≡ Menu

Checklist for Coffee Shop Computing

With all the news of the data breaches it is no surprise people are concerned with security when connecting their smart phones, tablets and laptops to the internet. However, most folks don’t think twice about connecting to free wi-fi wherever they go. This is a very risky situation and there are defensive actions and precautions to take.

Computer Updates, Security and Network Configurations

This is Tech 101 – always keep your Mac and Windows machines  and phones and tablets updated. This is imperative in today’s hacker environment. Here is a summary checklist for keeping your machine safe:

1. Run the updates for your Operating System. Microsoft and Apple provide tools to do this. Use the automatic update features or manually run the updates; either way, keep on top of it.

2. Disable “File and Printer Sharing” in Windows. Browse to https://support.microsoft.com and search for the solution

For MACs you can control sharing and the firewall. Details are here: https://support.apple.com/en-us/HT201642

3. Security Software

Be sure and run anti-virus software and keep it updated. There is a large selection on the market including many free options. Do your research and pick one and install at once if you don’t already have it.

4. Network Security

When connecting to public Wi-Fi networks use a VPN client. VPN or Virtual Private Network, is an encrypted connection to Internet. This is the only way to safely connect and a necessity in today’s environment. Do not skip this step, do your research, pick a company and get it installed.

A word on the difference and “S” makes

You may or not have notices the little “s” after the http prefix on the URL’s your are connecting to. That little “s” means a secure socket is connecting you and is a minimum requirement for securely connecting to websites. Always use “https:\\” before the address.

5. General Tips

Don’t do financial transactions over public Wi-Fi. This is a risky environment and you don’t want to take chances with your personal financial data.

Use strong passwords for all your logins. My previous article at …. Has a good overview of password best-practices.

Don’t forget to physically secure your laptop. Don’t leave it unattended even for a moment.

In our next article we will look at the “Cloud” and some best practices to protect your data while making it accessible from anywhere on any device. Until then, stay safe our there.

{ 0 comments }

Death and Taxes and Passwords…Oh My!

With so many digital assets in our lives these days it takes a wake-up call to realize how critical online accounts are AFTER we die. Everyone knows the famous two things that are certain in life – Death and Taxes. Recently in a church class, appropriately named “Set Your House In Order” a good friend brought in a Wall Street Journal article  “What a Tangled Web We Leave”  about the trials and tribulations for loved ones after a spouse’s unexpected death. Not having the  passwords to email, social media and financial accounts can be extremely frustrating. Make sure your survivors have the information needed to log on to all your accounts, especially at this very challenging time. In this next example someone got advanced notice and instructions BEFORE they died.
 
In those days Hezekiah became mortally ill. And Isaiah…came to him and said to him, “Thus says the LORD, ‘Set your house in order, for you shall die and not live.'” Isaiah 38:1 NASB
 
We usually do not get advanced notice that we shall die at any appointed time.  Most people don’t want to think of their mortality and put off getting their documents in order BEFORE they die. There are many sources on what documents are needed for your estate and one of the best summaries I have read is  “25 Documents You Need Before You Die“.

What about the Passwords?

 
Recent events in the lives of friends and family and business associates  have taught me that a big part of setting your house in order is manage your passwords. Yes, passwords. This often annoying but absolutely necessary  part of modern life can escalate to critical levels quickly after the death of a loved one.  Making password management a part of your end-of-life plan can be one of the most thoughtful things you do for your survivors. A word of caution – do not list user names and passwords in your will. After probate, the will becomes accessible to the public. Even if the estate does not go through probate the law requires that the will be filed.
 

Passwords – Making Them More Secure

 
In an earlier article, I wrote about ways to create and manage strong passwords. There are manual and automated ways to create passwords. For the security required today, I recommend using automated passwords with a mix of letters, numbers and special characters. To protect online accounts from hackers passwords must  be 14-15 characters long. If you need the reasons for that, just Google “Brute Force Password Cracker”. If you use simple passwords, especially words in the dictionary,  hackers can crack them in a matter of  seconds.  WordPress Security Expert Regina Smola has lots of great information on passwords and Internet security. This article from WPSecurityLock.com has solid advice on managing your passwords.

Passwords – In a Mobile World

 
Now that you are convinced you need strong passwords, you will need a management tool to keep track of them.  The days of keeping a few passwords on sticky notes on your monitor or under the keyboard are over. Why is that? The mobile device explosion has changed everything we knew about accessing online resources. If you need to log on to the bank from your smart phone, the stickies at home won’t help. So, what is the answer?

Password Managers – Which one do I use?

 
I have learned that it is impossible to keep up with passwords on paper. At current count, I have 107 passwords to various accounts online!  You might think that is absurd, but take an inventory of our own and good luck finding all the sticky notes! You will be surprised. The logical conclusion is: You need a web-based system (in the Cloud)  to manage your passwords. But you may say “I use the same password for everything”. Ouch! I once did that too, until I got hacked.  Don’t do that anymore! Decide to change your evil ways and use a Password Manager.

