Security for Everyone!

Security tips for end-users – Part 2

Last week I wrote part 1 for these Security tips. Here is part 2. Although I would recommend you read last week’s post, both parts are independent of each other so that you can read part 2 without haven’t read part 1.

Tips reviewed last week:

  1. Password Management
  2. Keep your operating system updated
  3. Use an anti-malware
  4. Backup strategy

And now, the rest.

5. Careful with external drives

Picture this: you are at the airport, waiting for boarding your flight back home, after a long week working with a client. Granted, at the time I am writing this, with almost the whole world confined because of COVID-19 and flights reduced to practically zero, this scenario is not very likely to happen. At least for a while. But for the sake of the exercise, please, bear with me. So, as I was saying, you are at the airport, and you find an external drive or a USB stick. What do you do? Plug it in your USB port, generally after having tried three different positions, like this?

No matter how many times you tried to plug the USB stick, but if you did try at least once, repeat after me:

I will never plug a drive or a USB stick for which I do not know its content.

Even if the drive is coming from a person you know, always ask what it contains, not only for security reasons, also for privacy. I know it is hard not to fall to the temptation and that you are curious about what treasures you might find, but remember this: curiosity killed the cat.

6. Careful when sharing information

Whether it is a social network or an online form you are filling in, always have in mind if the information you are putting in there is needed. I am not saying you put wrongful information when buying from Amazon; otherwise, you will not get the merchandise you ordered, but just share what is needed. Are you publicly sharing a picture on Facebook? Make sure it is either not showing information that could indicate the place where it was taken. Do you think that site where you create an account needs to know your real birth date? You can always put the year minus 2, and a different day and month. Are you using still your actual mail address like [email protected]? Well, maybe you can use a disposable one. Here is a shortlist of services providing temporary emails:

As usual when I provided several options regarding a service, I cannot say which one is the best. It is not the goal of this blog.

7. Banking or shopping? Use your own device

If you need to log into your bank account using the e-Banking solution provided, always use a device you own that is up-to-date and fully patched. You do not want to use that PC in the hotel lobby. Believe. You don’t.

Same thing applies when shopping or connecting to your web email. Basically, do not fill any login form using a device you do not own. And if you do, make sure you change your password afterwards, and also clear your browsing history and cookies.

8. Emails

We already mentioned this a few weeks ago, dedicating a full post about it, but it needs to be included in this list. Phishing emails are the primary attack vector used. So be careful when clicking in links contained in emails you do not know the sender. And of course, do not open any attachment that you are not expecting.

Should you follow these tips, will you be fully secure? The answer is no. There is no 100% or entirely in security, and I would even say anywhere. But for sure, you will be in a better position to prevent a disastrous event.

Let me know what do you think! And stay safe!

Leave a Reply