Technology is becoming an essential part of people’s lives, helping facilitate their day-to-day activities. It has also become the arena for many malicious actors trying to inflict damage to their victims. This article will look at steps that a tech savvy person can take to increase their cyber security in relation to basic technology such as (click on links to easily navigate to your desired topic):
Web browsers are commonly used around the world to gain access to a variety of websites and data across the internet. The access to internet data can lead to harmful unwarranted connections to electronics and/or privacy. Below is a list of settings and extensions that allows for a safer browsing.
Note: There are several browsers available for users to choose from, however, the most widely used browsers in the market are Mozilla Firefox (Open Source), Chrome (Google) or Internet explorer (Microsoft), therefore it is often preferable to use one of them as your primary browser.
Install Ublock extension to help block and filter ads. (Firefox, Chrome, IE). If there is a trusted site that requires ads that have been blocked, click the uBlock icon then press the power Icon once and it will turn gray.
Note: Some advance users believe that there may be a conflict of interest in a firm building both the search engine (ad revenue) and the web browser. An ad revenue driven firm such as Alphabet (Google) and Microsoft (Bing) may be strongly against solutions such as Ublock, therefore potential making it their interest to build a web browser that circumvents an ad blocker.
To ensure a secure, encrypted communication between you and major websites, use HTTPS Everywhere (link). If there is a need to turn off HTTPS Everywhere, click on its icon, then toggle off the “HTTPS Everywhere is on”
Microsoft office products such as Word, Excel, PowerPoint, and Outlook have been very popular for decades, helping businesses and individuals with their day-to-day operations. This popularity has also led to an increase in its use by malicious actors to try to gain access to electronics. To ensure a higher degree of security, information will be provided regarding how to protect a user.
Most MS Office solutions contains a Trust Center where it allows you to increase/decrease the security level of the software. Below is a list of settings that can be changed to conform to the level of sophistication that the user has.
On average, it is preferable that ‘non tech savvy’ users receive training to ensure they are well equipped to navigate the challenges of the technological world since it is difficult to determine when someone will gain access to an electronic without the setting provided below.
Note: MS Word has been used for exemplification purposes, most MS Suite solutions follow the same rationale.
Open Office Software >File > Options > Trust Center > Trust Center Settings.
Go to the ‘Trusted Documents’ segment and check mark “Disable Trusted Documents”.
Technical: If (Status = 1 or N/A, then leave it blank), otherwise if status is Blank, then let the user know that the “Status is Unavailable”. If none of the points raised before have occurred, then take the Due Date minus Today’s Date.
Checkmark all options.
PDF or Portable Document Format has become an industry standard for files that are meant to be opened and readable in almost any device/system. With its popularity, a number of people decided to exploit it to gain access to other people’s electronics and data. Below is a guideline to increase PDF security and a set off good habits everyone should have.
Open Adobe Acrobat Reader >Edit > Preferences
Go to ‘Security (Enhanced)’ and follow the check marks provided in the picture below
As of 2019, Android and Windows Operating systems have the highest market share throughout all platform at around 37% each (Source). Therefore, a majority of advice will be catered to these two groups, although some advices are cross-platform in nature.
Telephone and texts are often used as a conduit for fraudulent activities looking to extract data or resources from their victims. This session will look at some of the types of scams & steps that can be taken to limit its risk.
Robocalls – Automated phone calls looking to exploit a need or belief the user has for the benefit of the malicious actor. It often attempts to offer better interest rates on your loans/credit cards or anything that could be of interest to you. If a user responds in some form to the occurrence, it can either lead to loss of money, time or be utilized for future engagements.
Types of Fraud
Business – Attempts to illegally use business related functions such as billing, telemarketing, employment, tech support and others to get the victim to provide information that will financially or otherwise benefit the perpetrator at the detriment of the victim.
Financial – Uses/poses as banks, credit cards, insurance, mortgage, tax and many others to defraud the victim for financial gains. If a real financially related entity reaches out to you, it is extremely unlikely that they will request for personal information to validate a claim/request.
