Cybersecurity can be very complex, and to do it right at the corporate level requires hundreds of hours and hundreds of pages of completely boring charts. Fortunately, we can do it more simply but with the same process.

 

First, what is it that you want to protect? For most people, it’s making sure no one can access their online bank accounts or delete their pictures and documents. You can protect your online accounts by having great passwords. You protect your files and pictures by backing them up, and you protect the whole system by updating the software. These are the Big Three: passwords, backups, and updates.

 

Good Passwords

Having good passwords should be your first defense against cybersecurity threats.

Please do not use the same password on multiple sites or simple passwords like “Nevada68”. My articleon this website can show you how to use great passwords.

Even better than a great password is a great password and another way of identifying yourself. You may have experienced when a login sends you a text with a code that you had to enter. This is what’s called Two Factor Authentication because you entered a password, and you’ve shown that you’re in possession of your phone which is registered to you by the phone company. This is even better than only a password and is a great option for the most important sites like your online banking account.

 

Backups

You need to backup anything you wouldn’t mind deleting.

Ransomware is a real threat, and most ransomware programs will not return your data even if you pay the ransom. Backups need to be automatically or they don't get done often enough. They also should be performed to the cloud with software to prevent ransomware from infecting the backup data itself. I wrote an article specifically about home backups here.

 

Updates

Please let your Windows computer update when it wants to.

Windows updates contain security updates to fix bugs in your system. If you don’t update it, your computer is vulnerable to programs easily available online.

As a recent example on July 14, 2020, Windows patched a bug for it’s servers that allowed anyone, even without signing in with a password, to gain access to every password for that server’s entire business. More frightening is that the program to exploit this was released the same day. Every server was vulnerable until patched. Corporate users will many times have to delay patching because it can break their other operating programs, but as a home user, you don’t have any reason to not let it patch.

 

Other Extra Precautions:

If you have an automated cloud backup use long complex passwords, and update regularly, then I would say that you’re more secure than average for most home users. If the big three Passowrd, Backups, and Updates are the "four food groups," then you are ready for some dessert.

Use your home wifi guest network for your tv, Alexa, and phones.

Most wifi routers (The black box your internet provider left in your house) have the ability to provide a guest network. A guest network is like using the wifi at a coffee shop. It allows you to access the internet, but it doesn’t allow you to access anyone else also on the wifi at the coffee shop. Unless the device needs to print or talk to your home computer, it should be on the guest wifi so that it only has internet access (which is all it needs to work anyways).

This is important because every smart lightbulb, tv, and switch is a potential point of access for attackers. If these devices can’t talk to any other device, then the attack is stopped on only that initial device. It also allows you to freely share your guest wifi password with friends. Which is an awfully nice thing to do.

 

Set up an administrator and separate user account on your computer.

You have likely been using an administrator account the whole time you’ve been using windows. It allows you to make changes to the operating system and install programs. The user account, however, is prevented from making these changes, but can fully use any software and work with any of your normal files. This saves you from possible attacks because even if you click on a bad link, the malicious program won’t have the ability to install itself under your user account.

There are a few difficulties that arise from using two accounts on the computer. One is that all your files from the administrator account need to be copied to the new user account. Second is that any time you need to install or update, you will have to login to the administrator account.

 

Tuning and updating your home wifi router

This may be a little too technical for some people, feel free to skip it if it’s overwhelming. It requires accessing your home wifi router administration page though it’s web interface. I have written a full article hereto see you through.

Conclusion

I wanted to keep these recommendations to the least technical possible, because I think non-technical people deserve to be secure as well as the most technical of us. I think it’s prudent and possible for everyone to use a password manager and cloud backup. Some people may feel comfortable enough to establish administrator/user accounts and a wifi guest network. I hope you enjoyed my recommendations, but I think it’s time for me to stop before my fictional martini runs out.

 

Share this

Gary Weessies, CISSP

CyberSecurity Consultant