9 Basic IT Security
Before you commit important information to computer memory, you need to consider IT security. This is a non-technical introduction to IT security. For a technical introduction, take a class like IT Security+. What follows are security tips that will be helpful to any computer user.
- Nothing digital is really secret. There are too many ways for data you type on a keyboard to leak out to somewhere else! If you have highly personal information or private account information that would damage you in the wrong hands, keep that information in secure physical storage, not on a computer.
- Nothing that goes over the Internet is really secret at all! Think about that before you message or post! You can try to keep secrets with things like Virtual Private Networks (VPN), but that sort of secrecy is relative, not absolute.
- Your information is only as safe as your backups. Even in the best of times, all your physical equipment is going to fail someday. (It all wears out due to heat, friction, mechanical failure, magnetic fatigue, etc.). Any information you want to keep must be backed up. I recommend backing up your information at least twice. Be sure at least one of these backups is not in the place you live or work. Why? Fire, flood, earthquake, theft, bomb – use your imagination! Anything physical can be lost or stolen. Don’t trust your backups to just one physical location. Computers are fairly easy to replace. Information you have accumulated over the years is not so easy to replace.
- Trust, but verify. To do anything over a network, you have to take some risks. Web pages and emails can be faked by bad actors. If it looks wrong to you, it probably is wrong. Don’t click on that one! Find trusted sites you can really rely on and focus most of your work on those. Do not take anything for granted. Check and recheck and recheck the sites you use to be sure they are what they claim to be. Popups, in general, are bad news. At best, they are full of annoying ads. At worst, they are full of malware. When a web site starts showing me a lot of popups, I head for a different site. Avoid opening email attachments unless you are absolutely sure you really know who sent the message and unless there is a good reason they would be sending you that attachment. As far as contests and free stuff in general – “if it sounds too good to be true, it is too good to be true!”
- Whenever possible, use two-factor authentication. That includes fingerprint readers, short message service (SMS) texts to your phone number, or physical security keys. Even long and complicated passwords can be stolen. When you do need to rely on a password, make it fairly long and complicated – but most importantly – do not use the same password on multiple sites! If your password gets cracked or stolen on one site, you do that want that to affect your whole digital life. Use a password manager to keep track of multiple passwords. Or write them all down and keep them in a safe place.