My two recommendations for password managers are Roboform and Norton Password Manager. I realize there are many other contenders available, free and otherwise, but these two have risen to the top as the best. A common element of both these is there is only one password to remember… the master password. Choose wisely and keep the master password safe. You can’t get in without it!

 
Roboform
Roboform has been around for years and has been the password manager of choice for many folks. There is a “free” version but you will need the paid version to cover your needs. The paid versions with a Roboform Everywhere account will enable you to synchronize all your passwords on all your devices. With mobile devices, the “everywhere” option is a must-have.  Roboform costs around $30 per year and has a long track record and lots of users. The”Everywhere” option is a subscription based charge that runs $10-20 per year. Roboform is feature-rich and still one of the best password management programs available.
 
Final Thoughts
Before you die, be sure and share the “keys to the kingdom”, that master password, with only your trusted family members, especially the executor of your estate. Be sure they know how to use the Password Manager and test the process. There are plenty of things for your survivors to deal with after your death. Don’t make the lack of passwords an additional burden. Set your house in order.
 
If you have comments and suggestions on password management, please share. What password manager are you using?
Have you included your “digital after-life” information in your estate plans?
{ 0 comments }

Thinking About Risk
As many bloggers have found out in recent times, the ease and joy of setting up a WordPress self-hosted blog can turn sour quickly. Reality strikes in many forms – hackers, hosting service issues, getting blocked by Google and countless other risks.

In the off-line world natural disasters, fire and flood can also put you out of business if you have data hosted on computers and servers in high-risk areas.

Are you running a business or is this a hobby?
If you are treating your sites as a business and a source of revenue, it makes sense to apply sound business continuity practices to protect you and your visitors. You should have a Business Continuity Plan and Disaster Recovery Plan.

What Is A Business Continuity Plan?
According to Wikipedia, a BCP (Business Continuity Plan) is “…the creation and validation of a practiced logistical plan for how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption”.

Let me translate: You must have a plan to recover from natural or man-made interruptions to your business. If you don’t, you are risking everything you have invested in your on-line business. So, what are the parts of a Business Continuity Plan?

For a large business with buildings and people working onsite, a BCP is fairly complex. The scope here is to focus on the small to medium on-line business primarily running in a virtual structure in cyberspace.

Here are some key points for building your plan:

Assess Risks and Take Action
Take the time to go over the things that could happen to your site. The focus here is the virtual world where your data is hosted but don’t neglect to evaluate your physical office, too. Once you have your list of risks, investigate options to mitigate those risks.
Risk – your hosting service is hacked either due to weak server security or outdated code. Be sure and have your part under control by keeping all code up-to-date. If your hosting service is a problem, you will need to consider moving your sites.
Other risks range from a crashed drive on your laptop to someone stealing your WP-admin user and password information. These and many other risks need to be accounted for and plans made to recover.

Backups – Your First Line of Defense
My friends at WPSecurityLock put it “We have backups of our backups!”. In the business world, data is a key asset and has to be protected. Get your backup strategy in place. At minimum back up locally as well as remotely. Windows has a backup utility built in. Use it! I also recommend an online service to keep your data safe. More articles on this crucial subject are in the pipeline. Stay tuned for more information.

Who has a Business Continuity plan in place? For extra credit…Who has tested their plan?

{ 1 comment }

Internet Change Your Password Day

This is NOT the way to manage your passwords!

 

“Internet Change Your Password Day”

This new annual event has been created by Internet Tech Guy to remind you to change your passwords on a regular basis.

Start with these tips and take action to celebrate Internet Change Your Password Day!

 

  • Make your passwords at least 14 characters…really!
  • Make your passwords a mix of letters, numbers and special characters.
  • Make your passwords unique to each account – don’t use the same password over and over.
  • Manage your passwords in a secure way – sticky notes under your keyboard will not suffice.
  • For more ideas on password management, see my earlier post below.

              What is YOUR password management system? I like Roboform – how about you?

{ 1 comment }

Thanks For Paying Attention!

We would like to send out a big thanks to everyone that participated in National Cyber Security Awareness Month!

I hope everyone will be more alert and PAY ATTENTION while on line.

‘Tis the Season!

The holiday season is coming upon us quickly and the retailers aren’t the only ones looking forward to sales and profits. The bad guys will seek ways to take advantage of the increased email traffic and scams and phishing attempts will be flying like reindeer. We at Internet Tech Guy remind you to keep alert and Think Before You Click on any suspicious or even non-suspicious emails.

Let’s all have a safe and happy season!

{ 1 comment }

National Cyber Security Awareness Month

As you know, this site is very focused on computer and Internet Security. Because of this focus, we at Internet Tech Guy fully support and endorse National Cyber Security Awareness Month (NCSAM).

