Practice Online Information Security Through Basic Risk Mitigation

Since writing the article on password configuration and scams, I've received a few questions about password storage and how to reduce risk online. So I'll address some basic principles of mitigating the risk of someone accessing your private information.

Password Managers—

More than a few people asked me about password managers like LastPass and Keychain. Those are both excellent options and they are more secure than the average user's password storage practices. You may know someone who employs my favorite password management method, the complete password or passphrase written out on a sticky note stuck to the monitor or other obvious location in the workspace.

If you fall into that category and just can't remember passwords, you should at least consider hiding the sticky note or using a service like LastPass to help you manage them.

Whatever you do, don't save your password to your browser.

Mitigating Risk for Compromised Cards and Stolen Identity—

There are some other risky online practices that often result in a compromised card, stolen identity, or worse. Compromised cards are fairly easy to prevent. You can mitigate your risk in this area by using a re-loadable credit card for online purchases or using a third party payment service. I recommend ensuring that you're using a secure site where the payment processes using SSL (secure socket layer).

You can check to see if a site is secure by clicking on the lock icon in your address bar.

Internet Security SSL

Anti-Virus Programs and VPNs—

A good anti-virus and security program like Kaspersky will also help keep you safe online. It will prevent you from going to sites which may compromise your network, device, or data.

If you're the type who likes to do online banking and also uses public WiFi, I cannot stress the value and importance of using a VPN (virtual private network). Using a VPN will allow you to access sensitive data like health or financial records on a public WiFI network without all the risk. I like Private Internet Access VPN (PIA VPN).

Internet of Things (IoTs)—

The last thing I want to address is Internet of Things or IoT. IoT devices like Google's Nest thermostat, smart TVs, and even internet connected light bulbs. These devices are rarely secured and, even when they are, they're not particularly hard to hack into.

Because these devices connect to your network, an intruder could easily access other connected devices. I accept the fact that many people will ignore the risk and buy the internet connected refrigerator, but I always try to persuade people to evaluate what they're getting compared to what they're risking.

Admittedly, it is convenient and cool that a smart fridge can send you a text message telling you you're low on orange juice, but is that convenience worth the risk? That smart fridge is a potential point of ingress to your home or office network, and the potential for damage usually outweighs the benefit of convenience.

If you must use IoT devices, use them sparingly and configure a good passphrase for them whenever possible.

In Conclusion—

If applied, these tools and tips can help keep you and your data secure. Stay safe out there.

If you like this content, you can check out my other cyber security posts listed below. If you have a cyber security question, feel free to leave it in the comments and I might be able to address it in this ongoing series of posts all about staying safe in the cyberworld.

About Jason Gibson

Tech, history, and criminology geek with over ten years experience in digital and physical security roles. B.A. History/Criminal Justice and M.S. Information Assurance/Cyber Security. Blessed to be alive and grateful to be able to continue learning and sharing.

Leave a Comment