Security Tips for 2014
Based on the number of different types of attack over the previous year (2013). Pentura thought they would release a small list of possible actions and supporting programs/tools that can be used to secure your assets in 2014.
- Back-up your data. (OSX – Time Machine, Windows – Acronis Backup Software, Linux – many solutions)
- Don’t use public WiFi AccessPoints without a VPN (e.g. Cloak, OpenVPN to a home server)
- Configure your Smart-Phone to ‘prompt’ before connecting to any WiFi Network
- Increase the length and complexity of your passwords; use 2 factor authentication with you smart-phone or RSA fob where possible. Importantly: use a different password for each online account.
- Ensure you laptop uses suitable Full Disk Encryption (Windows – Truecrypt, Linux – LUKs, OSX -Filevault).
- Any remote-working connections should use an encrypted VPN solution.
- Laptops should utilise BIOS/UEFI/Firmware passwords.
- Don’t respond to unsolicited mails (SPAM); ultimately configure a mail-rule to junk all messages that contain the word “unsubscribe”.
- Don’t respond to mail from friends/family where the content is unlike their personality or is outside the norm of their usual style and content – it is likely that their account has been hacked, inform you friends and family ASAP by other means.
- Patching – ensure your system has all the latest security updates with automatic scheduled updates. This also applies to your Smart-Phones and Tablets.
- Antivirus – this is rather a reactive solution, it will not protect you from zero-days (0-days) but can prevent the high possibility of infection from known malware,worms, trojans and variants. Importantly: ensure you receive daily signature updates to detect all those new varients.
- Don’t store your credit card/banking information in an unencrypted form offline/online.
One more for office workers:
- Ensure you ‘Lock’ your workstation every-time you move away from your desk, even if your turning your back on your workstation. The USB Rubber Ducky / colleague / malicious insider could be out to get you?