Security Checklist for busy people


Of course we have all heard the scare stories in the media about passwords being compromised and personal data accessed. Most of these are scare-stories that the media like to jump on for a headline. But there are some simple things you can do to help stop a hacker. And hackers are more common than you might think. If you use the internet for anything personal, just spend a few minutes tightening up your data, it could save you losing something valuable to you – money, photos, etc.


The first thing to say is that security is not a 0 or 1, it is not on or off. Security is something that gets tighter according to what you are protecting, and where it is.


When people ask “are your systems secure” what they really mean is “can a motivated hacker get in”? This is rather like leaving your bike unlocked. If someone is looking for an unlocked bike, they will steal it. But if no-one in your neighbourhood wants to steal your bike, it is “safe” to leave it outside your front door unlocked.

On the other hand, if you live in a neighbourhood where bikes get stolen every day, you want to lock up your bike. Maybe not only with one lock, but 2 or three. The more locks, the more secure your bike is.


The advent of the internet meant that people anywhere across the world can access your data if they really want, they don’t have to live in your neighbourhood. So now you have to ask yourself, not “is someone in my neighbourhood likely to steal my bike” but rather “how much is my bike worth if it gets stolen”? How much is your personal data worth if it gets stolen?

 
One way of approaching this is to divide your data into 3 areas-

1.       Don’t care
2.       Annoying to me if it is lost
3.       I can’t lose this !

If you register for a website, and they send you as confirmation the password that you used to register, you know immediately that this is a site with no security. Your password is openly available to anyone. This is a 1. website. If it’s in 2. or 3. category, don’t use that website any more!!!

Every time you use a password to log into a website, think, is it a 1. 2. or 3. Website? :

-          If it’s 1. you can use the same password for every website. One you easily remember, that doesn’t matter if it’s lost, for example your streetname and house number.
-          For a 2. website, you need to think of a complex password that can’t easily be guessed.
-          Number 3 website, E.G banking, personal photos, etc, use a different username and complex password for every website. Keep them in a password database or encrypted file so they can’t be read by someone else. And change them regularly, E.G every 3 months.

 
Finally, it’s not cheating to use a password database, just make sure it is password protected and encrypted! Like KeePass.

 

 

 

Comments

Post a Comment

Popular posts from this blog

Restore a deleted OneDrive for Business account from Office365: "A site collection with the same Site Id or Path already exists."

If a user has left, their license gets removed and their OneDrive for Business account gets automatically deleted for a period of 93 days. If you try and restore a user, and un-delete their OneDrive, you run into a problem as restoring the account atomically creates a new empty OneDrive. Restoring gets you this error:- Restore-SPODeletedSite : A site collection with the same Site Id or Path already exists. You have to permanently delete the new empty OneDrive account, then restore then old deleted one back:- To delete permanently the newly created (empty) site:- Remove-SPOSite -Identity https://xxxxxx-my.sharepoint.com/personal/xxxxxxxxx To restore the automatically deleted (full) site:- Restore-SPODeletedSite -Identity https://xxxxxx-my.sharepoint.com/personal/xxxxxxxxx
Read more

Server Manager will not start, error .NET Framework: "This application requires one of the following versions of the .NET Framework:"

Server Manager will not start on Windows Server 2019 after installing ADConnect. Error ServerManager.exe: This application could not be started. .NET Framework: "This application requires one of the following versions of the .NET Framework:xxxxx Do you want to install .NET framework now?" Of course it's already installed automatically on the server, so if you try and install it again you can't, error "already installed". Try the .NET repair package, can't repair the install. Try dsim.exe to install the package, error "Microsoft .NET Framework is already part of this installation". .NET Runtime version : 4.0.30319.0 - This application could not be started.This application requires one of the following versions of the .NET Framework:  v4.0.30319 The answer is to re-create the registry entries deleted when you installed ADConnect:- [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319] "AspNetEnforceViewStateMac"=dw
Read more