So, what do we consider, “the basics”? I think that depends on who you ask. Go to ten different IT or Cybersecurity pros and you’ll probably get ten different answers. Although, I’m willing to bet that the first three I’m going to give you would be in everyone’s top five. What are they? Passwords, updates, and evil software. Let me explain.
Passwords
This is, in my opinion, the number one area where most people can make a change that would have the greatest overall impact. Now, this could also be easier said than done. This task involves undoing years upon years of bad habits and forming some new ones. The worst offenses are weak passwords like, ‘password123’ or even just ‘password’. The second worst offense is reusing the same password(s) over and over. I will admit that I was guilty of password reuse up until last year. I had reasonably strong passwords, but only three or four with a few variations. What’s the fix? Get a password manager. I started using LastPass and, to give you an idea of how pervasive this is, I currently have 207 passwords stored. I had no idea I had that many—I had a list (another, not so great idea) but it wasn’t all inclusive.
Updates
Personally, I think this area is a much simpler fix. Just let those updates run! This goes for operating systems and installed software, like office productivity, web browsers (very important!), and even games. Most software today automatically checks for updates and can install it automatically. Even my new wi-fi router offers this feature, which is not something I have seen before for firmware. Personally, I don’t go for the auto-installs, but once I get a notice, I’ll run the update within the next couple of days.
Evil software
A bit dramatic, okay, but gets the point across. I’m talking about malware, which, as the name implies is bad software, and includes things like viruses, worms, trojans, ransomware, adware, spyware, etc. More to the point, we need to be concerned with protection from malware in its many forms. To have protection, we need a few things: antivirus/antimalware software, intrusion detection software, and a firewall, at minimum. Luckily, you can get these all bundled together in a “software suite” and newer operating systems, like Windows 10, include them as well—not a new thing but greatly improved over previous versions. Look for a version that will protect all of your devices, computers/laptops, phones/tablets, and don’t forget to use a strong password and configure those automatic updates!
I’ll go a little more in depth on these topics in future posts including why they are important. We’ll also dig into some other areas of concern that go beyond the basics, like social media and social engineering, wi-fi security and VPNs, and IoT devices.