12 Steps for Staying 1 Step Ahead of Online Security Threats
By: Andrew Browne, leader of Lavasoft Malware Labs Team
Pop-up windows are a common form of online advertising and often appear so quickly that users are caught off-guard. However, some pop-ups, when clicked, trigger spyware that can cause serious damage to computers. That's why it's important to never click "agree" or "OK" to close a pop-up window, and only click on the red "X" in the corner or Alt + F4 to close it safely.
With the explosion of Web-based communications in the form of applications, blogs, podcasts, and social networking sites like Facebook and Twitter, new security threats that can cause serious damage to computers are emerging. As they access these Web-based services from both work and personal computers, many users are unaware that they may be exposing themselves and their organizations to risk.
In this increasingly social and interactive world, organizations must take the necessary steps to strengthen their defenses and protect their online property. While the Internet continues to offer exciting new ways to collaborate more interactively, it is also introducing highly targeted threats to the mix.
Recent data breaches -- such as the Zappos incident early this year, which involved the theft of personalized customer information -- are reminders that both individual users and organizations must have security measures in place to actively protect themselves from the latest cyber threats.
Following are 12 simple steps to ensure that your personal information is protected online.
1. Surf and Download Safely
Yes, we've heard this advice before, but online behavior is critical to ensuring the protection of your computer. When browsing the Web, be sure to visit only websites that you trust. Free, file-sharing programs are often bundled with sneaky spyware, and it's important to read all End User License Agreements and privacy statements carefully before installing new software.
2. Beware of Email Attachments and Links
You're likely familiar with the warning, "Don't Click That Link!" and there's a reason it's still appearing. Email attachments and links present in both email and instant messages can contain malware. Use caution even when a message appears to come from a safe sender, as identity information in messages can easily be spoofed.
3. Close Pop-ups, Don't Hit Agree
Pop-up windows are a common form of online advertising and often appear so quickly that users are caught offguard. However, some pop-ups, when clicked, trigger spyware that can cause serious damage to computers. That's why it's important to never click "agree" or "OK" to close a pop-up window, and only click on the red "X" in the corner or Alt + F4 to close it safely.
4. Select Strong Passwords
News of password-related security breaches has dominated the headlines over the past 12 months, as in the recent T-Mobile incident, when names and passwords of staff members were published. The company's administrators had delegated the same password to each employee. It sounds simple, but the more complicated a password is, the more difficult it is to crack. A good rule of thumb is to avoid using birthdays, family or pet names, the word "password," or other obvious choices, and to select passwords that include both numbers and letters.
5. Update Software
Check regularly to make sure you have all the latest critical software updates and security patches. Online attacks are only becoming more sophisticated, so be sure to do your part in investing in proper, updated security software for your computer.
6. Take a Defense-In-Depth Approach to Security
In addition to having antivirus and antispyware protection on your computer, it's important to also use a two-way firewall. If you use Windows, be sure auto-update is turned on.
7. Store Sensitive Data Securely
You keep sensitive paper documents under lock and key, right? Be sure to secure your sensitive online information through file encryption software.
8. Use an Updated Web Browser
Adjust your browser security settings to medium or higher to ensure that you're taking advantage of its current safety features. Also, consider using an alternate browser, which may lower your risk of malware attacks.
9. Keep Your Private Info Private
Be cautious about giving out your personally identifiable information to anyone. Find out why the information is needed, and then determine if it's absolutely necessary to give out.
10. Shred Personal Digital Documents
Before discarding personal or financial information, be sure to shred it first. This prevents hackers from bypassing information that has not been permanently deleted from your computer.
11. Access Financial Information From a Secure Location
Never log into your bank or other financial accounts from public computers. Don't access them on any wireless networks where login information can easily be stolen.
12. Stay Educated
In order to effectively protect your online data, you need to know what you're protecting it from. Awareness and caution are effective methods to counter fraud, and share security tips you learn with friends and family.
The key to securing a network is to stay ahead of the new security threats before they appear. To do this, enterprises and users must evaluate their security infrastructure and properly plan for the future, proactively thinking of how hackers will attack next, as threats will only become more sophisticated.