Government – Uses the name of government entities such as the FBI, revenue agencies and others to extract valuable information from the victims that can be used for financial gains. Most government entities will use sealed mail or agreed with methods to contact the relevant party regarding an issue. It will most often, never ask you to provide personal information to resolve the matter. If you are in doubt, reach out to the entities website and contact someone you trust for counsel.
The ‘Nigerian Prince’ scam – Is a scam that looks to get up-front money in exchange for future riches. Although the ‘Nigerian Prince’ example is well-known, this type of scam comes in variety of forms. The best course of action is to not respond to the request and close the call or delete the text.
The ‘Captured/imprisoned Family Member’ scam – A family member has been captured for ransom or has been imprisoned and now needs bailout money. At least that is the narrative the malicious actors aims to portray as it looks to abuse a sense of urgency and care to lead its victims into being defrauded. Most often, the best course of action is to gain knowledge of the circumstances the victim is meant to be in, ask questions that, in theory, only you and the captured/imprisoned victim would know. Then you should end the call and reach out to the individual via cellphone/e-mail and to closer relatives that may have a better insight on what is happening to that person’s life. This, alongside cross-checking the information provided by the assailants should help you determine whether to take further steps or not.
Wi-Fi has become vastly important in the day-to-day electronic operations of millions of people around the world. This segment will look at the basic steps that should be taken to secure a Wi-Fi system and increase the security of private & publicly available Wi-Fi use.
Change Administrative Login [Critical] – Every Wi-Fi system comes with a default login credential to facilitate installation. This information is often available on the internet, which increases the risk of someone infiltrating the Wi-Fi system.
Strengthen Password Protection [Critical] – Change the password of everything related to your Wi-Fi system to something that can be remembered, while at the same time being unique and hard to decipher. Make use of symbols, numbers and letters and a minimum of 12+ characters (e.g. 1Th()rp1N531)
Change SSID Name [Critical] – SSID is the name in which users will be able to identify your Wi-Fi. In most cases, factories will provide a default SSID that can be easily traced back to them, increasing the risk that your system will be infiltrated. To decrease that risk, Wi-Fi administrators are encouraged to change SSID name. Some will prefer to have a business related name while others prefer funny name (Refer to this website for ideas)
Hide SSID Name [Recommended] – Most routers will have the option to hide the SSID name, this will ensure that a limited number of passersby will be able to see the network through normal mens. Approved users of the network will need to have the accurate SSID name and password to be able to enter the network. A persistent actor can still find your Wi-Fi with little to no effort, so do not consider this as a ‘safe’ solution on its own.
Wi-Fi Encryption [Critical] – The best encryption most routers have to offer is a combination of WPA2 and AES, so always chose them. This will ensure that the communication moved within the wireless network is less prone to infiltration/leak. In the upcoming years, WPA3 will likely become mainstream, so if you see that option, go with it instead of WPA2.
Activate Wi-Fi Firewall [Critical] – Wi-Fi Firewall serves as a layer of protection, telling the system whether a set of incoming data is in a blacklist that should be blocked or not. Every Wi-Fi system should have their firewall activated to increase the protection of the system and its users.
Wi-Fi System Update [Critical] – From time to time, router manufacturers will have updates that serve to improve its service or security patches. Some will automatically update, while others require the owner of the Wi-Fi system (router) to create monthly cadence to check whether there is an update via the manufactory’s website or the system’s interface.
Guest Network [Recommended] – A good portion of routers will allow for multiple networks to be created. For security purposes, it is preferable that external sources such as company or house guest use a Guest network to limit your data and network exposure. Similar settings to the ones listed above should be considered throughout the implementation, although passwords should be unique for Guests and may require it to be updated more often.
Implement a VPN [Optional] – VPN or Virtual Private Network is a tool used to extend security between two private network parties to decrease the risk of leakage or infiltration. A majority of Wi-Fi systems have the option to add a VPN to the network, although it often costs extra.
