Semper Vigilans
There are plenty of programs waiting to attack your computer in cyberspace: malware, virus’s, trojans, worms, phishing, and other assortments of strangely labeled nasty code. Their purpose is to take your personal data (credit card info, phone numbers, addresses, license numbers, social security numbers, etc.) off your computer. This information is then sold to identity thieves, or it is used against you by the hackers themselves. Adding to these worries, should a hacker gain access to your computer, he now has the technology to remotely wipe your hard drive of all applications, and data. Overall, accessing the internet today is like entering a form of a digital mine field.
To help deal with the challenges we all face using our computer’s on the internet, the National Security Agency has produced an excellent article for keeping your home network safe. Even if you have only one computer, the article is worth the read. You can find it at:
www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf
After nearly 40 years in retail management, working at the store level, field level, and in corporate offices, I have had to deal with the results of a lot of theft, either from robberies, shoplifting, or my own employees. Though there are always some commonalities in thefts in the retail world, two in particular stand out:
- There was a process or processes in place at the time of the theft that either would have prevented the theft in the first place, or at least impeded and limited the real loss. Unfortunately, that process was either not implemented, or only partially implemented at the time of the theft.
- No one challenged the validity of the process itself prior to the theft. Could the process be circumvented? Was the process in its current state even useful? Without challenging processes on an ongoing basis, one will never know there is a problem exists with a process until it is too late. Then, fixing the process is like closing a barn door after all the animals housed there ran off. Needless to say, in my retail life, I spent a lot of time asking and answering this question, “If I was a thief, how would I deal with this process?” Once I had the answer, I adjusted the process, and then asked myself the same question again.
To ensure the security of your data on your computer, make yourself aware of the current processes available to you to protect the machine, the network its on (if applicable), and all the data stored there. Once you begin to implement these processes, inevitably, you will have to make a decision between the amount of security you use on your computer, and the convenience you need to operate it. You will have to balance the two. Finally, challenge the processes you have chosen from time to time to see if they still make sense to you. Adjust, adapt, drop, or add a completely different process to accomplish your security goals.
I saved the best piece of advice for last, be semper vigilans (always vigilant).
The Problem With Complexity.
One of the goals of technology is to make our lives easier; however, with technology comes change, and an element coming from the use of a new technology, is some degree of complexity. One has to learn a new way of doing something, and/or adapt a behavior to this new “way” created by the technology itself. I feel an outgrowth of this is in problem solving. When a problem appears, many of us, by default come up with a complex solution, probably because we are used to dealing with complex issues. Unfortunately, as often as not, the simpler outcome rests unobserved right in front of us. The rest of this article will focus on simple solutions for vulnerabilities that when left unattended can compromise the security of your computer and your data.
Simple Ways To Keep Your Mac Safe
1. Passwords: Make sure your computer needs a username and password to login (in Preferences > Users & Groups, turn Automatic Login to Off. You can set usernames and passwords in this same area). Change your passwords on you computer, or any program that you feel is highly sensitive every 30 days, or anytime you feel the passwords may have been compromised. Make the passwords at least 10 characters, and use numbers, !, $, and some other form of character in the password. Do not use actual words, birthdays, names, etc. Do not use the password for you computer, or for any sensitive program over again on something else, like Facebook, You Tube etc. If someone has access to your key passwords, they will also have access to everywhere you used its duplicate.
2. Update Programs: Stay on top of this especially with the operating system, browsers, and mail clients.
3. Anti-Virus: If you don’t have an anti-virus program on your Mac, install one. This isn’t “the good old days” anymore. As we have all seen in the last couple of years, Macs are becoming more and more vulnerable. In Part 1 of this article, written on 4/23/2012, there are some suggestions for a couple of free anti-virus programs. Both are very good. After you install an AV program, be sure it is always up to date.
4. Email: Follow a simple rule: If you don’t recognize the author, don’t open the file. Absolutely don’t let curiosity lead you into opening an email attachment from someone you do not know. Email is an excellent way to allow bad things into your computer.
5. Firewall: You Mac has a built in firewall. If your computer is sitting behind a router (most routers have a hardware firewall already), you are usually pretty safe. Just to be extra safe, click on the Mac’s internal software firewall. You can use the button to turn it on in Preferences > Security and Privacy.
6. Monitor Your Network: I think the best monitor out there is Little Snitch. There is a trial version available, that you need to restart every three hours, or you can buy the full version $34.95. I use the trial version (it has all the same features as the one for purchase). The software is so good at displaying what programs are accessing your network, that some forms of malware actually search for Little Snitch, and will not install if it is found on the Mac. You can find it at:
http://www.obdev.at/products/littlesnitch/index.html
7. Encrypt Sensitive Data: You can encrypt your whole hard drive with software already on your Mac, which may be a little over-kill for most of us. A program called True Crypt will create an encrypted container, of any size you wish. You should name it with either a “.jpg” or “.doc” tag, such as: Flowers.jpg or Liver.doc. To the casual observer, the file will look like a “saved” picture or a Word document; however, inside will rest all the data you wish to keep private, totally encrypted. True Crypt has an interface available to encrypt/decrypt your container. It is very fast, and safe. I have used it for years. For more information, please see Part 2 of this article, dated 5/01/2012. You can find the program (free) at:
http://www.truecrypt.org/downloads
8. Surf The Net Anonymously: Tor, hands down, is the best way to do this. The software includes a program that accesses the Tor network, and a modified Firefox browser to use while on the network. The software is used by companies, military, and by people who don’t want to be tracked on the internet. More details are available in Part 2 of this topic, dated 5/01/2012. You can get the software at:
9. Backup Your Data: A complete plan on how to do this is in Part 3 of this article, dated 8/15/2012. Be ready for disasters that mechanical, man-made, or acts of Nature.
10. Turn Your Computer Off: It’s hard to hack a computer that is not “On”; however, you have to make sure your Mac is safe when it is turned off. To do this, go to Preferences > Energy Saver, and uncheck the box that states, Wake On Lan. Without doing this, a hacker on your network can actually turn your computer on through Ethernet, and do evil things to your Mac. While you are in the Energy Saver area, take a look at the schedule option. You can set both “On” and “Off” times for your Mac. I have both my Macs set to go “On” when I normally use them, and go “off” at a time I am normally out of my office. A prompt appears on the screen 10 minutes before the computer shuts down, advising you the event is going to take place, and if you are still working, you can then cancel the process. At night my computers are off, and when I come into my office in the morning, they have just clicked on, and are waiting for me to log in. Besides being safe, it saves energy too.
Summary
That’s it. Ten simple little things that will save the integrity of the data on your computer, and you a lot of time and aggravation created from the results of some kind of hack. Find the balance you need between security of your data and the convenience you want in using the machine, periodically challenge the processes you are using, and always be vigilant. The best of luck to you…………
–Larry