Consumer Security Recommendations

Our experience in technology support for consumers and small business is extensive. Everyone customizes a computer, network and more to their unique ideas and needs. A common attribute that affects us all is Security, and the need to protect personal and intellectual property alike.

From the CEO to the hero team members, WE are the BIG target for hackers and bad actors. Why? We are vulnerable!

This article covers a summary and recommendation of measures to keep your information safe. Awareness is the #1 tool in thwarting crime! The recommendations in this article do not constitute legal advice and do not apply to all persons. An IT provider should be contacted for the best advice per individual needs.

The Problem: Weak Spots!

Vulnerability summary

1. Email Service
   • • Free accounts (Internet service provider accounts, yahoo, aol and more)
       • Save the free accounts to keep up with shopping newsletters and coupons. Get your personal information out of there!
     • Multi-factor authentication is not enabled or not available altogether
     • Advanced spam protection is not available, thus allowing threats to seep in – for example, signatureless viruses, impersonation emails, malware, and more
       •  
2. Computer Security
   • Premium Antivirus with built-in ransomware protection is not installed or in use
   • Malware/Web protection is not installed or in use
   • Daily use computer accounts operate with admin privileges
   • Personal information is not secured
   • Passwords are not secured
   • Backup is not enabled or configured properly
     •  
3. Environment
   • Passwords are written on notes near or on the computer
   • Advanced security features from home router are not available or in use
   • Home wireless is not secured
   • Active simultaneous connections to wireless and direct connect broadcast from home IoT (Internet of Things) (i.e. kitchen appliance, garage door, tv, printer, etc) devices.

The Solution: 8 Recommendations

1. Review of email service: switch to gmail.com or outlook.com email service.
   • Enable all security features and complete feature tours
     •  
2.  Enable Multi-factor Authentication For ANY Online (Over-Internet) Access.
   IF any online accounts do not offer multi-factor authentication, switch providers!
   • Email
   • Banking
   • Any other site that contains sensitive information (i.e. payment card data, date of birth, name and address)
     •  
3. Reputable Antivirus & Malware Protection
   • Sole Creation Managed AntiVirus (EDR from SentinelOne, ESET, and BitDefender)
   • Malwarebytes or Sole Creation Managed Web Protection
   • Enable Ad Blockers
   • For the BEST ransomware protection, contact your local IT provider for Sentinel ONE and Managed Web Protection
     •  
4. Create a standby Administrator account on your computer, login and then reduce your personal account to local/standard user
   • When a program wants to change computer settings, you will authenticate with the standby admin account you created
   • Change the password for both accounts at least twice per year
   • Contact your local IT provider for failed password attempts monitoring
     •  
5. Secure Sensitive Information
   • There are many ways to accomplish this step for example, enable BitLocker on your computer, save your information in OneDrive, enable password protection/encryption on your Excel and Word files, and more.
   • It is a good idea to contact your local IT provider for a Risk Intelligence review and get a report of what data to protect and the best methods based on discovered types.
   • Protect your passwords with local programs like KeyPass, or easy online sync apps like LastPass
     •  
6. For Remote Workers & Travelers
   • Use a VPN (Virtual Private Network)! Your information to and from home or work will be encrypted. SSL and TLS secured connections are also a great choice.
     •  
7. Backup and Restore
   • Maintain a backup. Loosing anything of digital value can be catastrophic now that we consumers save all our information to computer systems. Know for sure
     • 1 that you are backing up continuously or daily,
     • 2 that you can restore,
     • and 3 that your backup has a backup (i.e. that your local backup is spanned across two drives and is cloud protected also).
   • Ask your local IT provider to help review your backup scheme, recommend a plan that you can monitor and validate easily.
   • Test Restore at least twice per year!
     •  
8. IMPORTANT!! Be Aware!
   • Think before clicking! Phishing attacks are the most popular method for criminals to gather a mass amount of information and leverage it to make a silent attack. At this time, poor grammar, spelling, awkward phrasing or unexpected emotional pressure on you (i.e. from a relative that suspiciously does not want to be phoned to verify) can be your immediate “tell-all” signs to the criminal attempt against you.

• • Coincidental Awareness! You see more than you realize. Mind your surroundings, stay alert and never make assumptions. It is never a bad thing to validate an unfamiliar person in a normally restricted area (i.e. your back yard, employee lounge, you name it!). Always keep up with your personal belongings, just like at the airport.
    •  
  • Respect your access to everything. Not everyone is trusted like you are. Avoid writing down passwords or credentials of any kind. Don’t share your access to anything with anyone. Don’t reply to emails or click links from anyone to share credentials without first making a human (voice/visual) contact to verify the request.
    •  
  • Report incidents right away! No matter the size; a secure door left open, an unknown loiterer, a phishing email, a smart device or computer malfunctioning. If you see it or hear it, speak it!
    •  
  • Follow policies, while at work, in your HOA, Gym, Church, In-laws (the list goes on) and more can help you identify threats in about 1.5 heartbeats. That could save a life or business, all thanks to… Your Awareness.