Security Tips with Captain Security


If you do Internet banking, make sure you are doing it on a secure machine. What is a secure machine? It is a machine that has the latest security patches. It has virus scanning and a firewall enabled. You should also only go to sites that you need to. Avoid news sites and other sites that could contain malware and spyware. Your kids should also not use the machine. You will avoid spyware and nasty surprises.


When you add WIFI to your network, it allows you to walk around without wires. It also makes it easy for hackers and crackers to get on your network. When you add WIFI to your network, you want to make sure it is secure. That means no WEP and open access. It also means hiding your SSID. You should also consider WPA2 enterprise for the best security. WIFI is a very useful technology, but it also can be very dangerous if configured incorrectly.


This seems like common sense, but you will be amazed at the number of people who do not follow this best practice. You should really put some sort of password on your smartphone. You have apps that do not require sign in, so if someone would happen to get your phone they have access to a bunch of your information. Be careful with your smart phone.


Java has had its share of vulnerabilities lately and the question is, do you need to remove Java? I do think care needs to be taken to ensure that you are updating JAVA like the rest of your programs. If you do not have any sites that utilize Java, remove it. If you do, make sure you are updating it. Also, I would suggest removing it from being one of the startup programs.


Web Programmers are a community that believes in sharing and offering sample code and programs. While that is good for helping develop your website, it can be bad when you include readme files with the web code. The sample code could contain bugs and various additional backdoors. Remove sample code from websites.


When you setup online access to banking or brokerage sites, they ask you for some identification. They will ask for you High School or your Mother’s name. Instead of using the real name, think of something creative like Yoda. Why? They will not be able to social engineer this and only you will know.  Now, don’t use Yoda.


With a NEW YEAR, it is time to change your passwords. If you have key passwords you have not change in while, you should change them. Banking accounts, brokerage accounts all should be changed. Account such as APPLE ITUNES and also Amazon should be changed. Good Policy is to change these passwords yearly to help protect your accounts. The same goes for some admin passwords.


With all of the concern of external threats, a routinely overlooked vulnerability is backup tapes. Backup tapes contain all of your sensitive information and are usually left lying around or in insecure locations. You should keep your tapes in locations that are locked, such as a safe or a safety deposit box. If they contain very sensitive information your backups should be encrypted.


This is a common sense tech tip, but is something that needs to be mentioned. Passwords sent in emails are a bad idea. With most email being accessible from anywhere in the world, it makes webmail a target for hackers. They can easily compromise other systems.


Recently, I have had a few clients get a nasty virus that was infecting network shares. If they would have blocked executable at the firewall, this could have been prevented. I have been recommending this for a few years and it is amazing how much spyware/malware gets cut down.

Consider blocking exe’s at the firewall.