Earlier this year, President Obama launched a $19 billion proposal to beef up the United States’ cybersecurity infrastructure. Thanks Obama. If you want to read about what’s included in his plan, this article does a nice job of summing it up.
Following in his footsteps, it’s time we review our own cybersecurity policies, and make upgrades wherever possible. Of course, none of us have $19 billion dollars to spend. Or even $10 billion. Or even $1 million… The good news is that cybersecurity doesn’t cost billions of dollars. It can be achieved on the cheap. Here are five frugal ways to upgrade your cyber awareness and protect your sensitive data.
(Note, we don’t have any affiliation with the products discussed below. This is not an endorsement of anything with the exception of strong cybersecurity morals.)
1. Use a free antivirus.
It’s true that you get what you pay for, as the saying goes. But antivirus software doesn’t need to be expensive. There are several free options, and even the subscription-based services are plenty affordable. Windows users have access to Windows Defender for free (Windows 8.1 or later), which is nice for those of you that prefer to “set it and forget it”. However, we strongly advise upgrading to something a little more, how should we say, advanced.
The same goes for Mac users, a lot of whom seem to be of the opinion that they’re immune to getting hacked.
Don’t be that person. Services such as Panda, Avira and Avast are all far superior to Windows Defender, are compatible with Mac, and won’t cost you a dime. For a detailed comparison of the best free antivirus software, we found this article to be extremely helpful (and here’s one slanted towards Mac). Also, don’t forget that your mobile device is a computer and therefore is just as susceptible to being hacked. Install an antivirus on every internet-connected thing you can.
2. Use a free malware scanner.
A lot of antivirus software is designed to scan for malware, but it’s nice to have a separate program that’s dedicated to updating its definitions and threat library. Furthermore, some of the free antivirus options don’t provide malware scanning unless you upgrade to premium service.
Just as a quick reminder, malware is a short for malicious software and comes in many forms:
Trojan Horses masquerade as legitimate software, only to later unleash their venom on your data and give cyber criminals access to your computer.
Bots infect your device which can then become an integral part of a criminal network, known as a botnet. Botnets are a collection of infected computers and mobile devices administrated by the bad guys at a C&C, or Command & Control server.
Spyware is software that usually collects personal information or reconfigures things on your computer without first getting your permission. It is one of the most common types of malware and literally spies on the end user, as the name suggests.
Adware, short for advertising-supported software, is often more annoying than hostile, but it can have harmful effects on your machine such as poor performance. Most adware is bundled with free software that forces popup advertisements to generate revenue for the author.
Viruses, a term often used as a blanket description for computer infections, is a sophisticated form of malware capable of replicating itself and spreading to other computers.
Rootkits are one of the most difficult forms of malware to detect due to their ability to alter virus detection software and hide their presence. Once installed, the attacker can remotely access a computer, execute files and steal information without the user knowing.
How do you get infected with malware? It’s really easy. Just click on any random links sent your way or, even better yet, download random attachments. (Don’t worry Mac users, you’re not at risk.)
While strong security awareness is the best defense, a program like Malwarebytes is free, easy to install, available on all devices, and doesn’t chew up resources.
3. Install a VPN.
Did you hear the one about the guy that got his credit card information stolen while on a public WiFi network? Or what about that time when a software company set up a rogue WiFi network at the Republican National Convention and got 1,200 attendees to connect?
Whew, that’s some scary stuff. Good thing we all use a VPN on our mobile devices before connecting, right? A VPN (virtual private network) encrypts your internet traffic so cybercriminals can’t poach any data—some of which is sensitive like log-ins and passwords.
Unfortunately, here’s where you’ll have to fork over some cash. VPN services will cost you somewhere around $5 to $10 a month, depending on which subscription you choose. But they’re a vital part of information security if you ever intend to connect to a public network with your mobile devices or laptops. Here’s a list of VPNs for you to browse. Look for one that allows you to install on multiple devices. Additionally, some antivirus software subscriptions provide a VPN as part of their service, so you could kill two birds with one stone by going that route.
4. Forget your passwords; get a password manager.
How many online accounts do you have? Five? Ten? Possibly 20? And how many of those have totally unique passwords? Three at most?
Organization of log-in credentials and passwords is difficult. Every time you sign up for a new service, a new account is required and, by extension, new log-ins and passwords. As a human being, there’s no way to memorize all that information. Furthermore, updating all these accounts on a regular basis adds to the frustration, leading to what researchers call security fatigue.
Password managers are here to help. Sometimes referred to as a password vault, this cloud-based software stores all of your log-ins with usernames and passwords and syncs them across every device. Once installed, you set up one master password, and the rest is done automatically.
Even better, some password managers can store your personal information such as billing and shipping addresses, phone numbers, multiple email addresses, even credit cards and national identification numbers. All it takes is the click of a button to autofill forms online when logging in or making purchases. Trust us that once you get a password manager in your life, you will be spared of security fatigue. And per usual, we went ahead and googled it for you; here’s a great write-up of the best password managers available for every device/OS.
5. Back that thing up.
You may not view redundancy as a form of cybersecurity, but then again you’re probably not a security expert. And that’s perfectly okay. No one needs to be a security expert to understand that if you lose your data, and you don’t have the proper backups in place, that data is gone forever.
In the security world, we have what is known as the CIA Triad, which equal parts Confidentiality, Integrity and Availability. It is considered to be the cornerstone of information security. Maintaining regular backups falls into all three categories:
- We need to have secure backups that criminals can’t compromise (confidentiality, otherwise known as privacy).
- We need to have reliable backups ensuring that our data is always duplicated correctly (integrity).
- And we need to have multiple backups so the data is always accessible (availability).
There are a ton of backup services available. Some are free, others are subscription service, some use the cloud, others are strictly local. It’s on you to do some research and determine what solution best fits your needs (and don’t forget about your mobile devices!). Once you find the right service or software, maintaining regular backups is simple. We recommend the 3-2-1 backup philosophy: have three copies of your data, on two different types of media (hard drives and optical discs, for example), including one offsite.
So there you have it. Five easy, inexpensive ways to improve your cybersecurity. And the common theme with all of them is that they don’t require you to be an expert or even have a smidgen of technical skill. As always, common sense is your best defense, which just happens to be free.
Latest posts by Justin Bonnema (see all)
- 2019 SAP Planning Calendar - December 11, 2018
- Incident Response in 3 Domains - November 30, 2018
- How the NIST Framework Improves Your Organization’s Cybersecurity - November 15, 2018