Following on from our earlier blog post, here are three more practical ways to protect your data.
Top of the list is managing your use of public wi-fi. Although it is not really secure, public wi-fi is becoming so widespread that it’s easy to jump on it without thinking. Don’t do it.
Hacking into public wi-fi is trivial, as a Kiwi couple found out recently after logging into their email at a US airport. Later they found to their dismay that their account was short to the tune of $100,000. Hackers had matched up the couple’s bank account details with a signature on a job contract, both were contained in emails, and this allowed hackers to empty the couple’s term deposit account.
“Logging into websites can also be a problem. Logging only into those websites that use HTTPS helps,” says Computer Forensics’ Brian Eardley-Wilmot. “But even this isn’t very secure. Really, you need to have your own virtual private network, so you can create a safe internet path. There are lots of free ones, but paid ones are no longer so pricey. For less than $100 year you can have an encrypted gateway that covers both your PC and your mobile devices.”
Now, you’d think you would safe once you got home, but, no, there is a weak spot and it is your router, because, again, this is the route to the internet.
“First, have you re-set your router password from ‘Admin’?” asks Eardley-Wilmot.
“Of course, ‘Admin’ is easy for you to remember – it is for the bad guys too.
“To be really secure you should use WPA2 encryption and a long password – the idealists say 30 characters or more – and this should be randomly generated. Certainly, you should use at least 15 characters, and these must include upper and lower case letters, numerals and, of course, random symbols such as @, % and +. You couldn’t possibly remember all this, so you need a password manager. Just make sure it’s cross platform, so you can cover your mobile devices too. And don’t write it down on a Post-It note and stick it on the side of your monitor.
“And, while you’re in security mode, change the user name and password on your router’s admin panel too.”
Tip number three concerns the email daisy-chain security issue – follow the link and be alarmed. This is a weakness beloved of hackers. To avoid it, don’t link up your email accounts. Specifically, don’t make your Outlook account the recovery address for your Gmail account and then make this the recovery address for, say, your TradeMe or Amazon account – especially not your Amazon account, because of its recent security issues. One intrusion and you’ve had it.
The solution? Have an emergency-only email account for password recovery purposes that has a really long, complicated address, featuring upper and lower case letters, numbers and symbols, as discussed above, then you’ll be on your way to real data security.
For yet more on ‘practical ways of protecting your data’ be sure and check our blog regularly…