Windows

10-point plan for Internet security to Fully secure Data and Transactions

There are so many Internet security advices today that they're going to blow you over. Work better through this 10-point plan and then sit back and relax

Security on the Internet, online banking or using credit cards:



These topics are inexhaustible. Therefore, at some point, the impression arises that the evil is lurking on every virtual corner and just waiting to snatch your data and your money. It is often forgotten that service providers do their utmost to keep security as high as possible.

However, some hurdles and dangers are not technical in nature, but are built up in the mind: in diffused fears, our imaginations create threats where there are none.

The best example was the reaction of our readers when PostFinance announced it was giving up the yellow box in favor of an app solution: the reactions were mostly negative because they feared a reduction in safety. We come back to it.

1. Secure your LAN through Router Password:

Let's start with a finger exercise: Have you changed the password of your router? At least in your own home, you should feel protected. Out-of-the-box weak passwords are the biggest gateway to your home network. Change the password and use an arbitrary combination of 20 numbers, letters, and special characters.

It's overly secure, but it does not matter because you only enter this password if you change the router's configuration - and you probably will not do that too often. You can change the router password in the configuration menu of the device, which you can reach via the web browser. For more detailed instructions, refer to the manual of the router.

2. Safeguard your passwords in Password Manager:

A good password manager is indispensable today. It helps you manage your passwords, automatically enters them into web forms. You can use your own secure password for each service - without sacrificing comfort.

The password manager also stores credit card information, important documents, and notes in its encrypted database. This can ideally be synchronized via a cloud between any devices. In short, such software is mandatory today.

3. Assure misuse of your login credentials sing Double login method:

Phishing is one of the most serious threats by being lured to a fake login page. But the best password will not hurt if you get it by attempting to cheat. The classic: You'll be asked in a fake email to check your account settings from Google, because something is wrong. If you do not comply with this request, the account will be deactivated shortly, so the promise. 

However, if you click on the link in the email, you end up on a fake login page where you enter your credentials - and even the criminals are in possession of this data. In the best case PhishingMail has only camouflaged advertising and no password theft, 

The most effective measure against phishing is the two-factor authentication, called 2FA for short, Apart from the access data you need another element such as an Access Card, a text message or other security element that only you know

Once your account is secured with a 2FA, the name and password are no longer sufficient for access, The 2FA is applied to each service in the settings that are part of your profile, The 2FA should be used at every opportunity. For a list of services and supported methods, see twofactorauth.org

4. The gut feeling always gives you signs:

However, one of the most important protective measures is your gut feeling. If you feel uncomfortable with a service or a cloud, then leave it alone; This will save you from sleepless nights, accompanied by nagging doubts. 

However, cloud services are a great asset when it comes to synchronizing data - or even just because there is another backup in the cloud. Microsoft, Apple, and other giants are not your enemies; on the contrary, they make every effort to protect the data and maintain customer trust. 

Take Google's Photos service, for example, which lets you store unlimited photos and videos for free: it becomes a first-rate lifeline when your smartphone disappears or breaks, It would be unwise to be so subtle Facility to dispense.

Google employees don't see your photos, because most do not have access to this sensitive data. Most notably, Google announced as early as May 2017 that the service now has 500 million active users, who upload 1.2 billion photos per day - with a strong upward trend. 

When someone looks at your photos on Google, it's just the machines they analyze, classify, and neatly sort - but no people. So listen to your guts, but do not skip cloud services, or you'll miss the best.

5. No own cloud

However, mistrust of cloud services of all kinds is widespread. That's why you can always find advice and instructions to build your own cloud, for example, to synchronize addresses, photos and other data between multiple devices. 

One of the best-known solutions is the OwnCloud service (owncloud.org), which you can use to build your own cloud on the local NAS (network storage), for example. However, this is rarely a good idea, because now you need to install all the cloud services you can use off the shelf elsewhere. 

This requires a piece of considerable knowledge. You should also be fervently convinced that you have the security under control because then the NAS hangs directly on the Internet - and thus the threat situation changes completely. Maybe it's a good idea to put more trust in the countless experts at Google & Co. instead of having your own cloud.

6. Encryption is far secure than, that shows in movies:

When you rent from a large cloud provider, you also have the option of encrypting the data. A strong, correctly implemented encryption is virtually invincible according to the current state of the art. 

Do not believe in movies when the master hacker rattles the keyboard for a few seconds and then types in the word override to open the encrypted file - after all, these are the same films that destroy a computer when someone puts their shotgun on the screenshots. 

In other words, you can entrust your data to any service if they have been correctly encrypted beforehand. tip: A particularly successful combination consists of a Synology NAS in conjunction with an Office 365 subscription, which offers a whole terabyte (1000 gigabytes) of online storage, 

With the included, free SynologyPaket Cloud Sync you can compare a lot of data with the Microsoft servers - and afterward still sleep well because they are encrypted before being transferred to the cloud storage. 

