This is a Guest Post.
The author of this blog, who is a good friend of mine, asked me to write a little bit about cyber security.
I am a full-time Cyber Security Manager and Consultant at a Fortune 100 company, I wasn’t always a security guy; I was a Software Engineer and Manager for many years. Spent a long time building computer systems and now I spend my days and evenings trying to keep them safe and secure.
Cyber Security in The News
There are zillions of news stories about cyber security all over the internet, TV, newspapers and magazines every day. So much of it is sensational; horrible stories about stalking, cyber-crimes, identity theft and so forth. These stories entertain people and help businesses make money selling security systems and backup gadgets. But just like the rest of “real” life, people are of all sorts, and if you give them a new tool some of them will use it to steal and hurt.
So I’d like to write a little bit about security from a common-sense point of view. Computers and the internet parallel the “real world”. Your home address is just like a user-id, your front door key is just like a password. Since this blog is about homeownership and managing money I think I can give a little interesting advice along these lines.
Using Common Sense in Cyber Security
Physical Safety is always a top priority. Can a bad guy kill you with your computer? Can a mysterious hand come out of your laptop and choke you to death? Well, no, although emergency 911 systems can be crippled by massive bombardment of millions of computer generated phone calls, electric plants can be taken off-line by hackers and other horrible things can, and do, sometimes happen. But the kind of safety we deal with in big cities, not walking alone at night, getting help if someone is following you, avoiding bad guys and fights, taking care crossing the street so as not to get run over mostly does not directly apply to computer use. That’s a good thing.
We all try to avoid disease. We all try to avoid obviously sick people coughing and sneezing all over us. We don’t eat undercooked hamburgers, raw eggs or potato salad that has been sitting out all day. We avoid touching dead birds along the sidewalk. So why do some people download unknown programs from shady web sites, surf illegal file sharing sites, or visit sketchy porn sites on the internet? In the cyber world your computer is like your body, and if you visit such web sites your computer is liable to get infected with malware and become inoperable, taking hours, or even days to fix. Just like spending days in bed to recover from a fever, or having to go to the doctor to get fixed so you can go back to work.
What NOT to Do
Burglary is a real threat. So we have houses with doors, locks, keys and some of us have home security systems. Here are some things people do with their computers that they would never do with their home.
- No user-id or password required to use your computer = No door or lock on your house
- Use a password like ‘12345’ = instead of a deadbolt, use a screen door hook on your front door
- Use the same password for every site and device you use = use a single key for your car, every door in your house and your safe deposit box
- Write down your passwords on a piece of paper = make an extra copy of all your keys and leave them lying around where someone might get hold of them.
Robbery is different from burglary because the bad guy actually approaches you and either picks your pocket or holds a gun to your head and takes your money. We have pickpockets in cyber space and it is called “phishing.” You get lured to a web site with an email and the web site looks like your bank and your information gets stolen and you don’t even know it.
I could make more analogies, but let me go on to what you should do about these things.
What You Can Do to Combat Cyber Crime
- Just as you do not expose yourself to disease, avoid obviously sketchy too-good-to-be-true web sites, and spend $30 bucks a year to get a real copy of an antivirus program the same way you go to the doctor or get a flu shot. (Editor’s Note: There are also free antivirus software such as AVAST and AVG, which my friend says are good options. However, he also advises that some of the advanced features are shut off or are only available in the paid versions. He personally pays for his antivirus software.)
- Keep your user-ids and passwords secret, don’t write them down. You don’t leave pieces of paper with your address and copies of your front door key lying around in public. If you have a lot of passwords to remember, use a free password vault program like PasswordSafe, use easy to remember schemes like wDih2wfal? (why do I have to work for a living?) and change your passwords every now and then.
- Be very careful where you go on the internet. Any click you make with your mouse is like walking into a building in “real life.” If you get an email from your bank, before you go there, make sure it’s really from your bank. Move your mouse over the link before you click it and your browser will show you the real place you are heading to. If it’s supposed to be Chase bank, but the destination you see is https://www.funnyhacker.com/chaseExploit don’t click.
If you treat your computer like your person, navigate the internet the way you walk the city streets, avoid dangerous places whether real or electronic and treat your electronic secrets the same way you treat your doors, keys and locks you will not fall victim to cyber crime.
Photo by: Flickr