by Dave Moore, CISSP
10/10/2021
Last week’s presentation of the Internet safety class, “Fight the Internet Bad Guys & Win!” at the Norman Public Library was a great success. Around 100 people attended, eager to learn about staying safe on the Internet.
Many good questions were asked and many good suggestions for continuing to develop the class were made, with future classes looking to be better than ever. A huge “thank you” goes to the class sponsors who make it all possible: McClain Bank, Josh Nelson Allstate Insurance, The Norman Transcript and the Pioneer Library System.
Until behavior changes, though, no learning has taken place, and experts say you have to hear something at least seven times before you remember it. I would have to agree with that assessment, especially with Internet safety and security. There’s not a “one shot cures the problem” solution like a one-evening class that will keep you safe, forever. The basics need to be reviewed and understood frequently in order to stay Internet safe.
With that in mind, and since this is week one of Cybersecurity Awareness Month, let’s review some basics suggested by the National Cyber Security Alliance and make sure we’re on track
Enable MFA. As discussed a few weeks ago in previous columns, Multi-Factor Authentication (MFA) adds that necessary second check to verify your identity when logging in to one of your accounts. By requiring multiple methods of authentication, your account is further protected from being compromised, even if an Internet bad guy hijacks your password. In this way, MFAs make it more difficult for password cracking tools to enable attackers to break into accounts. I recommend the authentication app called Authy. Read “2FA/MFA: Using Authy,” found on my website at www.davemoorecomputers.com.
Use strong passwords, passphrases, and a password manager. We discussed this at length in class, but all too often using strong passwords and using password managers is overlooked. People spending more time online during the pandemic has certainly contributed to more bad actors prowling for accounts to attack. Using long, complex, and unique passwords is a good way to stop your account from being hacked, and an easy way of keeping track and remembering your passwords is by using a password manager. A great, free password manager is at www.dashlane.com.
Update all of your Internet devices. When a device prompts that it’s time to update the software, it may be tempting to simply click postpone, and ignore the message. However, having the latest security software, web browser, and operating system on devices is one of the best defenses against online threats. So, don’t wait: update.
Learn to do online research. What that means is going to a search website (as long as it’s not Yahoo or AOL), typing in what you want to know about (your “search terms”) and seeing what you can find. Common sense is a crucial part of maintaining good online hygiene, and an intuitive step to stay safe online is to do some research before downloading anything new to your device, such as apps.
For example, if I want to install Whizbang Antivirus, I will do a search for “whizbang antivirus scam” or “whizbang antivirus problems.” I would ignore any search results from places like “antivirussoftwareguide,” “trustedantiviruscompare” or “topantivirusreviews.” There are jillions of bogus review websites out there trying to lead people astray.
Check the settings on programs you use that involve other people, like Zoom, Google Docs, etc. Be diligent to double check the privacy and security settings, and be aware who can access your documents. For meetings on Zoom, for example, create passwords so only those invited to the session can attend, and restrict who can share their screen or files with everyone else.
Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.org