Computer security tactics aren’t often thought about until a problem arises—and at that point, a break in security can cause harmful and potentially major issues. Because we all want to keep our computers and information safe, we have answers to some frequently asked questions about potential security issues and how you can prevent them from happening to you.
When people don’t understand the ramifications of installing unverified software, they open their computer up to potential attacks. For example, they might download a free desktop application, which unknowingly installs spyware or a browser toolbar along with the application.
Typically, these free software applications will have a checkbox installation that some people might miss, which allows the spyware or toolbars to be installed. This spyware, in many cases, can track everything you do in your web browser. These toolbars can potentially slow your entire system down.
When you install unverified software, you open yourself up to:
Verify that you’re getting your software, including Internet browsers, productivity apps, and anti-virus software from credible sources before installing. Check with your IT department and they can help verify that the program you are installing is safe.
Man-in-the-middle attacks are somewhat similar to someone secretly and directly listening to a phone conversation through wire tapping or picking up another landline in the house.
The information shared between two people that should be private is now in the hands of a hacker.
This is what happens:
Here’s an example of sensitive information that can get intercepted:
Do not connect to public Wi-Fi networks unless you are using a VPN service. There are many free or cheap VPN services out there that encrypt your traffic so that nobody can steal the information you enter while on that network.
When making purchases, make sure the website is secure and using an SSL certificate. You can tell by checking to ensure the URL starts with https:// (read on to learn more).
These aren’t fun activities you can do with a beer in hand. Phishing attacks are notorious for trying to trick you into opening unknown attachments and links in emails. These attachments and links have the potential to add viruses and other malware to your system, so why do people still fall for them?
Phishing and spear phishing attacks can happen though email, SMS messages, voice calls, and a couple other less common avenues, but email attacks are most common. In both instances, attackers disguise themselves as people or organizations that you trust and/or already engage with; however, phishing attacks are not personalized while spear-phishing attacks are. Spear phishing messages personally address the recipient and contain personal information, which they hope will make you act.
Here’s a real example of a phishing attack that some Onsharp staff have received:
The message is short, (poorly) mimics a request from someone within Onsharp (a trusted source), and asks you to give them your information.
When you get a questionable email, call, or text from someone or a business you communicate with, do not respond to it. If you’re unsure if the request is legitimate, create a new line of contact with that person/business and ask them if they still need that information and/or if their request is real.
When you leave your laptop or phone unattended at the office, your remote workplace, or a public space, you’re foolishly inviting someone to breach your computer security through your own device.
When you have to walk away from your workstation, lock your electronics. Have password protection enabled on your phone, laptop, and other devices—especially if you have access to sensitive information through that device. With modern devices, you can easily enable a fingerprint access as well.
If you device happens to get stolen while you’re away from it, there is tracking software you can use to retrieve it; use Find My iPhone for Apple devices and Find My Phone for Android Devices.
When you visit a website, you’re information is automatically safe, right? Wrong. When you’re on the internet, sometimes website admins don’t take the necessary precautions to protect their information or yours.
SSL Certificates are a good indication for whether you should trust a website. It looks different depending on what browser you use, but you can typically tell when a website is secure when a locked padlock appears to the left of a URL in the search bar. When a website doesn’t have an SSL Certificate or one that’s improperly installed, your search bar will not contain a HTTP or HTTPS heading or a locked padlock icon.
When it comes to protecting your computer, our biggest piece of advice is to be aware of:
Most PCs come equipped with an antivirus program already installed. For example, Windows 8 and 10 have Windows Defender built into the operating system, which is sufficient for most users. If you have an older version of Windows, don’t have an antivirus program, or would rather use something besides Windows Defender, we recommend using Avast. Avast has been one of the highest-praised antivirus programs available over the years because it doesn’t slow down your system, and it’s free.