Staying Safe Online

This is part four in my many part series on IT Security In Libraries. In Part Three I covered passwords. In part 2 we talked privacy. In Part One I tried to lay the foundation for security.

Today’s post is a big bunch of tips (in convenient list form) on how to keep yourself safe while surfing the web. A bundle of easy practical tips you can take anywhere to make your computers safer. This is a pretty long list that can be boiled down to three important bullet points:

  • Keep everything patched and updated
  • Never trust anything
  • Use good passwords


On your computer:

Keep that OS patched and updated. Related: Don’t use Windows XP
Disable hidden filename extensions
Make sure ALL those programs are updated. Especially don’t miss anything made by Adobe (e.g. Flash & Acrobat)
Never install things you’re not sure are safe. Especially don’t trust anything from Torrents or P2P sites. Avoid downloading programs from unknown sources
If you’re not using something, just remove it. Every program installed on your computer opens a potential new hole.
Make sure your firewall is turned on
Make sure file sharing is turned off
Use a reputable virus & malware protection software program, keep it up to date and run it often
Make sure that the Macro Virus Protection feature is enabled in all Microsoft applications
Never trust any links, attachments, short links, or anything else from anywhere or anyone unless you are SURE what’s inside
Have a recovery plan – Is your stuff backed up?
If it’s a laptop, use something like Prey Project
Advanced: Consider changing up your hosts file and/or using something like OPEN DNS.

Your Wi-Fi At Home:

Make sure you set a good password and use WPA or WPA2
Be sure to change the default Administrator Passwords (and Usernames)
Change the Default SSID and also disable SSID Broadcast
Turn off DHCP and set a fixed IP address range instead
Use MAC Address Filtering
When you’re not using it, just turn it off
Be sure to keep the firmware upgraded
Change your passwords every so often

Your Email:

Never open email attachments unless you know for sure what that file contains
Never click a link unless you know for sure where it leads is safe
Check your mail filters and forwards for things you didn’t add
Use good passwords
Sign out when you’re done
Use two factor authentication when possible (e.g. Google Authenticator for Gmail)
Be sure to use https when on public Wi-Fi
Consider using 2 separate email accounts to keep important things separate from everyday stuff
Watch out for short links, it’s hard to know where they’ll lead you

Your Browser:

Keep your browsers updated to the latest secure releases
Keep ALL Plugins updated to the latest secure releases, especially anything from Adobe
Don’t install things from sources you don’t trust
Block cookies, flash, and JavaScript (use with caution, will cause you trouble)
Use a password manager to store all your many passwords
Watch out for short links
A Few Recommended Plugins:

Your Social Media Stuff

Double check your apps. Make sure you know which applications have access to your profiles
Use two factor authentication when possible
Read the Facebook’s Guides in the Safety Center
Monitor and adjust your privacy & security settings
Use good passwords
Get more selective about sending and accepting friend requests. Don’t friend everyone.
Show “limited friends” a cut-down version of your profile
Facebook, Twitter and Gmail all offer help if you do in fact lose your accounts.

What about if you’re traveling?

Don’t do online banking or other financial transactions while away from home
Do not set your phone to automatically join any unlocked hotspot
Consider public computers in hotels and elsewhere dangerous
If you leave a laptop or other device in your hotel room, lock them up
Don’t post travel photos and writings on social network sites until you get home

What do you do AFTER you learned you’ve been hacked?

Change Your Passwords
Take that computer/server offline
Take as much time as you can to figure out what happened
Was it a password? Old program that had a hole in it?
If you can’t figure it out, you should probably format everything. Chances are good you can’t just patch things and keep on going. You may miss a backdoor or another open door, and the bad guys will still be around. Hopefully you had all the important stuff backed up and can start over from scratch.

Firesheep

Last but not least… make sure you’re familiar with something called Firesheep. I touched on this already in my post on privacy. It’s important for you to know just how easy it is for anyone to login as you on common sites you might be using every day. This is the number one reason you should never use an unsecured Wi-Fi connection when you’re out at someplace like Starbucks or Panera Bread, or anywhere else someone might be listening in. Firesheep makes it trivial for anyone to take over your online social life. It’s a simple little extension for Firefox that allows someone to grab your login to just about any website you’re using on your computer. See Also: Faceniff for Android mobile phones