Conclusion – The items listed above will provide a basic level of security that every Wi-Fi system owner/admin should strive for. For those in need of a higher level of security or a better understanding of what/why certain levels of security is needed, you are encouraged to hire a professional. Data is a driving force for businesses and individuals in today’s technologically driven society, be sure to take steps to protect that data.
Implement a VPN [Recommended] – VPN or Virtual Private Network is a tool used to extend security between two private network parties to decrease the risk of leakage or infiltration. Although it costs money to have, it also increases user privacy, decreasing the risk that private or public networks try to tap your data.
Have your own Wi-Fi – To decrease the odds that others are using their Wi-Fi system to snoop your data, bring your own Wi-Fi with you and use the Wi-Fi system guidelines to increase your safety on the internet.
Most businesses and individuals keep a large amount of data stored in their electronics. However, not everyone keeps a second copy of their most valuable data. So what happens if a laptop is stolen, a hard drive stops working or a virus wipe-out the data? That person can lose countless hours, money and resources if they did not take the necessary precautions to backup. This segment will look at some areas that should be considered prior to deciding the best backup solution for the individual/entity.
Support System – It is often preferable to receive support from a trusted friend/family member or a professional when issues arise with an electronic or the internet. Whether it is installing a new application, a virus pop-up or something else, the support system can help mitigate the inherit risks of not installing properly or becoming a victim of a hacker. For those unable to receive external support for their Browser, Microsoft, PDF, Electronics, Telephone, Text, E-mail, Wi-Fi or backup solutions, be sure to read the Tech Savvy manual in its entirety to gain a basic knowledge on the matter.
Operating Systems – Set-up automatic system update at a time of convenience (Microsoft Windows, Google Android). It will limit the risk of a user forgetting or not knowing how to update their electronic. For operating systems where there are no ‘automatic update’ options, it becomes imperative that the user is taught how to update it and to provide a form of reminder (e.g. calendar) to help remember.
Display Simplification – The less cluttered a screen is, the easier it is to navigate. Add e-mail, relevant social media, browser & other key applications to the main screen and remove any system critical application from the user’s view.
Remote Access – For individuals that are expected to receive support from a trusted source, it is beneficial to have a remote access software if a user is expected to receive online technical support.
Remote Tracking – Electronics can be lost or stolen without a minute’s notice. To increase the odds that the electronic can be found, users can install or use default settings such as “Find my device”.
Tri E-mail System – Create an e-mail account for personal use, one for business & one for miscellaneous use (e.g. website registrations).
Automated Daily/Weekly Backup – Use a hosting service (Dropbox, OneDrive, and Google Drive) to synchronize important data to ensure a second copy is available in case something goes wrong with the main electronic.
Double Check – Always double check the source of e-mail, website, text, etc, before moving forward.
Different Accounts, Different Passwords – Always have a different password for the different accounts you intend to have on your electronics and the internet. That is especially important for accounts associated with personal or business information.
Device Lock – Always lock the device every time it is not in use. Some devices will lock automatically after a couple seconds (assuming changes to settings have been made), others may require manual lock. Manual lock for Windows computers is Win+L and Mac is Control + Shift + Eject (or Power).
Illegal Software – Do not download or install dubious or illegal software.
Password Change – Change passwords every couple of months to decrease exposure to hackers.
Link Clicking / Opening Attachments – Do not click on links or open attachments from dubious or untrusted sources regardless of whether it is on a search engine, a file, an e-mail, or anything else
Secure network – Only use a secure Wi-Fi connection. If there is a need to use public network, ensure that all your actions are done under HTTPS websites & a VPN, and do not use it for personal or business related stuff.
Not in Use Connection– Turn off Location, Bluetooth & Wi-Fi connections if the electronic is not in use. Flight/Airplane Mode can be used to turn them all off.
“The Legit Scammer” – Some scammers will act like a government entity or a trusted business. Always confirm information (Use a search engine to confirm e-mail address, telephone number, etc) before providing personal information. A vast majority of legitimate government and business entities will not request for personal information when contacting a user.