platforms you've allowed data sharing with. The painful factor is that they frequently change how those settings are managed and what you can specifically adjust. Check your settings. Remove any linked apps that aren't absolutely necessary. Ideally remove them all and create separate credentials. It's also a good idea to leverage the tools that some of those services make available to check your security or privacy settings. Google, Facebook, Twitter, Microsoft and Apple all provide help in these categories:
Step 7: Third-Party Security Tools
Finally, make sure that you have the appropriate tools operating for whatever platform you're using. Whether it's Anti-Virus, malware detection, firewall or VPN security or similar tools, there are many combinations of local applications and third-party security services that provide the necessary levels of protection depending on your risk tolerance and threat level/exposure. This is an area that can get more complicated depending on your specific requirements.
These categories for your 2021 'Checkup' will go a long way towards ensuring that your 2021 improved security resolution will be achievable and deliver real immediate value.
Need some help with any of these issues or some more detailed information security advice? Contact us at principia/RAID.