Cybersecurity is a very big deal. Just ask the health systems that have had their data hacked. The retail chains that have had customer credit card information stolen. Or even the hotel that paid to remove ransomware after all its guests were locked out of their rooms.
And it’s not just big businesses that are targets. ZDNet recently ran an article on the threat to small business. And, as you may remember, my website was hacked.
You’d think I’d be good at this stuff. At one level, I’m very security conscious. I never say anything on a mobile or landline that I really want to keep private. The bulk of my files are stored both locally and in the cloud, giving me access on the go and a backup if needed. My laptop, which leaves the house with me, has zero financial data stored on it. My passwords file is not called “passwords” — and it’s not on an Internet-connected computer either. I shred not only my own information but client draft documents, reports, and other non-public information.
And, yet, I’m a cybersecurity novice.
This is why I was so excited when the New America Foundation announced it was holding a Cybersecurity Self-Defense Class. I missed the event, but recently took the time to catch up.
Here are three cybersecurity steps you should take now.
1. Get a password manager. This is a do-as-I-say moment. While I’ve known for some time that I need to do this, I’ve put off the task of setting this up and inputting all my existing passwords. In the meantime, I keep signing up for new services and creating more un-remember-able passwords. If I’m still in the same position in a couple of weeks, feel free to scream at me, smack me (metaphorically), or refuse to buy me a beer at the ballpark.
2. Invest in a virtual private network. I knew VPNs were encrypted channels, but I naively thought they were something complicated that you had to set up yourself. Umm… no. It turns out you purchase access to a VPN, and it does two key things:
- sets up a proxy IP address (think of this as making your device harder to track)
- encrypts data from your device to/from its end destination
You want this, especially if you frequently log onto public wifi (think Starbucks, airports). Jamie Winterton said that she has used both PrivateInternetAccess and Witopia. I purchased a one-year PIA subscription and immediately installed it on my mobile and my desktop. (Laptop is next.) There are lots of VPNs available, so do your research. (Yes, I read this review before I clicked purchase.)
3. Encrypt your messages. Encrypted messaging has become top-of-mind in the era of whistle blowers and investigative journalism. But encrypted apps have been around for a while. Signal is one of the best. As long as both parties to the conversation are using the app you have end-to-end encryption. While I’ve known about the app for some time, I didn’t realize there’s a Signal Chrome extension so you can send encrypted messages right from your desktop. Forget cloak and dagger, I can see the business value here.
Want more tips on online safety? Then check out the Do It Yourself Online Guide. I’ve skimmed the starter pack, but haven’t had a chance to dig in yet. There’s also an advanced guide.
What’s your number 1 tip for staying safe and secure online?
Three by Stew Dean (Flickr).