11 Security Resolutions for 2013
Among your typical New Year's resolutions—lose weight, stop smoking, be happier—you should consider making some pledges to better secure your digital life. You might even be healthier if you can prevent the stress of a digital disaster, like malware wiping out your PC, having your online accounts hacked, or becoming a victim of identify theft because of a phishing scam or data theft. With that in mind, here are some security resolutions you should consider for the new year.
Use PIN protection on your mobile devices
Smartphones and tablets are mini computers, and if they get lost or stolen, others may be able to access your email and social networks, browse through your photos, files, and text messages, and access other accounts that you’ve downloaded apps for. However, you can enable lock screen protection to require a PIN or password before using your device.
How you turn on PIN protection varies between devices, but you should be able to find it in your phone or tablet's settings app. A password or PIN isn't foolproof, but it's a good first line of defense against snoopers and would-be data thieves.
Install an anti-theft app on your mobile devices
If your smartphone, iPad, or tablet gets lost or stolen when you’re out and about there’s a good chance you’ll never see it again. But having an anti-theft solution increases your chances of recovery. You could remotely locate it on a map from another device or PC, make it play a siren to help you find it (useful for when your phone slips between the couch cushions), or wipe your device if you think you won’t get it back.
Many mobile carriers offer an anti-theft or remote locating service, but there are also free apps you can download for your Android or iOS device. Take a look at Lookout Mobile Security for Android, which also includes protection against Android malware. If you own an iOS device, the free Find My iPhone and Find My iPad apps from Apple are worth downloading.
The same goes for your laptop
Like with smartphones and tablets, you can setup an anti-theft solution on your laptop. And if it becomes lost or stolen you can remotely locate it via Wi-Fi positioning and IP address locations, if someone connects it to the Internet. Some anti-theft solutions let you remotely control the web cam and monitor the screen as well, further helping you to find the thief.
Some laptops come with a built-in anti-theft solution within the BIOS so it’s still locatable if the thief wipes or replaces the hard drive. But if yours doesn’t support this you can still install an anti-theft application. Lojack for Laptops is one option, and it works on both Mac OS X and Windows. Prey and GadgetTrak are other services worth considering.
Perform PC security checks
You should periodically perform a through security check of your PC. Antivirus is a must-have, but it doesn’t detect all vulnerabilities. It doesn’t always check for missing security updates for Windows, and for vulnerable applications like Abode Reader and Flash, Java, and your Web browser. And they usually don’t analyze your passwords to detect weak ones. See our previous story, Beyond antivirus software: Eclectic PC security tools for system-wide audits, for what you can do to tighten your PC's security.
Encrypt your laptop
A Windows password prevents the average Joe from booting up your computer and accessing your files and personal documents, but it can easily be removed or bypassed. A thief or snooper could remove the hard drive, connect it to another computer, and access your files that way. Or they could use a special CD to remove your Windows password and then be able to log into your Windows account.
Since a laptop can be easily lost or stolen, it’s a good idea to encrypt your entire hard drive, which prevents someone from removing or bypassing your password. Check out our tutorial to learn how to go about it.
Encrypt your USB drives
External USB and flash drives are easy to lose, and all someone has to do is plug them into their computer to access your files. With that in mind, if you ever transfer or store any sensitive documents on external drives, you should consider encrypting them, which requires you to enter a password before you can get at your files. You can buy drives that come encrypted or you can encrypt any drive yourself. Whatever route you go, it’s best to use those with 256-bit AES encryption. Also, consider buying those carrying the government-standard "FIPS 140-2 Level 2" or higher certification.
Secure your social network accounts
If you aren't taking on social networks seriously, it's only a matter of time before you get taken by malicious links and social apps that try to steal your personal information or money, or spread spam. And that doesn't even include the privacy issues in play—you probably don’t want your employer to see all your personal life. So consider securing your social network security and privacy settings. Take a close look at the security and privacy settings for the social networks you use; learn what each of the settings mean, and adjust them as you see fit.
Also, think about using a security app to help catch threats and keep up with the latest threats via sites like Facecrooks. Some current security suites, like Trend Micro's, include features that will check your Facebook privacy settings, and offer suggestions for improving your privacy.
Sign up for online backups
You probably know that you should create a backup of your computer's hard drive, just in case. But what happens if your backup disk goes bad? Using an online backup service is a good way to protect your most valuable documents, just in case double-disaster strikes and both your hard drive and backup go dead, or both are destroyed in a diaster. There are plenty of services out there, and some antivirus companies provide online backup services for their customers.
That said, security practices can vary between online storage providers. Check out our overview of online storage security for some providers with stringent security practices.
Install a two-way firewall
A firewall helps block hackers from being able to access your computer via the Internet and local network by controlling what traffic can pass through. Windows comes with a firewall, but by default it only monitors incoming traffic. To help catch malware or other malicious applications from sending data from your computer, the firewall needs to also monitor your outgoing traffic. If you use an all-in-one security suite like Norton Internet Security or McAfee Internet Security, you likely already have a two-way firewall. But if you don’t, consider using standalone two-way firewall like those from ZoneAlarm or Comodo.
Use OpenDNS for content filtering
An Internet content filter is a great idea regardless of whether you have youngsters in the home. In addition to blocking adult and other inappropriate sites, OpenDNS can help block virus-spreading sites and other dangerous corners of the Internet. Best of all, the basic-level OpenDNS service is free and you can apply it both to individual computers or to your entire network.
Check your Wi-Fi security
If your Wi-Fi network isn’t encrypted—that is, if you don’t have to enter a password when connecting—anyone nearby can connect to the network and intercept your Internet traffic. To keep unauthorized users off your network, you'll want to make your wireless router in your home is set up with wireless security: Wi-Fi Protect Access (WPA or WPA2).
To check if your wireless router is secured bring up the list of available wireless networks in Windows. Those that aren’t encrypted will have a warning indicator next to them and those that are will show the security type when you hover your mouse pointer over the network names. If yours isn’t secured refer to the manual that came with your router for instructions on how to turn on encryption.