This campaign has been conducted every October since 2004. It is a national public awareness campaign to encourage everyone to protect their computers and transactions on the internet. Here is a quote from the site Stay Safe Online:

“Cyber security requires vigilance 365 days per year. However, the Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the primary drivers of NCSAM, coordinate to shed a brighter light in October on what home users, schools, businesses and governments need to do in order to protect their computers, children, and data.”

Please do your part in these endeavors. The Internet is a fabulous resource shared by the world but it is not free of dangers and risks. Get smart about staying safe online by educating yourself, your family, and your company what it takes to get safe and stay safe – online!

This month our friends at WPSecurityLock are hosting a Website and Internet Security Telesummit. These events will take place during the month of October. Click here to sign up for these important and informative events!

“Get Safe and Stay Safe on your PC, Laptop and the Internet”

{ 0 comments }

Self-hosting Your WordPress Blog? Read This

My friend Regina Smola over at WPSecurityLock.com has written an excellent article on hosting services.

Click on over to read and learn from her experience helping hundred’s of folks to secure their WordPress blogs… (Read the article here)

{ 0 comments }

Internet Tech Guy wants to help spread the word to “Get Safe! Stay Safe!”

Many folks get malware links everyday in email. Be diligent, always! Please do not click the link! Pay attention to all email and think before you click. Here is a quote from my bank’s website from a previous scam:

”My Bank” is aware of a global e-mail virus with the subject line “Here You Have” or “Just For You” that contains a fast-spreading e-mail worm that mails itself to all the victim’s e-mail contacts. When the e-mail is opened, the victim sees a short message and a link that appears to be to a PDF file. If the PDF file link is clicked, the computer downloads the worm virus and propagates itself by sending e-mails to everyone in the victim’s e-mail address book. If you receive the e-mail message, delete it without clicking on the PDF link. Also, ensure your computer is updated with the latest antivirus and firewall software, anti-spyware and pop-up blockers.

Internet Tech Guy recommends you add common sense to your tool kit and NEVER click on a link from a source you don’t know.

Get Safe! Stay Safe!

{ 2 comments }

Whether we are casual web surfers or dedicated on-line business people, the primary tool in our technology kit is our web browser. In fact, the various browsers our visitors use shape much of the experience when they come to your site. With this in mind, pay attention to our blogging so that your site is attractive in the major browsers.

The debate over which is the best of the bunch goes on year after year. Many of us have settled on Firefox as our favorite but Chrome and Internet Explorer are stirring up the pot. Here is a quick overview and some ideas on how to use the most popular browsers. The big three are Firefox, Internet Explorer and Chrome.

Firefox is by far the most customizable and the countless plug-ins and add-ons have made it the favorite of on-line business people and serious surfers alike. For the security conscious the “No Script” plugin is a must. The community supporting Firefox is wide-spread and passionate and there is constant work to improve the experience. Though all of these contenders now include tabbed browsing, Firefox pioneered it years ago.

Internet Explorer 8 is a pleasant experience to use now, once you get past the set up pushing Bing and the “Live” products from Microsoft. All the major browser now share tabbed browsing, integrated search engines, custom toolbars and other features that have become common in today’s browser market.  For a good read, see what Microsoft has to say about security in IE8 in their comparison chart. It will be interesting to see what Redmond comes up with in IE 9.

Google Chrome is coming on strong and according to most surveys and speed tests, it is the leanest, meanest and fastest new guy on the block. Once more Google has struck gold with the browser which is a precursor of a coming Operating System of the same name.

There are other choices out there. If you own an iPhone or iPad, you are familiar with Safari. Safari has been improved and works well now in the PC world. One of the cool features is “Safari Reader” which highlights articles on sites by dimming out the sidebar content (which can be quite distracting). If you research a lot of articles, this alone may make it a choice for your browser toolkit.

Opera has a cult following and the iPhone version, Opera Mini,  is particularly attractive to me. It is a rapidly evolving browser and is currently on version 10x. One of the standout features of Opera is searching from the Address Bar. This is quite convenient at times.

So which browser do you choose? The contrarian answer is ALL OF THEM!  Here is what I recommend. Pick your primary browser for input work – writing your articles and blogging. My choice is Firefox. Then choose a secondary for other parts of your business – mine is Chrome. Finally, you cannot ignore Internet Explorer. Always check your blog posts and design in IE. It can be embarrassing to proudly link to a new post that look terrible in IE. Do good work and pay attention on your web presence through whatever browser lens others are using.

{ 5 comments }

May Day Hack Attack! The Saga Continues…

The aftermath of the on-going hacks directed at major hosting services continues to cause pain with those trying to clean up and restore their sites. Once again we at WPSecurityLock.com want to stress that these attacks are not limited to any one platform or any one hosting company. We have had reports for not only WordPress installations, but Joomla, Pligg and “Simple Machines Forum” as well.

This afternoon, Go Daddy reached out to us … click here to read more over at WPSecurityLock.

{ 2 comments }