Here are simple tips to improve your cybersecurity
Use a password manager: Although one of the best practices for the longest time was to come up with an extremely complicated password for each account with special symbols and a balance of lowercase and uppercase letters, Koebler and Lee both recommend installing a password manager such as Last Pass or 1Password, which both use one master password to unlock its capabilities. “It’s impossible to remember 300 different passwords, but the password manager remembers it for you,” Koebler says.
The key is to create a master password that is easy for the user to remember but that is secure and not easy for an outsider to guess, Koebler says, and commit it to memory.
“It could be a sentence from your favorite novel or poem … something that you’ll remember, is long, not easily hacked, but it doesn’t need to be a lot of symbols,” he says.
“This is one of the most important things that I think everyone should do regardless of your threat model because the rationale behind it is that the worst thing you can do with passwords is reuse them,” Lee adds.
Use two-factor authentication: Instead of needing to just have a password, a user must have a second way to verify his or her identity. In most cases, this is a code that is texted to the user’s cell phone.
“Two-factor authentication makes your life slightly more annoying but it makes your accounts way more secure,” Lee says. “It’s the best way to protect yourself against spear phishing,” which is an email attack targeted at a particular individual or business, “or if your password is somehow stolen.”
Use a VPN when using public Wi-Fi: Koebler recently tested a series of VPNs (virtual private networks) to see if they would slow down his internet speed. He found out that in most cases, they did exactly that. Given his findings, he does not recommend using one when inside one’s home or using another secure connection.
When using public Wi-Fi, such as at a coffee shop or restaurant, Koebler says that a VPN is a must, but be wary of choosing one of the free ones. “The reason for using a VPN would be to protect your privacy,” he says, “and many of the free options sell your data. So they are changing your connection, but they are selling your data to a third party on the other side.”
Two services that Koebler recommends are Freedome and Private Internet Access. Lee adds that he recommends the service provided by Mullvad.
Realize that Alexa, Siri and Google Home may always be listening: Although personal service assistant devices such as Amazon’s Echo and Google Home have become very trendy living room additions, Lee says that consumers have a right to be “fearful” that the devices could be sending whatever is being recorded right back to the mothership.
“I don’t know if they’re necessarily that much of a security risk, but they’re definitely a privacy risk,” Lee says. “You should consider, do you want recordings of what you’re saying in your living room to be stored on a computer somewhere else that you don’t own?”
Koebler says that it’s important to consider the business models of the companies involved. For instance, Google is primarily centered around advertising. Amazon’s big focus is selling products. Whereas a company like Apple has made security and privacy core to its business model in a way the other two have not, he says.
“I think the difference between security and privacy is ‘Are you going to get hacked?’ versus ‘Are you going to get advertised to?,’ which I don’t know if that’s fair or not but that’s the way that I personally look at it. And I think you know Google is always trying to sell you something. But … it takes itself very seriously when it comes to protecting that data.”