Threat Level: green Handler on Duty: Tom Webb

SANS ISC: Holiday Safe Computing Tips - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Holiday Safe Computing Tips

It is that time of year again. It is the holiday season with presents under the tree.  Some of those presents are bound to be electronic.  Whether they are PC’s, Mac’s, cellular phones, gaming systems or one of the new electronic gadgets like Alexa/Google devices, digital frames, security camera’s, and other wireless devices. These may open a security hole in your network. Each of these devices require a little thought about how they will affect your network.

The first thing that every network, whether home or work, should have is a good well configured firewall. Your firewall can protect unwanted advances to your critical network assets.  With a strong password and all of the updates in place the firewall will be your first line of defense.

All of the other devices behind the firewall will get some protection. As the devices are added to your network you need to further secure your network by doing the Security updates from the vendors, using strong passwords and using appropriate security software and antivirus/anti-malware software.  Make sure that any applications that you are using are getting updated as the manufacturer makes them available.

You can further protect your data by doing a backup of all of the critical data.  Whether you use an offsite backup like Carbon Copy or IDrive, or an external device (hard drive or thumb drive) you need to protect your data.  Backing up your machine regularly can protect you from the unexpected. Keep a few months' worth of backups and make sure the files can be retrieved if needed.

One of the most important things to remember, use safe practices while online. There are so many exploits on the Internet that try to “trick” you into falling into their trap. You need to protect yourself from these bad guys.  Ignore unsolicited emails, and be wary of attachments, links and forms in emails that come from people you don't know and from people you do know that seem "phishy." Be careful what websites you visit. Avoid untrustworthy (often free) downloads from freeware or shareware sites. Social networking sites as well as a lot of the news sites have open compromises on their sites.  Don’t click on links or download software from these sites.  Be careful when watching videos or other active content because they as well can contain hidden dangers.

I would like to hear from our readers.  What tips do you have for this holiday season?

 

Deb Hale

Deborah

272 Posts
ISC Handler
Remind your family and friends to make backups of their PC's. Make sure that:
1) data (photo's etc.) is never stored in just a single place;
2) the time that data that is stored in 2 or more _interconnected_ places, is limited as much as possible.

I personally use at least 2 external USB3 harddisks that I have encrypted using VeraCrypt (in case they get stolen by a burglar).

Such an external HDD may not be the nicest Christmas present to give, but after their PC gets encrypted by ransomware (and they actually made a backup and stored it in a safe place) you suddenly may become their best friend ;-)
Erik van Straten

116 Posts Posts
I use the free version of Acronis. I clone my C Drive regularly. If there is an issue, I switch hard drive and clone the compromised drive. I also image my files that is located different drive, so if that is compromise as well, I format it and make another image.

A little bit of work I guess, but worth for peace of mind.
Delfino

2 Posts Posts
Increasingly I think it is imperative we encourage and teach people to use a password vault. The tendency to not change defaults because they get forgotten and to reuse passwords across systems opens people up to significant risk of compromise.
Anonymous

Posts
As the previous comment suggests, a password manager and unique, random passwords for every account is a must.

Another control I find immensely valuable is, configuring the home/office router and DHCP server (which may or may not be the same) to use OpenDNS instead of the ISP's DNS provider. It's not foolproof, but it makes a huge difference in stopping routine malware, phishing and malvertising.
David Longenecker

4 Posts Posts

Sign Up for Free or Log In to start participating in the conversation!