Modernizing Authentication — What It Takes to Transform Secure Access
Here are eight resolutions you should consider adopting to ensure you have a great New Year at least when it comes to the security of your computers and gadgets. All of which you may be able to be keep without spending a dime.
Secure Your Mobile Phone and Devices
Your new smartphone or mobile device might give you access to thousands of apps and help you be more productive, but it can also be dangerous if it gets into someone elses hands. If its setup with your email account, Wi-Fi network, or if you use it to store any important data, you need make sure its secure. Being small and mobile makes it easy to lose or become stolen. You (or your employer) probably dont want some Joe reading and sending emails on your account, connecting to your Wi-Fi and accessing the network, or reading sensitive documents or data.
Make sure youre utilizing all the security features of the mobile operating system (OS) your phone or device is running. The two chief features are PIN or password protection so thieves cant pick it up and use it and encryption so your data cant be recovered. Remote wiping is also an important feature to keep in mind, letting you remotely erase all your data if it becomes lost or stolen.
Some mobile OSs dont provide entire device encryption, however the current iPhone 4 and BlackBerry 5 do. For others, check the particular OS version youre usingits a fast paced industry and technology changes quickly.
Encrypt Your Laptop
Everyone, no matter what they do or store on their laptop, should encrypt it. If it becomes lost or stolen, not only can some Joe access your documents without knowing your Windows password, but could recover your Internet history and passwords. Encrypting the entire drive would protect all your personal documents, Internet history, and system files.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Most encryption solutions require you to format the drive and start from scratch, however DiskCryptor doesnt. For help with DiskCryptor you can read a previous tutorial of mine. If youre starting with a fresh laptop anyways, here are two other free and open source solutions you can check out: TrueCrypt and FreeOTFE.
Encrypt Your Flash Drives
Flash drives can be very convenient, but can also be very dangerous if you store or transfer sensitive information and they get into someone elses hands. If you use them for anything sensitive, you need to encrypt the drive so others cant access your files.
You can buy pre-encrypted flash drives, but you can save a couple bucks by doing it yourself. You can use free and open source solutions as discussed with encrypting your laptop. Both TrueCrypt and FreeOTFE offer portable modes where you dont have to have the software installed on a PC in order to decrypt and access your files. Plus FreeOTFE also lets you access your files on PCs that arent running a Windows account with administrative privileges. I show exactly how to use FreeOTFE in a previous tutorial.
Properly Secure Your Wi-Fi Network
If you have a wireless network for the home or office, make sure you have WPA or WPA2 encryption enabled on the wireless router. This password protects your Wi-Fi connection, keeping neighbors and hackers off your network and stopping them from snooping in on your communications.
If you administer a wireless network for a company or organization that has employees, keep in mind the Enterprise mode of WPA or WPA2 encryption should always be used instead of the simple Personal (PSK) mode. This mode lets you give employees unique usernames and passwords to login rather than a static encryption key that can be used after they leave the organization or by thieves if the device is stolen. See a previous article of mine to discover even more reasons to use this Enterprise mode.
Wipe Old Drives and Devices Before Trashing
Before you sell, dump, or donate your old computers, drives, phones, or devices, make sure theyre wiped clean. Deleting your personal documents and data isnt enough. Windows on PCs can contain your Internet history with passwords and other sensitive information. Even files deleted via the Recycle Bin can be easily recovered by others. You should wipe your old drives with a utility like Active@ KillDisk.
For mobile phones and devices, refer to documentation or support to see how to erase your data and restore it to factory defaults.
Backup Your Documents and PC
You dont want to start off the new year by losing your documents, photos, and files. You never know when a drive or computer might die, become stolen or lost, or destroyed in a fire. You should also remember encrypting a computer or device doesnt mean someone cant just erase the data or physically destroy it. To make sure you dont lose your valuable information, you should back it up.
System Restore in Windows can help preserve system files and programs. Windows Backup and Restore can help create weekly or monthly backups of your personal files and settings. You should also setup a cloud or Internet-based service, such as Mozy, to backup your most important documents and files offsite.
Safely Use Public Wi-Fi Hotspots and Internet Ports
Its best to only use public Internet access for casual browsing. But if you do check your email, connect to servers, or visit sensitive sites, make sure its a secure connection. Ensure the web address starts with HTTPS and theres a valid security notification in the browser. For email clients, like Outlook, make sure youre using SSL encryption to the mail server. Remember these guidelines also apply to mobile devices.
Use Unique and Secure Passwords
Youve probably been told time and again to create unique and complex passwords for each different website, service, computer, and device so if one is compromised the others are secure. Its a new year, so nows a perfect time.
Start by changing the passwords to your important accounts, like Windows, bank, and email. Then change the others the next time you access them. Use a password manager like LastPass to securely store them and so youll have just one central password.
Eric Geier founded NoWiresSecurity, which helps business secure their Wi-Fi networks with the Enterprise mode of WPA/WPA2 encryption. Hes also a freelance tech writer and author of many networking and computing books, for brands like For Dummies and Cisco Press.
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.