8 Security Resolutions for 2011

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Here are eight resolutions you should consider adopting to ensure you have a great New Year – at least when it comes to the security of your computers and gadgets. All of which you may be able to be keep without spending a dime.

Secure Your Mobile Phone and Devices

Your new smartphone or mobile device might give you access to thousands of apps and help you be more productive, but it can also be dangerous if it gets into someone else’s hands. If it’s setup with your email account, Wi-Fi network, or if you use it to store any important data, you need make sure it’s secure. Being small and mobile makes it easy to lose or become stolen. You (or your employer) probably don’t want some Joe reading and sending emails on your account, connecting to your Wi-Fi and accessing the network, or reading sensitive documents or data.

Make sure you’re utilizing all the security features of the mobile operating system (OS) your phone or device is running. The two chief features are PIN or password protection so thieves can’t pick it up and use it and encryption so your data can’t be recovered. Remote wiping is also an important feature to keep in mind, letting you remotely erase all your data if it becomes lost or stolen.

Some mobile OSs don’t provide entire device encryption, however the current iPhone 4 and BlackBerry 5 do. For others, check the particular OS version you’re using—it’s a fast paced industry and technology changes quickly.

Encrypt Your Laptop

Everyone, no matter what they do or store on their laptop, should encrypt it. If it becomes lost or stolen, not only can some Joe access your documents without knowing your Windows password, but could recover your Internet history and passwords. Encrypting the entire drive would protect all your personal documents, Internet history, and system files.

Most encryption solutions require you to format the drive and start from scratch, however DiskCryptor doesn’t. For help with DiskCryptor you can read a previous tutorial of mine. If you’re starting with a fresh laptop anyways, here are two other free and open source solutions you can check out: TrueCrypt and FreeOTFE.

Encrypt Your Flash Drives

Flash drives can be very convenient, but can also be very dangerous if you store or transfer sensitive information and they get into someone else’s hands. If you use them for anything sensitive, you need to encrypt the drive so others can’t access your files.

You can buy pre-encrypted flash drives, but you can save a couple bucks by doing it yourself. You can use free and open source solutions as discussed with encrypting your laptop. Both TrueCrypt and FreeOTFE offer portable modes where you don’t have to have the software installed on a PC in order to decrypt and access your files. Plus FreeOTFE also lets you access your files on PCs that aren’t running a Windows account with administrative privileges. I show exactly how to use FreeOTFE in a previous tutorial.

Properly Secure Your Wi-Fi Network

If you have a wireless network for the home or office, make sure you have WPA or WPA2 encryption enabled on the wireless router. This password protects your Wi-Fi connection, keeping neighbors and hackers off your network and stopping them from snooping in on your communications.

If you administer a wireless network for a company or organization that has employees, keep in mind the Enterprise mode of WPA or WPA2 encryption should always be used instead of the simple Personal (PSK) mode. This mode lets you give employees unique usernames and passwords to login rather than a static encryption key that can be used after they leave the organization or by thieves if the device is stolen. See a previous article of mine to discover even more reasons to use this Enterprise mode.

Wipe Old Drives and Devices Before Trashing

Before you sell, dump, or donate your old computers, drives, phones, or devices, make sure they’re wiped clean. Deleting your personal documents and data isn’t enough. Windows on PCs can contain your Internet history with passwords and other sensitive information. Even files deleted via the Recycle Bin can be easily recovered by others. You should wipe your old drives with a utility like Active@ KillDisk.

For mobile phones and devices, refer to documentation or support to see how to erase your data and restore it to factory defaults.

Backup Your Documents and PC

You don’t want to start off the new year by losing your documents, photos, and files. You never know when a drive or computer might die, become stolen or lost, or destroyed in a fire. You should also remember encrypting a computer or device doesn’t mean someone can’t just erase the data or physically destroy it. To make sure you don’t lose your valuable information, you should back it up.

System Restore in Windows can help preserve system files and programs. Windows Backup and Restore can help create weekly or monthly backups of your personal files and settings. You should also setup a cloud or Internet-based service, such as Mozy, to backup your most important documents and files offsite.

Safely Use Public Wi-Fi Hotspots and Internet Ports

It’s best to only use public Internet access for casual browsing. But if you do check your email, connect to servers, or visit sensitive sites, make sure it’s a secure connection. Ensure the web address starts with HTTPS and there’s a valid security notification in the browser. For email clients, like Outlook, make sure you’re using SSL encryption to the mail server. Remember these guidelines also apply to mobile devices.

Use Unique and Secure Passwords

You’ve probably been told time and again to create unique and complex passwords for each different website, service, computer, and device so if one is compromised the others are secure. It’s a new year, so now’s a perfect time.

Start by changing the passwords to your important accounts, like Windows, bank, and email. Then change the others the next time you access them. Use a password manager like LastPass to securely store them and so you’ll have just one central password.

Eric Geier founded NoWiresSecurity, which helps business secure their Wi-Fi networks with the Enterprise mode of WPA/WPA2 encryption. He’s also a freelance tech writer and author of many networking and computing books, for brands like For Dummies and Cisco Press.

Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.