New Year’s resolutions are normally a flop.
You promise yourself with genuine determination that 2014 will be the year that you give up smoking, stop eating cheese sandwiches, or get fit by going to the gym twice a week, only to feel ashamed of your lack of willpower by January 17th.
So, I think that it’s important that new year’s resolutions should be truly achievable or not made at all. If they’re too hard, you’re just setting yourself up for failure.
So, here are my six simple new year’s resolutions that I believe every home computer user could follow for better security and privacy online in the coming 12 months (and beyond).
- Get an anti-virus. Whether you run a Windows PC, an Apple Mac, or an Android smartphone you need an anti-virus, and you need to keep it up to date. Most malware (over 200,000 new examples are seen by security labs every day) is written for Windows, but there are real risks for Mac and Android users too.
The good news for iPhone users is that there’s not really a threat as long as your device isn’t jailbroken. And even then, at the moment, there’s not much risk. Which is good news, seeing as Apple’s rules prevent decent anti-virus products being created for the platform.
- Stay patched. New vulnerabilities are found all the time, and some of them are exploited by hackers to steal your personal information or infect your computer with malware. You need to keep your computing devices up to date with security patches, not just for the operating system but also for other software (Adobe, Java, I’m looking at you…) that you might run on those devices.
- Encrypt your hard disk. It’s bad enough losing your laptop, or having your desktop computer stolen in a burglary. But it’s even worse if whoever ends up with your computer can access all of your private files, emails, photos and movies. Full disk encryption means that no-one will be able to access the data on your hard drive unless they can determine your password. It also may make the eventual disposal of your computer simpler when you upgrade.
- Password security. Stop using the same passwords on multiple websites. Remmber that if hackers manage to steal your password on one site, that could lead to them unlocking your other online accounts if you’re using the same key for each. Invest in good password management software to remember your passwords for you, as you’ll never be able to remember remember dozens of different complex, hard-to-crack passwords yourself.
- Social network privacy. Make 2014 the year where you became more serious about what you shared online, and thought more carefully about whether it was appropriate or might lead to difficulties or embarrassment if shared with a wider audience. Check your privacy settings as you can’t always trust the social network (yes, Facebook, I’m looking at you in particular…) to have your best interests at heart.
- Backups. Yes, this one is as old as the hills – but it’s alarming how many people still don’t bother to back up their data, despite it being cheaper and easier than ever before. Automate your backups so you don’t have to remember to do what is (admittedly) a rather dull job. You’ll thank yourself when disaster strikes and you can easily recover your precious files and priceless family photographs.
So, there you go. It’s far from a comprehensive list of what you need to do to stay safe and secure online, but I do believe these are all achievable resolutions for the typical computer user.
Good luck if you decide to adopt them. If you have further recommendations (obvious examples might be to be careful about opening unsolicited email attachments, or to keep yourself informed about new threats) , please feel free to leave a comment.
Let’s make 2014 the year when you got more serious about your online security and privacy.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
4 comments on “Six New Year’s resolutions for better home computer security”
All very simple and obvious recommendations – what is
amazing is that so many people still dont follow these so a simple
to read article like this is always useful. Your final point about
not ever opening attachments in unsolicited emails should be
expanded to also include to never click on links in emails as well.
Happy New Year !
Graham, have included a link to this post on my own list of cliches^W resolutions for this year (I promised myself I wouldn't look at yours til I'd dome mine – not bad for lack of overlap, thinks I!)
Dear Mr. Cluley: Your article on New Year's
resolutions prompts the following two questions. Please let me know
if my understanding is incorrect: 1. When someone breaks into a
major database (like Adobe) and retrieves all the customer
information, isn't it irrelevant what sort of password you
had for your Adobe account, as all the information on all the
customers is plainly visible to the thief? 2. Regarding encryption,
I have been researching TrueCrypt and it seems that, if you encrypt
a volume and then copy your files into that TrueCrypt volume, any
new files you create in that volume are also encrypted, correct? I
wish to encrypt my client files but it would seem that I cannot
make a new file in that workspace and then send it to my clients,
because it is now encrypted. If this is true, can you un-encrypt a
file before emailing it to someone? Thank you for your time and
consideration. I just discovered your newsletter while doing
research on TrueCrypt, and like what I see so far! Best
Peter, to answer your questions:
1. No. The point is that many people use the _same_ password for _multiple_ accounts (different websites, system accounts, etc.). So if they know you use a certain password here and they know you have an account elsewhere, they would likely try that password from the first place, in the second place. If you do use the same password in both places then you now have a problem!
2. I don't have experience with TrueCrypt but… there is a difference here: hard drive encryption means if someone were to access (they stole your computer, say) your computer they could not access the encrypted files without proper authentication. Meanwhile, files that you send _encrypted_ by itself to a friend or colleague would indeed need to be not encrypted, for them to view. But the difference here is any files in the encrypted volume cannot be viewed unless authorised (by say a password or pass phrase). Example: Linux has luks and cryptfs (fs = file system) and you can view the files, move files around, store files, delete files, in the locations that are encrypted as long as you have the password (whatever) to unlock it. But if you aren't authorised you cannot. Copying the files to a non encrypted volume means that the copy is not encrypted (KEY POINT: its more like the volume itself is encrypted: you can only view the files in it if you are able to unlock the volume. Encrypting files by themselves is something else and would need to be done for each individual file you want encrypted whereas files on an encrypted volume would be this way by default).
A real life analogy – your house and your house key(s):
Let's say you keep your passwords in your head (good on you if you do!). What would it be like if you could also keep your house (in the example, your house becomes the files on the encrypted volume) key in your head? Or perhaps you only could unlock your house with a passphrase (maybe entered in via a keypad) and there is no physical key. In that case the objects in your house are still their original form (right?) but you can only access them if you can enter the house. (Notwithstanding breaking down the door or shattering the window but for example assume that is not possible). In other words, you're keeping the data safe on the volume itself; if you were to also have a copy elsewhere then you'd need that encrypted if you wanted to keep it from others eyes. Does this help ? (Not that I will necessarily see your response, if you do respond, but hopefully it makes sense to you – if not, I apologise; trying to rush off for the night…).