Close Menu
blog
Dorchester Computing Blog

Top 5 Tips to Keep Your Data Secure

by Tim Lawrence | Jun 13, 2017

1: Exercising caution on emails and online

The best defense is to not have anything test your defense. Exercising caution on emails and unknown websites is the best policy. There are a few tricks you can use to better protect yourself.

By using an Adblock add-on in your internet browser, you can avoid many suspect advertising links or redirections that can bring you to a place where you don’t want to be.

With emails, the best two things you can do is check the legitimacy of who is sending the email. If they claim to be a bank, make sure the sender is from the bank as it will normally be some department or a no-reply. An email from aahtrnedn@outlook.com will definitely not be part of the bank. This is normally shown beside the name at the top of the email, or if you right click on the sender’s name and left click on Open Contact Card, it will show you the email address.

The second important part is to check on the link that they are trying to get you to open. By hovering over the link in the Outlook message, it will tell you what website the link will bring up. Anything that doesn’t look right should be avoided. Most of the time going to the actual website listed in the email will get you to your location. For example, if the email says to ‘see your bill, go to http://company.com.au/viewbill’, instead of clicking on the link and type the address in a browser. This will take you to the right location and avoid any misdirection.

2: Having a good antivirus and an up to date operating system

The second important thing to have is to have a good defense. A good internet security suite with an updated operating system will protect against 99% of the malicious software out there, and be able to remove/restrict any that do get through.

Not all antiviruses are created equal. At Dorchester, we are constantly evaluating security systems to recommend the best one for your computer. The main point we look for is their efficiency at keeping the bugs out as well as the program’s performance to ensure the computer doesn’t slow down to a crawl when it’s running, causing interruption to your day-to-day operation.

At this stage we are recommending Eset Internet Security for home users and Sophos Enterprise for Business users. Please feel free to double check with us when your antivirus comes up for renewal, as products do change from year to year and we match our recommendations to suit.

3. Email protection

We have all suffered through the multitudes of junk emails being sent to our inboxes without much way of stopping them. For people using their internet providers’ (ISP) email address (i.e. myname@bigpond.com), there isn’t much you can do as your ISP provides this as free service.

For any personal email accounts, we recommend a Gmail or Outlook as email providers. They will work over any internet, can synchronize with phones and have much better services than a free ISP email will ever offer. The only other way to filter junk and nasty emails is through a program on the computer receiving the email. Most security suites will offer a junk mail filter.

For those users who have emails with their domain attached to their email i.e. bruce@wayneindustries.com.au, there are a few additional options to look at. For a majority of sites, we recommend looking at using Spam Experts as a filtering service for both outbound and inbound emails. We have rolled this service out with great success, with less than 15 junk emails from the 12 different sites, including our own. Setup is easy to complete and acts as a backup email cache in case of server outages. For people who have their own email server deployed, a localized security system such as Sophos will do a good job as well.

Regular updates to local computers and keeping antivirus up-to-date will keep nasties out of emails and websites.

4. Having a good backup in place

Let’s start with the definition of a backup: “a copy of a file or other item of data made in case the original is lost or damaged.” This can be an online data storage (like Dropbox, One Drive or Mozy) or on a physical media (like an external hard drive, USB flash drive or simply on another computer). Best practice states to account for instances of fire or theft. With physical media, we recommend a fireproof safe or a copy to be taken offsite and kept secure.

Online storage is much easier in cases of fire, as it is already offsite, but there needs to be some mechanism to lock down a stolen computer so that the information can’t be used. Thankfully most data storage companies have a system in place to wipe remote devices. The only issue is that the computer will need to be connected to the internet to receive the wipe command.

The frequencies of the backup should also be taken into account. A backup from 6 months ago might seem like starting again if there is a lot of information being generated daily. Our rule of thumb on this one is: How much data can you afford to lose? For some people who touch their computer once a week, going back a month is losing 5 files and a few updates. For others we have setup hourly backups.

This factor, along with how much data to backup, will determine what type of backup you use. For corporate users, we set up two different systems. One to backup hourly and another to take a daily snapshot of the backup to be kept offsite. For small business and home users, using an online storage company, or having a single drive as a backup, can be sufficient.

Different systems require different types of backups and we are always happy to evaluate any customers’ backups or answer any backup questions.

5.  Strong passwords

No system is secure if anyone can just unlock the handle or type in 1234 as a pin code. Having a secure password is important on the internet, and for the security of your computer. As with all the above items, the level of password required is wholly to do with the user’s requirement and what they are accessing.

Best practice recommends to use a non-dictionary word, as long as possible, have all the 4 types of characters randomly inserted (capitals, lower letters, numbers and symbols). Bear in mind, resetting the password every time as you forget isn’t helpful either. My rule of thumb is to have at least three passwords that are remembered easily enough, but do not contain a birthday or a pet/family member in them.

The first password set is your most secure password. This is for banks and any other website that will be catastrophic in the event of a hack. As this should only be a few websites, the more unique passwords the better and if you can help it do not store it anywhere either.

The second password set is for your trusted but non-mission critical websites. This is for email logins, Ticketek, Netflix, utility websites and any other reputable companies you need to access to from time to time.

The third password set is your untrusted locations. Places that want you to sign up for a promotion, forums, or anything where you aren’t too concerned if they are hacked.

Keeping the variations up but having a similar password can work in these examples as well. I.e. If my password is ‘Parking11’, variations could be: P@rking11, Parking1!, P@rK1ng_11, pARKING11. It is still possible that someone who has a Facebook username and password would be able to use it to log on to a Twitter account. But the chances of failing enough times to hit a security block is higher than just using the same password over and over.

Also most importantly, try to enact a 2-step authentication wherever possible. This can be just for changing passwords or logging in. The CEO of Steam (the top online distribution of games) released his account username and password publicly as a challenge to get around Steam’s Security with its 2-step authentication. Any user logging in from a different location was challenged with an additional login request that was sent to his email and a separate app on his phone, which no one could access. To date, I believe that challenge still stands. 

leave a reply
Categories
Comments
Recent Posts
Tags
Archives
Share
Be in control of your IT.

Contact us today.

NAME*

COMPANY
EMAIL*

PHONE
MESSAGE*
Send