However, encryption is not automatically the best solution because each object must logically be decrypted before it is used. This makes it impossible to create a harmoniously flowing data stream, as is customary - for example, in the synchronization of the address book between the PC and the smartphone.

7. Online Banking:

Sure little can be said about the security of online banking. There is a simple reason for this: It is up to the money houses to guarantee it. Often, customers are therefore worried uselessly. 

Banks and specialized suppliers employ an army of programmers, security experts and cryptographers to keep data transfers watertight. A gap in this system would shake the trust of the customers lasting and would be a PRFiasko for the concerned bank.

Therefore, you should not waste any thoughts on whether the initially described change of PostFinance from the yellow box to the app is also safe. because that is their problem. If the company classifies a device as insecure, online banking via a smartphone is not supported (tell an iPhoneXS owner who spent more than 1700 francs on it).

 Of course, not every smartphone is equally good or equally secure - but it is the banks that have to decide whether a device is qualified for online banking. Through encryption, you can also carry out your banking business during the holidays via HotelWLAN. However, you should avoid the computer in the lobby; Only heaven knows what it is infected with.

8. Credit Cards:

Credit cards are already a security problem in themselves because they are carried around as material objects and can be lost. The finder gets everything: your name, the number and the security code on the back. 

What precautions can you take? 

On the one hand, the publisher's hotline number belongs in the phone book of the smartphone. If you notice the loss, you can lock the card around the clock with a call. If the provider supports it, you should use Apple Pay or Google Pay. After that, you can store the card in the hotel safe and pay for it on the go with your smartphone or Apple Watch. 

However, this requires that the business allows contactless payment via NFC. Switzerland is well covered in this regard, of course, this requires that there is such a terminal.

Another important measure is to never let the card out of your hands, not even in the restaurant. In our latitudes, almost all restaurants are equipped with mobile POS terminals; In the US, however, it is almost always the case that the card is handed to the waiter for payment. If you are completely against the grain, you have to pay in cash.

9. Pay Online:

Shopping on the Internet has long been a popular sport. In some cases, you can pay at the Internet retailers for an invoice, but mostly only credit cards or similar procedures are offered. Nevertheless, there are alternative routes.

APPLE PAY
If you pay with Apple Pay, your credit card will be subtly charged, but the merchant will learn nothing about it: neither your name nor the address or number of the credit card. He only receives confirmation from the publisher that the payment is approved. It is not more discreet.

PAYPAL
For a free PayPal account it is very similar. You deposit the credit card, but the payment process is handled via PayPal. In fact, the dealer does not even know if you pay by credit card, bank account or credit - but only that PayPal stands for the bill. Because a PayPal account is free, uncomplicated and available to everyone, you should not enter the Internet without it (see box on the right).

Prepaid - Credit Cards
If you want to practice mitigation, use a prepaid credit card with low coverage, which you can get at any kiosk or at okpunktstrich.ch, Figure 8. In the worst case, you can not debit more than you paid. However, the fees are sometimes salted and the handling is often cumbersome. The commendable exception is the British startup Revolut, which is not only extremely cheap, but also flexible. Everything worth knowing can be found on the PCtipp website under the address go.pctipp.ch/2038.

Disposable Numbers
If you opt not only for a free Revolut account, but for a Premium or Metal card (starting at about 9 francs per month), you can use it to create virtual one-way tickets for Internet purchases that are only valid once. Thus all risks vanish, that a questionable subject gets to your credit card information

Voucher Cards
At the cash register in the supermarket, you are meanwhile flooded by the voucher cards. They are available for Internet giants, Netflix, furniture stores, music services and many other businesses. Use these cards to add credit to a service that you can use to make purchases - without having a credit card in play

10. Fend off Phishing

Finally, let's talk about phishing again. You can defend against it successfully if you consider the tips 2 to 4, because you have the technology on your side.

Password Manager
We had that in tip 2. The password manager not only manages your access data, but also enters it into the fields automatically when you log in. This will not happen if the address is fake and therefore does not match the database. If your name and password are not filled in automatically, it may not be a fake website - but you should be vigilant now.

2FA Active
The 2FA (see Tip 3) ensures that the username and password alone are not enough to access the account. The 2FA is by far the best way to counter the PhishingPlage.

Gut feeling
If you find an email strange, stay suspicious (Tip 4). A popular trick is to convince the recipients that something is wrong with the PayPal account and you need to sign in to fix the problem. Never click on the offered link with such emails, but call the web address over your own bookmark or enter these by hand.

Post a Comment

0 Comments