Do these 3 essential security tasks for your family today

Filed Under: Featured, Malware, Security threats

If you're the most tech savvy person in your family the chances are you are regularly cast into the role of unofficial family technical support.

It doesn't matter how much or how little you know - as long as you are more technically competent than the rest of your family you've got a job for life.

You'll help their laptops find printers, dig out files that have disappeared inexplicably, tell them why the internet doesn't work ("...it was working yesterday!"), and clean up viruses.

And that, in our modern and interconnected world, makes you part of the cyber security front line.

Every so often, we like to go back to basics and review the simple but important things that all of us who act as our family's unofficial technical support and cyber-defence team can do to make things harder for the bad guys. So here goes:

1. Check computers for zombies and other malware

Most people seem to be using anti-virus software these days but the software is only as good as its most recent update.

If your family members have subscriptions that have expired, if they haven't done a baseline check lately, or if they're Mac, tablet or smartphone users and think they aren't vulnerable, get them a reputable product, bring it up to date and do a check for zombies and other malware today.

(Sophos offers free anti-virus software for Macs, as well as for Android.)

2. Enable WPA or WPA2 on home WiFi

If anyone in your family is using unsecured home WiFi or has secured their WiFi with WEP encryption, take two minutes to switch them to WPA or WPA2 today.

If you think you have already set up WPA for them, go and check they haven't done a factory reset or anything that might have undone your work.

But, before that, watch our video Busting Wireless Security Myths so you can see if anyone is engaged in any WiFi security that's, well, mythical.

3. Set different passwords for every website

Make sure your family members are using different, strong, passwords for each website they log into. Thieves will often try stolen passwords on a range of popular websites because they know that people reuse them.

Help your family choose strong passwords that are at least twelve characters long and made up of a mixture of letters, numbers and special characters. If they have trouble remembering passwords then consider a password manager like LastPass or KeePass.

Of course, security doesn't end with our three essentials, so let's finish with a fourth...

4. Follow Naked Security

Stay up to date with latest computer security news, opinion, advice and research by signing up to our daily newsletter, grabbing our RSS feed or following us on Facebook and Twitter.

Image of road sign courtesy of Shutterstock.

, , ,

You might like

17 Responses to Do these 3 essential security tasks for your family today

  1. When securing their wifi with WPA or WPA2, take that extra 2 minutes to turn off WPS. If that is left on, you might as well have left them with WEP.

  2. Adam · 394 days ago

    Ensure their browser, Java, Flash, and Adobe Reader are all up to date - and configured to update auotmatically.

  3. J C · 394 days ago

    That's 4 things.

  4. Unixwolf · 373 days ago

    I don't even know any of my important web passwords. I use Keepass, and it creates secure passwords that I don't even see. (I can if I want too). Its Autotype feature gives me "1 click" logins to most sites.

    I also change them regularly. I have a relatively inactive account with an overseas bank. I fairly regularly get emails telling me the to phone them because my account has been locked because of multiple login failures. I suspect the attacker(s) is/are employees of the bank. Fraudulent bank employees usually attack inactive accounts.

    • I also use KeePass and also don't know most of my passwords - very safe!

      But your experience with your bank is appalling Unixwolf!

      Does the bank concerned have known "issues" with security? Have the offered to check up internally? When I worked on bank sodtware every action was recorded against the users login, their terminal/computer Id, time and date along with security level at the time etc. They should know exactly where the login failure came from if they can be bothered to look

  5. John · 366 days ago

    Standard WPA-TKIP isn't really considered secure and can be compromised in a matter of minutes using backtrack, if a weak or short passphrase is being used.
    Unless you are using old equipment which doesn't support newer encryption, it is advisable to switch to the most secure WPA2-AES encryption.

    • Paul Ducklin · 366 days ago

      A weak passphrase will get you in trouble for most login purposes. Choose a decent one :-)

      • helper · 352 days ago

        Paul, The KeePass link in the story under item #3 is broken

  6. Joe · 365 days ago

    The common advice to have a different password for each web site seems overkill. I have a unique password for each site where I care if someone impersonates me (banks, social media, etc.) but not for those many sites that really shouldn't be using passwords at all. Those sites use login just for marketing tracking, and I really don't care if someone logs in as me and browses their catalog. So my policy is: If it's possible to spend money, post as me, or obtain historical information about me, the password is unique. Otherwise, it's a throwaway login and one of a few common ones is used.

    All passwords are written down and kept secure off line to guard against technical failures, of which I've seen many over the years ranging from crashes to backup failures to "upgrades" incompatible with existing password software.

  7. Lori S. · 365 days ago

    For Mac users, the new Mac OS, Mavericks, seems to have most the features of other password protection software. You can store passwords and credit card info. It even syncs between Macs and iOS devices. Anyone know if there is a reason to not go with the Mavericks built-in password protection?

    • iiiears · 268 days ago

      Password security and software homogeneity.

      Congratulations! Maverick is the most secure and many users have not upgraded. Why anyone would refuse a more secure and FREE upgrade is surprising.
      Businesses are less likely than consumers to upgrade their Macs. I guess backwards compatibility issues and previously purchased software are the likely reasons.

      Having your computer be exaclty like millions of others makes things easier for blackhats to exploit. Nothing shown to be wrong with Apple's password manager. Apple are among the best programmers on the planet, but being just a little "different" can have advantages.

      "Learn to code and prefer software that provides source code."

  8. Local Lamer · 361 days ago

    5.) always surf and work as user GUEST with no privs?
    Geeze, that would make the antivirus people unemployed...... :D

  9. Mike Diack · 336 days ago

    Particularly if running on XP - ensure that all users are running as limited users. Encourage them to just use the dedicated admin account when they need to change settings/install/uninstall.

    If running Vista and later, keep UAC ON, and for 7 and later, turn it up to its maximum level, NOT the default.

  10. Daedalus · 127 days ago

    "(Sophos offers free anti-virus software for Macs, as well as for Android. No registration is required. We don't even ask for an email address.)"

    - Cool!

    *goes to download*

    "Please enter full name and e-mail address here."

    - wut?

    • Anna Brading · 127 days ago

      Ah. Thanks for pointing that out. This article was from last year and Sophos does now ask for name and email address. Can we send you a t-shirt to make up for it? Email us at socialmedia@sophos.com if you'd like one.

    • Paul Ducklin · 127 days ago

      To be fair, in this article we just call it "free" :-)

      However, I was not aware that the Home User download had changed. I'll report this to the web guys.

      I reckon a lot of Home Users are called "noone@example.com" :-)

  11. pete · 62 days ago

    ..And install a Aastro firewall/web filter/AV for the family ;)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Mark Stockley is the founder of independent web consultancy Compound Eye and he's interested in literally anything that makes websites better. Follow him on Twitter at @MarkStockley