Sécurité IT en toute simplicité

Security tips for end-users – Part 1

Whether you are working from home, in an office, on the train, or in a café, there are some things you can do to ensure you are secure. Of course, you might cross people stating that these security actions are useless or not needed. They might say that you just need to be careful while navigating on the Internet, careful with emails, and so on. But security is something everyone needs, even if they do not like that idea.

One thing to keep in mind is that there is no dependency between these items you will see, as well as there is not a priority defined. You can start from the beginning or the end, but the more things you mark as checked, the higher your security posture will be.

1. Password management

By now, I believe this is the topic you have heard the most. With all these data leaks where user information is taken, including password, we all know the « single-password-strategy-for-all-services » is not the winning one. Right? Right??

So the best approach is to have different passwords for every single service you use. And unless you have an incredible brain capable of memorizing complex passwords and not mix them between services, you will need a password manager tool. I am not going to compare which one is the best; you can find lots of sites where this is done. But just use one. Please. Here is a non-exhaustive list:

Up to you to decide which one to use. For what is worth, if you read their websites, every one is the best.

If you want to go for the extra mile, combine complex passwords with Multi Factor Authentication. Most online services offer this option, and you should take it.

2. Keep your Operating System updated

No matter what OS you use, Windows, Mac, or Linux. They all have bugs to fix, and their editors release fixes from time to time. So it is really and easy thing to check on a monthly basis at least, if new patches are available. Most updates are almost transparent, needing a restart to complete the process.

Simple, right? So what are you waiting for?

All updated!

3. Use an anti-malware

« But I use a Mac, I do not need that. » Yes, you do. You do not know it yet, but believe me, you do. But if you don’t, just read this report from Malwarebytes. I quote:

[…] the average number of threats detected on a Mac is not only on the rise but has surpassed Windows—by a great deal. This is likely because, with an increasing market share in 2019, Macs became more attractive targets to cybercriminals. In addition, macOS’ built-in security systems have not cracked down on adware and PUPs to the same degree that they have malware, leaving the door open for these borderline programs to infiltrate.

State of Malware 2020 – Report from Malwarebytes

I think Windows users have already accepted the fact that they need anti-malware. But in case you find some people with the same arguments a Mac aficionado has (do not tell them, there are some fanboys not agreeing that they do not agree on anything ?), show them the above report.

And, just like for the password manager, do not ask me which anti-malware is the best in the market. Here is another list with some options:

Notice that some are available for Windows, Linux, and/or Mac.

4. Backup strategy

Again, this is a topic widely discussed for the last 5 or 10 years. To back up or not to back up, that is the question. Well, to be honest, this should not even be a question. You need to back up. Period.

You can take different approaches, based on what risk you want to reduce: physical failure or human error. The first one is the one I am talking about in this post. The second one is another topic, with offline backups and so on. Notice this includes the ransomware damage, so another reason to use a good anti-malware.

But, to avoid losing data because a hard drive, a USB key, or any other physical device that can contain data has given up, the best solution is to use online storage. And, just like before, you know that by now, I will not tell you which one you can use. You have here some of them:

As I said, these services will protect your data in case of a physical hardware failure, or in case you lose your laptop, or you are the victim of a home burglary. It will not protect in case you accidentally delete a file, and you would like to recover it. For this, you have other services like:

These services will allow you to have different backup versions so that you can come back to a specific point in time.

Next week we will have part 2. Until then, feel free to comment.

Stay safe!

Laissez un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Commentaire sur “Security tips for end-users – Part 1”