The most important tool is your internet connection itself. Whether you are using a residential provider like Optimum internet, or something geared toward mid-sized businesses, your first priority is to have fast and reliable service that you can lock down and limit access to only the people you authorize. Most of the really bad exploits begin with the compromising of the connection. Secure that correctly and you have won half the battle.
Still, you really do need both great tools and best practices. After all, even the best locks are easily neutralized if you open the door to strangers. All a criminal needs do to breach your home security is knock. If you open the door even a crack to anyone who knocks, don’t even bother with the alarm system. Your own worst practices have defeated it. Here are some of those best practices that will keep you safer, especially when they are coupled with the right tools:
Develop a Written Policy
Whether at home or at work, if you want people to behave a certain way, you need to have a clear policy about those behaviors. Don’t just assume your teens know internet best practices. They don’t. Write it down and enforce the safety practices you’ve deemed appropriate.
It is not just the home that is missing these best practices. Many companies are missing basic network security policies. Recent studies put the number at roughly 40%. That is a lot of companies without an adequate network security policy.
This article cannot contain all of the best practices you will need to keep your family or company safe on the internet. But if you can just develop a coherent policy with two or three items, you will be well ahead of the game.
Recognize Phishing Attacks
The digital equivalent of knocking on your front door to get you to unlock it is phishing. That is when someone sends you an email and asks you to give them your passwords. Of course, they don’t tell the truth about who they are. They dress up like the UPS man, or an Apple tech, or a bank representative.
They also do not come right out and ask for your passwords. They concoct a scenario where you have to input your password to provide access to some sensitive data. And they helpfully supply the link. The scam makes it look like Apple is sending you a notice saying something is wrong with your iTunes account and it will be suspended until you provide some critical input. You follow a link from the email to something that looks like an official site. Then, you give them everything they need.
Defeat this easily by never following a link in an email, especially one that leads to inputting critical data like a password. Even if you’re pretty sure it’s legit, you should ignore the email. Go to the site directly from the browser. When you do, you will discover that the email was a scam no matter how official it looked at the time.
Again, don’t bother trying to figure out if the email is legit. It doesn’t matter. Never follow links from email. Enter the site in question from your browser or an app. Call the company if you are still not sure. This will eliminate almost every phishing scam no matter how cleverly crafted it is.
Stop Downloading Apps from Download Sites
The best free app download sites are still loaded with apps full of spyware and viruses. Only get apps directly from known developers or from the official App Store for your device. Break this rule at your peril.
Pair your best security tools with these best practices: Develop a written policy. Learn to recognize and avoid phishing. And for goodness sake, stop downloading apps from places other than a trusted developer or the device App Store.