5 (More) Tips for Online Safety this Holiday Season
Tip #6 Back up your data
It’s very easy to fall into thinking that hardware failure, or a possible ransomware attack, couldn’t happen to you. What would happen if your phone and computer were caught in a fire? Would you still have access to your pictures? How much work would you lose?
Nobody wants to be left without precious family memories or critical work documents. The best time to implement a backup strategy is before you need it.
What can you do?
Having three copies of backup data that is stored on three different storage mediums (e.g., hard drive, flash drive and cloud storage) is a robust plan for maintaining your backups.
Cell phones and tablets house many irreplaceable items like photos. Android and Apple iOS devices have built-in apps that can automatically store your data to the cloud for you.
Encrypt your backups to ensure only you have access to your confidential information.
PRO-TIP: Keep all of your important files on a cloud drive, and periodically (once a week or so) make a copy of that folder and put it on an external drive. This makes it easy to keep track of stuff, and easy to create backups. Make sure to test your ability to download your content as well to ensure that you can successfully obtain your backed-up content before it’s too late!
Tip #7 Mobile app payments
Mobile phone apps like Apple Pay, Google Pay, Venmo and Samsung Pay are designed to help you stop carrying around all of your payment and loyalty cards, as well as making it quick and easy to send money to friends and family. Before using these apps, you should get to know the technology.
Card information storage
The primary concern is the storage of your payment card information. Visa Checkout, Venmo and MasterCard Contactless all store actual card information on your phone within the apps.
There is a way to avoid inevitable vulnerabilities: Manipulate the payment information when in the app. Many banks offer the ability to create a “Virtual Payment Card.” This allows you to generate a temporary account number for an individual purchase or period of time, and it greatly reduces the risk of your actual credit card number being compromised.
Keep transactions private
Venmo includes a unique feature in that it allows you to see transactions that occur between your contacts, and even your contacts’ transactions with those not in your contact list. This can be a major privacy concern. Fortunately, in the Account Settings on Venmo, you can set all of your transactions to be private.
Beware of scams
Scams with services like Venmo are quite common. Similar to the cashier’s check scams of the past, scammers can take advantage of the amount of time that it takes a payment to process on Venmo when purchasing something from you.
Venmo does not offer assistance in cases like this, so it is best to limit your transactions to only individuals whom you trust. Also, make sure the person is who you think they are. You wouldn’t want to send money to a stranger thanks to a typo.
PRO-TIP: Keep a close eye on your accounts if you use any of these services. While they are largely secure, it’s better to find out sooner than later if there has been a breach.
Tip #8 Make sure your virus and malware protection is current
We all know about malware. Or is it ransomware? A virus? A Trojan? Regardless of what you call it, malware is still one of the most popular tools of attack, to the extent that there are tens of millions of new pieces of malware each year. Malware can be transmitted to a computer from file downloads, email attachments, USB thumb drives and other removable media — maybe even some websites.
What can you do?
Install antivirus software. Use a product that is going to address all types of malware.
Choose a reputable antivirus manufacturer.
Also, beware the virus protection software that miraculously appears on your computer. If you didn’t install it, there is a chance it is not from a trustworthy source.
Any time you use USB thumb drives (or other removable media), run a full scan on it. Be sure this is the first thing you do after connecting it to your system.
All email attachments should be scanned before they are opened.
PRO-TIP: Make sure your antivirus software is up to date. If it isn’t, you might as well not even have it. Enable automatic updates, period.
Tip #9 Use a strong Wi-Fi password
Have you ever looked at your smartphone and noticed that it’s connected to your home wireless network, even though you are half a block away from your house? The signal that is used to connect you from your home wireless network often extends past your four walls.
“But my password keeps my neighbors off my internet, right?” This isn’t always the case. Often an attacker can be one or more blocks away from your house and use techniques to get your wireless key.
Many routers or access points by default have weak or no security enabled for the Wi-Fi connection and a weak password for the device’s management interface. These need to be changed from their defaults to more secure Wi-Fi settings and longer, more complex passwords. Your network’s Wi-Fi connection is a potential entry point for attackers.
What can you do?
When configuring the settings for the Wi-Fi network, use:
A network name that does not identify you or your network personally.
A strong Wi-Fi password or passphrase.
Use WPA2 encryption at a minimum.
Change the device’s management password to something other than the password/passphrase used for the Wi-Fi network.
Some routers provide a “guest” network that is separate from your personal network. Connect devices that should not need to share information with your computer. This is a great option for cell phones, internet-enabled cameras, etc., in addition to visitors.
If you’re uncomfortable configuring your Wi-Fi device, get help from someone knowledgeable.
PRO-TIP: Many modern Wi-Fi routers/devices are very powerful and broadcast a signal far outside your space. Some have settings that can “turn down” the power of the radio. This will limit the ability for those outside your space to detect and access your connection.
Tip #10 Don’t mix business and personal
Just like individuals, organizations are creating a strong presence online. Whether it is Facebook, LinkedIn, Amazon, eBay or other online service, businesses are leveraging a lot of the same services that individuals use. For privacy, the demarcation between your individual privacy versus company rights is blurred when accounts are co-mingled.
You should clearly identify those sites, services and applications that are for personal use versus business use. When services are used both personally and professionally, establish two separate accounts (e.g., create a second Facebook account for business purposes).
What can you do?
Shopping services: Never use your employer’s email account for shopping services like Amazon or eBay unless you are purchasing items on behalf of your employer. Using your employer’s email address for personal purchases may compromise your privacy, as your employer may monitor and review your business email.
Social media: When it comes to socially engaging online with coworkers, think carefully before you invite all your coworkers to be your friends online. Consider exactly what information you want to share with them versus what you want to keep private. Your activity may also be subject to monitoring by your employer.
LinkedIn: LinkedIn is a special case in that the purpose of LinkedIn is to foster business/professional connections. The primary email address attached to your LinkedIn member account should be a personal account that you will always have access to. You can attach an employer email address as a secondary address, as LinkedIn uses them to match you with contact details uploaded by other members.
PRO-TIP: When faced with the choice of combining personal and business accounts for social, shopping or any other reasons, err on the side of caution and privacy, draw a clear line and keep them separate.
Source: 30 Tips in 30 Days, Wipfli