As more and more of your data is stored
digitally on computers and servers all over the world, the more
important it is to keep as much of that data locked down. Hackers are
stealing credit card numbers
and bank account numbers on a daily basis and stealing someone’s
identity is about as easy as learning how to drive. For some data, there
isn’t much you can do.
For example, if your bank’s servers get hacked, there’s not much you
can do if they get your account numbers and withdraw money. Luckily, if
someone like that happens with a big company, they’ll take the hit and
you won’t lose any of your own money.
For data that you have stored locally on your computer or on an
external device, it’s important to make sure that you either don’t store
anything sensitive on it or if you do, then to make sure it’s well
protected. In this article, I’ll go through five steps you can take to
help better protect yourself and your data from hackers and scammers.
Step 1 – Encrypt Your Data
You hear about encryption every day, but it seems that no one really
does it. I have asked all my friends about encryption and not a single
one has actually encrypted
the data on their computers or external hard drives. And these are
people who do practically everything online from paying taxes to
ordering food to reading the newspaper. The single most important thing
you can do is encrypt your data. It’s not a very hard process on Windows or Mac and once you do it the first time, you really don’t have to do anything again.
Here’s an article I wrote back in 2007 that still applies today. It’s about how to encrypt your hard drive using a program called TrueCrypt, which is free and still one of the most popular programs for encrypting data. What about encrypting a flash drive? I’ve written about that too, 3 years ago! You can also use TrueCrypt to encrypt a flash drive or external storage device.
Encrypting your data ensures that if someone were to get a hold of
your computer or external drive, they would not be able to simply plug
it in and view all your files. Without knowing your password to log into
the system, they could not access any of the data stored on the drive.
Which brings me to the second point.
Step 2 – Use Strong Passwords
Of course, encryption won’t be worth anything if someone can simply
turn on your computer and brute-force attack the login until they get
the correct password. Using a strong password that is long and that is a
combination of numbers, symbols and letters makes it really hard for
someone to crack that password using a brute force
attack. Of course, there are other ways to bypass passwords altogether,
but there are things you can do to get around that problem, which I’ll
write about later.
I’ve previously written about 4 free online tools you can use to generate strong passwords. Also, read my 5 tips for creating strong passwords.
A lot of people tell me that they don’t use such strong passwords
because they can never remember them and then they end up having to
reset it over and over again. I agree, that’s a problem. That’s why I
use LastPass, which is an online and
offline password manager that is super secure. You can store the
passwords for all your websites and accounts and access them from your
smartphone or computer easily.
Step 3 – Two Factor Authentication
So there is one problem with encryption and strong passwords and that
is that they can still be hacked if someone can sniff out your password
while it’s being sent across the Internet. For example, let’s say
you’re at a coffee shop and connected to the wireless network there,
which is probably insecure. If you log into a website that is not using
SSL (https in the address bar), a hacker could sniff your password while it’s being sent across the Wifi network.
So how do you protect yourself there? Well firstly, you never do
anything sensitive while on a insecure wireless network or public Wifi
network. It’s just too risky. Secondly, you can use two factor authentication. This basically means that you need a password and another piece of information to log into the website or service.
Google has 2 step verification
that is simply awesome. It basically makes your entire Google account
hack-proof. Why? Well, even if someone gets your super strong Google
password, they won’t be able to access anything until they can also get
the 6-digit code that is generated every 30 seconds and that you can
only see on your smartphone. Essentially, they would have to get your
password and your phone and then they would be able to login. That
reduces your chances of being hacked by a huge factor.
But what’s great is that there are lots of sites that use two-factor
authentication. For example, the LastPass site I mentioned above works
with Google Authenticator
and therefore you don’t have to worry about all your passwords being
protected by a single password. It’ll now be a password and code that
only you have access to.
And check out Facebook Login Approvals.
In order to login from a new device, Facebook will first send you a
code to your phone and you have to enter that along with your password.
Now your Facebook account can’t be hacked either.
And there’s more! Use Paypal? Well they have something called Paypal Security Key.
Same concept, send you a text message with a code that you can use to
login. What about a WordPress blog? Well, you can use the Google Authenticator plugin to secure your websites from hackers.
Two factor authentication is simply unbeatable in terms of how easy it is to setup, yet how much more secure your data becomes. Check your favorite sites to see if they support two factor authentication.
Step 4 – Secure Your Network
The other major aspect of security you want to take into account is
the network you are using for communication with the outside world. Is
your home wireless network secure? Is it using WEP or WPA or WPA2? Are
you regularly using insecure networks at hotels, airports, coffee shops?
The first thing you want to do is lock down your wireless network since that is probably where most of your computer activity takes place. You want to enable security and choose the highest possible security. Check out my article on which WiFi encryption protocol is best.
There are also a lot of other things you can do, such as:
- Disabling SSID Broadcast
- Enabling MAC Address Filteirng
- Enabling AP Isolation
You can read up online about these other types of security. The
second thing you want to do (actually maybe the first) is change the
username and password used to access your wireless router. So it’s great
if you setup WPA2 with AES, but if someone just types in the IP address
of your router and can login using the default username
and password for the router (which can be found on the Internet in
seconds), then they can actually change everything and lock you our of
your own router!
Luckily, you can always reset your router and gain access, but it’s
still very risky because someone can log into your router and then
access everything else that is connected to your network. Logging into
the router is nice because it can tell you all the clients connected to
the router and their IP addresses.
It’s never a good idea to buy a new wireless router, bring it home and
just connect it up without setting up the security on it first.
Lastly, it’s definitely necessary to enable the firewall on your
router and your computers. This will prevent applications from
communicating on certain ports on your computer.
Step 5 – Antivirus Software
Again, you can do steps 1 thru 4, but it can all be useless if a
virus or malware gets installed on your computer and someone can
remotely control it or remotely transfer data from your computer to
their servers. Antivirus is essential today and also good browsing
habits.
I personally recommend Microsoft Security Essentials for Windows
as it’s free and does a very good job of detecting viruses and malware.
If you suspect you already have something, read my previous post on removing malware and spyware.
Implementing these five practices will greatly reduce your chances of
being hacked and your data being stolen. There are still ways for
hackers to get around even the most secure networks
and encryption, but there’s no harm in making it really hard for them
to do. What are your thoughts? How do you protect your digital data?
Comments