Sophos Cloud Optix
If you’re the most tech savvy person in your family the chances are you are regularly cast into the role of unofficial family technical support.
It doesn’t matter how much or how little you know – as long as you are more technically competent than the rest of your family you’ve got a job for life.
You’ll help their laptops find printers, dig out files that have disappeared inexplicably, tell them why the internet doesn’t work (“…it was working yesterday!”), and clean up viruses.
And that, in our modern and interconnected world, makes you part of the cyber security front line.
Every so often, we like to go back to basics and review the simple but important things that all of us who act as our family’s unofficial technical support and cyber-defence team can do to make things harder for the bad guys. So here goes:
1. Check computers for zombies and other malware
Most people seem to be using anti-virus software these days but the software is only as good as its most recent update.
If your family members have subscriptions that have expired, if they haven’t done a baseline check lately, or if they’re Mac, tablet or smartphone users and think they aren’t vulnerable, get them a reputable product, bring it up to date and do a check for zombies and other malware today.
(Sophos offers free anti-virus software for Macs, as well as for Android.)
2. Enable WPA or WPA2 on home WiFi
If anyone in your family is using unsecured home WiFi or has secured their WiFi with WEP encryption, take two minutes to switch them to WPA or WPA2 today.
If you think you have already set up WPA for them, go and check they haven’t done a factory reset or anything that might have undone your work.
But, before that, watch our video Busting Wireless Security Myths so you can see if anyone is engaged in any WiFi security that’s, well, mythical.
3. Set different passwords for every website
Make sure your family members are using different, strong, passwords for each website they log into. Thieves will often try stolen passwords on a range of popular websites because they know that people reuse them.
Help your family choose strong passwords that are at least twelve characters long and made up of a mixture of letters, numbers and special characters. If they have trouble remembering passwords then consider a password manager like LastPass or KeePass.
Of course, security doesn’t end with our three essentials, so let’s finish with a fourth…
4. Follow Naked Security
Stay up to date with latest computer security news, opinion, advice and research by signing up to our daily newsletter, grabbing our RSS feed or following us on Facebook and Twitter.
Image of road sign courtesy of Shutterstock.
When securing their wifi with WPA or WPA2, take that extra 2 minutes to turn off WPS. If that is left on, you might as well have left them with WEP.
Ensure their browser, Java, Flash, and Adobe Reader are all up to date – and configured to update auotmatically.
That's 4 things.
I don't even know any of my important web passwords. I use Keepass, and it creates secure passwords that I don't even see. (I can if I want too). Its Autotype feature gives me "1 click" logins to most sites.
I also change them regularly. I have a relatively inactive account with an overseas bank. I fairly regularly get emails telling me the to phone them because my account has been locked because of multiple login failures. I suspect the attacker(s) is/are employees of the bank. Fraudulent bank employees usually attack inactive accounts.
I also use KeePass and also don't know most of my passwords – very safe!
But your experience with your bank is appalling Unixwolf!
Does the bank concerned have known "issues" with security? Have the offered to check up internally? When I worked on bank sodtware every action was recorded against the users login, their terminal/computer Id, time and date along with security level at the time etc. They should know exactly where the login failure came from if they can be bothered to look
Standard WPA-TKIP isn't really considered secure and can be compromised in a matter of minutes using backtrack, if a weak or short passphrase is being used.
Unless you are using old equipment which doesn't support newer encryption, it is advisable to switch to the most secure WPA2-AES encryption.
A weak passphrase will get you in trouble for most login purposes. Choose a decent one 🙂
Paul, The KeePass link in the story under item #3 is broken
The common advice to have a different password for each web site seems overkill. I have a unique password for each site where I care if someone impersonates me (banks, social media, etc.) but not for those many sites that really shouldn't be using passwords at all. Those sites use login just for marketing tracking, and I really don't care if someone logs in as me and browses their catalog. So my policy is: If it's possible to spend money, post as me, or obtain historical information about me, the password is unique. Otherwise, it's a throwaway login and one of a few common ones is used.
All passwords are written down and kept secure off line to guard against technical failures, of which I've seen many over the years ranging from crashes to backup failures to "upgrades" incompatible with existing password software.
For Mac users, the new Mac OS, Mavericks, seems to have most the features of other password protection software. You can store passwords and credit card info. It even syncs between Macs and iOS devices. Anyone know if there is a reason to not go with the Mavericks built-in password protection?
Password security and software homogeneity.
Congratulations! Maverick is the most secure and many users have not upgraded. Why anyone would refuse a more secure and FREE upgrade is surprising.
Businesses are less likely than consumers to upgrade their Macs. I guess backwards compatibility issues and previously purchased software are the likely reasons.
Having your computer be exaclty like millions of others makes things easier for blackhats to exploit. Nothing shown to be wrong with Apple’s password manager. Apple are among the best programmers on the planet, but being just a little “different” can have advantages.
“Learn to code and prefer software that provides source code.”
5.) always surf and work as user GUEST with no privs?
Geeze, that would make the antivirus people unemployed…… 😀
Particularly if running on XP – ensure that all users are running as limited users. Encourage them to just use the dedicated admin account when they need to change settings/install/uninstall.
If running Vista and later, keep UAC ON, and for 7 and later, turn it up to its maximum level, NOT the default.
“(Sophos offers free anti-virus software for Macs, as well as for Android. No registration is required. We don’t even ask for an email address.)”
– Cool!
*goes to download*
“Please enter full name and e-mail address here.”
– wut?
Ah. Thanks for pointing that out. This article was from last year and Sophos does now ask for name and email address. Can we send you a t-shirt to make up for it? Email us at socialmedia@sophos.com if you’d like one.
To be fair, in this article we just call it “free” 🙂
However, I was not aware that the Home User download had changed. I’ll report this to the web guys.
I reckon a lot of Home Users are called “noone@example.com” 🙂
..And install a Aastro firewall/web filter/AV for the family 😉
Naked Security keep up the great work. Our technical world needs you more than ever. Happy Friday and National Donut Day.
Why no love for 1Password – I actually like it much better than LastPass, and much more powerful then KeePass.
Also – will Sophos have single client installs for Windows machines – for home use? ‘Free’ for mac, but no Windows? Been searching high and low for a Windows AV product, but prefer Sophos.
We do mention 1Password, at least in our ‘pick a proper password’ video:
https://nakedsecurity.sophos.com/2014/10/01/how-to-pick-a-proper-password/
As for Windows anti-virus for free at home, you can get it (for up to 12 users), but you will need Sophos UTM Home Edition (also free) to manage it, at least at the moment:
http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx