Thursday, October 6, 2016

LJ3 Online Safety and Internet Security


In this module we took an in-depth look at Internet risks and safeguards. This module really educated me on the importance of protecting my personal information. This module was both unsettling and empowering. I have compiled a list of Internet Security tips below. I acted on several of them upon learning of them. I also spoke with my family about them so that we could all be educated users who know how to protect our information and machines.

As a result of this module, I:

  • Updated my devices. I used to update only when it was unavoidable because I didn't like the changes that updates often brought to the interfaces that I was comfortable with. Now that I understand what a security hole is and that updates are mostly security patches and fixes for them, I am eager to update and concerned about having out of date, vulnerable devices.
  • Changed the defaults affiliated with my Internet router. I personalized the information and removed the factory default settings.
  • Began using credit rather than debit to make transactions. The level of protection in using credit over debit is so much greater.
  • Cleared the cookies in my browsers to remove form data that had been saved.
  • Password protected my personal computer. I never thought to do so because I don't carry my computer around and it is only used by me. However, it is now password protected.
  • Am very critical of incoming email messages requesting information and extremely wary of links and attachments. Before, I paid spam and phishing no mind. Now that I understand their aims, I am less complacent about what I allow in my email.
  • No longer use public Wi-Fi for mobile banking. I use my data instead.
  • Am ever searching for the HTTPS protocol that tells me that the website that I am visiting is secure.
  • I learned how to use my default image editor to remove identifying content.

Those are only some of the changes that I have made. Others are in the process. Below I have listed tips for online safety and Internet security.

Personal Information

Image credits to www.cbwc.ca

 We are to treat our personal information "like cash". It’s just as valuable if not more. -FTC
  • Know what your online accounts are doing with your personal information 
    • Read the privacy statements. We can’t just click “agree” and in many instances, it wouldn’t be wise to. I found the act of seeking out a company’s privacy policy to be empowering because I felt more in control of the distribution of my information.
  • Blur data in photos using paint or a default image editor
    • Be alert and check your photos for identifying information such as license plate numbers, house numbers and street signs. 
    • All of these small bits of information can paint a picture of who you are, where you live and where you are at a given time. 
  • Before forwarding an email:
    • Note the contact list and protect the other recipients’ contact information by using BCC.
    • Also delete identifying information in headers and signatures. This is both a courtesy and a form of privacy protection.
  • Ask permission before tagging someone on a social network. They may not want their locations or affiliations broadcasted to the Facebook community.
  • Choose better usernames. Avoid using birthdate numbers since they reveal demographic information. 
    • I.e JenniferO1290 may reveal a female born in December in her mid twenties. Consider what information can be extracted from your username while creating one.
  • In addition to physical measures, password protect your devices
  • Change the router’s pre-set passwords and default name – these defaults can be found printed on the bottom of your router along with the instructions for changing them. 
    • Hackers recognize and know these default passwords. Be more intentional about protecting your WiFi by personalizing your login information.
  • Disable broadcast SSID on your router. The SSID or "Service Set Identifier" is the name of your wifi connection. If you disable the broadcast, you're connection is no longer visible to the public. 
    • The caveat though is that it is also not visible to you and you must manually type in the name of your Wi-Fi connection when you want to connect
  • Secure your wireless network by limiting access to it. 
    • Allow only certain MAC addresses to connect to your wifi (i.e the computer addresses of you and your family members or roommates)
  • Update your router consistently. Updates often contain security patches that prevent unauthorized users from accessing your device. Avoid using a router with outdated security software

Safe Web Browsing

Image credits to lect.org.uk
  • Use add-ons and plugins that force browsers to use encryption.
  • When logging into a website with a public computer, uncheck “stay signed in” and choose “never” when prompted to choose if you want your password to be stored in the computer for the ease of future logins.
  • When using a public computer or browsing on public Wi-Fi, always use Private browsing so that all cookies, passwords and other identifying information is not saved.
  • Always log out of everything when you are finished.
  • If you are leaving a public machine and have forgotten to enable private browsing, stop and delete the trail of information you left behind. 
    • This means going into your internet settings and deleting download history, tracking data, form entries and your cache. Leave no traces of what you’ve done after leaving.
  • Be aware of online quizzes that ask questions that sound like standard security questions. i.e- what was the color of your first car? This information is made publicly accessible through these quizzes.
  • When browsing the Internet, the most secure sites will likely have a Secure Socket layer. 
    • This layer appears as an "S" after http. When you see HTTPS and a small padlock icon, you can be reasonably certain that you are visiting a reputable web address.
image credit google.com
  • Customize your internet browser settings. Don’t just use the default. Enable options such as “block third party cookies,” and “disable pop-ups.”
  • When you're unsure about the credibility of software that you’re considering downloading, search for its EULA or End User License Agreement. 
    • If you cannot find it on the developer website - forego the download.

Tips for using Public WiFi

  • Consider using a VPN (virtual private network). VPNs encrypt traffic between your computer and the internet even if the website you are browsing is unsecured. You can acquire a VPN from a VPN service provider.
  • When connecting to a Wi-Fi hotspot, search for one with a WPA2 encryption. It is the strongest wifi encryption for data protection.
  • When using public Wi-Fi, turn off public sharing so that the files on your computer aren’t discoverable by other computers.
  • Avoid auto-connecting to Wi-Fi. Turn this setting off and manually choose the most secure wifi connection available to you.
  • Confirm the free Wi-Fi network name with the establishment that you are in. This will prevent you from connecting to an unsecured dupe connection created by someone who is banking on your assumption that there won't be unsecured dupes waiting to collect your data.
  • Don’t use certain types of mobile apps on public Wi-Fi
    • For sensitive transactions like banking, taxes or shopping with a credit card, use your data instead. 
    • Also be wary of logging into sites with public Wi-Fi. If you have to make a sensitive transaction or log in to a website, go to the actual company site rather than the mobile app. The site is likely to have a Secure Socket Layer.

Malware



  • Often times downloads will include additional software such as an additional search engine or something more. 
    • When downloading a file, look carefully at what boxes are checked for download. Make sure that you are not downloading additional software.
  • Some websites have banners that look like download buttons but they're links to other software. 
    • Be sure that you are clicking on the actual download button and not a banner that leads to another website.

Phishing

  • When you receive a suspicious message from someone you trust concerning an event or offer, do not click on any links. Instead,  check the story on  Snopes.com
    • Snopes is a website that keeps track of e-rumors, email forwards and questionable stories. It verifies or debunks the stories.
  • Turn off email preview feature in your mail settings. 
    • Sometimes, previewing a phishing or spam message is enough to launch any executable file within the message.
  • Check attachment extensions in files found in suspicious messages. 
    • The following three are dangerous to click on since they give your computer instructions to carry out: ".bat", ".cmd", and ".exe".
  • Don’t click short URLS in messages. Instead, type them into checkshorturl.com to find where they lead.
  • When you receive an email from a company or agency asking you to verify your information or change your account information, do not respond to the email. 
    • Check with the actual company via a phone call from a statement or official correspondence or through their official website. 
    • Never respond to an email asking for sensitive information.
  • Don't just Delete and block spam. Consider reporting any messages you receive to  spam@uce.gov and the company that the spammer or phisher was trying to imitate.
  • Look closely over messages for typos or suspicious URLs.
    •  and hover over links to view domain names. Check the sending address to see if it looks credible.

Online Tracking          



  • If you find that the ads that show up in your browser are a little too close for comfort, you can go to google.com/ads/preferences and set your preferences to opt out of interest-based ads.
  • Most browsers have privacy settings that allow you to request that websites not track you. You can turn that request on. 
  • Searching in private mode keeps your Internet activity private from most.
  • Periodically clean out the cookies in your computer to clear personalized settings and saved information
  • Regularly review privacy settings on all social media networks. Look over what kind of data you are sharing

Passwords

  • The longer, the better. Add special characters, different cases and numbers for a strong password. 
    • A strong password may take a brute force attack years to crack while a weak one may take only milliseconds to guess. 
    • Use Howsecureismypassword.net to see how your password would fare under a brute force attack.
  • Use 2factor authentication rather than just a single password.

Mobile Device/Smart Phone Security

  • Update apps regularly in order to have the most up to date software running. Out of date software is not as secure.
  • Set sharing settings on your phone and apps. Take an active role in deciding what is shared and what is not shared.
  • Do research on the apps before you download them.
    • Check for contact info by the developer, if you cannot find any – forgo the download.
  • Apps can access contacts, call logs, calendar, locationand usage info, so read the permissions to see what the app has access to and what it is doing with your personal information.
  • Turn off location services when not needed

Laptop/Computer security

  • Take some physical measures to protect your private information
  • Never leave your device unattended in a public space, if you must, then consider using a security cable lock to keep your device anchored. 
  • Use non-laptop bag when traveling. 
    • A laptop bag is obvious and may be an easier target than say a laptop placed inside of a tote or backpack.
  • Don’t store passwords in your laptop, instead use a password management program such as lastpass.com/ or agilebits.com/onepassword 
  • Update your operating system regularly
  • Install privacy software
  • Don’t download non-industry standard plugins or software. They may come with additional software from less than reputable sources.

File sharing on Peer-to-Peer Networks

  • Set limits on what you files are sharing.
  • Use credible P2P networks from reputable companies.

Online Shopping

  • Review bank statements regularly for any unaccounted for activity.
  • Understand that you are responsible for all charges made with your shopping app and that there is no legal limit on your liability with money stored in a shopping app.
  • Use a credit card rather than a debit card. The liability and protection services are better. I use the credit feature on my bank card.
  • If you notice that your amazon recommendations are too close to home or personal or even unrelated, click “Why recommended > Don’t use for recommendations. Now that item won’t influence your recommendations.
                                                                  image credit amazon.com
  • Only share credit card information with a website that is secure. Look for the padlock and the https.

Other 

  • For a location based service like foursquare – check in as you’re leaving rather than as you're entering the establishment.
  • When creating an online account take note of opt-in /opt-out options for emails in order to keep your account from being flooded with offers from companies you may not even be familiar with.
  • Unroll.me is a service that helps with unsubscribing from lists and keeps your inbox clutter free.
    image credit unrollme.zendesk.com


 The resources that I used are lynda.com, Atomic learning, The Federal Trade Commission website.

 As for my participation in this module, I watched nearly every single video and opened nearly every recommended link. I found this topic very interesting and valuable.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)