When I was a kid, it was skeletons under my bed. Nothing scared me more than the vision of the things lurking there ... so close ... waiting for a hand or foot to stray over the edge. I would lie there at night, not moving a muscle, listening for any little sound that might betray their position.
It was hard to sleep that way.
There are some benefits to growing up. Now I don't think twice about things under my bed. (It helps to have boxes jammed under there occupying every inch.) But of course that doesn't mean I don't fear anything, only that new fears have taken flight. I try not to think about the ones I have no power over, such as that rare perfectly aimed solar flare permanently killing the power grids and plunging us all into a new stone age. The ones that have my attention now are a bit less apocalyptic but just about as awful to consider.
What happens if someone weasels into some account or data store where my personal data is stored? Steals my identity and cleans out my bank account and savings, lays waste to my credit?
Thankfully, much of this risk is avoidable. Not only are there things to do that will help prevent it, they're relatively easy to do and mostly quite inexpensive.
The real hurdle to be overcome is the willingness to take the first steps.
Prevent. Control impacts. Finally, if required, rebuild.
Do you know what steps to take? Here are some tips to get you started.
Reduce Risk & ExposurePartner with Your Professional Colleagues & Merchants
- Don't give your information out without getting assurances they keep it secured.
- Question the need for those who ask for your social security number.
- Ask merchants for their public statement of information security.
- Read about PCI DSS compliance (Payment Card Industry Data Security Standard), and question your merchants about their certification.
- Don't store credit card information on web sites unless required, and if required, find out why.
- Educate & train all users of your systems, or limit their abilities and access. Don't forget that EVERY system that uses your WiFi or wired network is a node that's an exposure.
- Reduce personal information exposed on social media. Some friends may want to know your birthdate, but that doesn't mean the world needs that information.
- Uninstall unneeded applications.
- Make sure your applications get new updates as soon as they're available. You should be able to set your system configuration to automatically update as soon as new versions become available.
- Get periodic port scans and keep unused ports closed. We offer periodic port scans for common ports as a part of our Bronze Membership!
- Check the settings on your modem/router, or find a pro - let us know if we can help!
- Prevent applications from starting when you log in or when your computer starts unless justified.
- Turn off your computer when it's not in use, at least disconnect from the network. If you leave it on at night to run antivirus scans or complete a backup, you can update the virus definitions and then unplug from the network.
Be Ready for the Midnight Knock at the Door
- Be sure you have antivirus protection running at all times.
- Assure your home network effectively uses Native Address Translation (NAT). Don't think you have a network? Think again. Do you have a router? Do you use WiFi to attach to your home Internet? Then, yes, you have a home network.
- Consider installing an Intrusion Detection and/or Prevention System (IDS/IPS).
- Assure your firewall is in play.
Ready to Rebuild?
Exposure and risk around ransomware comes from 1) not using safe practices resulting in an infection, and 2) not having an effective backup. If your first line of defense fails, you need to be ready to write off your old system and start over from scratch.
- Keep your backups running, and stored offline unless they're being updated.
- Test the restore periodically.
- Keep more than one backup. Sometimes malware hides quietly for awhile to try to beat this solution, so it gets saved away as a part of your backup. Store away several months of backups, don't just overwrite your previous backup with the new one.
- Assure you have a system recovery disk or thumb drive. Windows provides the ability to create this backup of your Windows OS that will make your disk like new, but without your personal data. (You'll need a separate backup of your data, but you won't have to keep backing up your Windows OS all the time.)
- Be aware that evolving exploits are becoming better at surviving your attempts to clear them out, and may survive a system restore.
Finally, DON'T FORGET YOUR PHONE AND TABLET ARE COMPUTERS THAT ARE ONLINE ALL THE TIME! All the above precautions apply to these mobile devices as well.