For those persons who are not IT experts, it can be difficult to make security on your computer or smartphone that are effective and restrictive but at the same time flexible enough so you are not compromised in your daily life and reduce production. This is always a balance, and let’s state right away that we cannot make 100% secure systems (apart from when you unplug it from the Internet), but with a few simple measures we can go a long way to a reasonably secure use.
What is needed for easy IT Security in everyday life?
If you take these measures and workflows, you are well on your way:
1) Enable Firewall (both on router and IoT gadget) so it blocks all ingress connections.
2) Use Antivirus software.
3) Use ransomware/malware protection (aka endpoint security).
4) Update your software automatically and preferably daily.
5) Have secure passwords/phrases:
- Have good password hygiene (delete all open nonencrypted lists)
- Use 3 random words as long password (with few numbers and characters) (good)
- Use an encrypted password manager (better)
- Use PIN codes where possible (much better)
- Biometrics where possible (best)
- Use Two-factor authentication 2FA authentication (and make it best)
- Use FIDO2 / USB-NFC physical keys if possible (best of the best)
6) Use VPN (Virtual Private Network) for (unsecured) internet access outside the house
7) Safely surf the web waves with enhanced browser like Mozilla Firefox
- Use Secure DNS lookups and restrictive cookies.
8) Make backup with backup on
- use the 3-2-1 SOLUTION
9) Enable automatic time lock on your screen saver
10) Use your common sense
This is an extract in headers, and can easily be entered on any PC, server or smartphone that is on the Internet. Most of it is already built into your software (of newer models) and mostly just needs to be turned on and activated.
I will dive into the individual elements in future posts, so that you are in a balance between flexibility, security and economy can get about 80-90% along the way without it becoming difficult and expensive to be good on the internet.
Other quick wins for IT security
- Encrypt your hard disk, files, partitions, SD card (but secure backup first).
- Turn off Bluetooth and WiFi if possible.
- If you use WiFi, use strongly encrypted blinding (password 12345admin is not strongly encrypted).
- Use wired connections for everything where possible, even your earbuds.
- Delete apps like TikTok, Instagram, Snapchat, Telegram and other unsafe ones.
- Only download apps from Google Store, Microsoft Store, Apple Shop, Linux packages. (These are virus scanned).
- Turn off location services on everything.
- Buy an additional (perhaps wireless) router and turn on the firewall on this, even if you use a mobile modem.
On the inside you have your PCs, NAS, file server and data. On the outside of this, all IoT GADGETS include your smart TV, your TV set-top box, game consoles, gaming computers, internet printer, mail server, web server, and other insecure devices. On the router from your Internet Provider, switch off WiFi, if possible, or move the frequencies far apart.
Internet <=// ISP Router <=// Your Routers
Harmful // Hardly Harmful // Secure Net
You can also do this if you are often on the move, e.g. a small Mikrotik hAP.
References, best practice with summaries and studies from:
The National Cyber Security Centre, UK (https://www.ncsc.gov.uk/)
The Fast IDentity Online Alliance (FIDO) (https://fidoalliance.org)
Microsoft Security (https://www.microsoft.com/security)
Google Safety (https://safety.google/)
Apple Security (https://support.apple.com/en-ca/guide/security/welcome/web)
Debian (https://www.debian.org)
Norton (https://www.norton.com)
AVG (https://www.avg.com)
Comodo Security (https://www.comodo.com)
Gibson Research Corporation (https://www.grc.com)
Samsung Smartphone Security (https://www.samsung.com/security/)
and other. In addition, once hands-on 🙂
