It’s time to reflect on a number of items still hovering over the industries head from last year; ESP breaches, data hacking and general security threats. As an individual you may not have direct accessing the finer workings of your corporate security planning but here are a few tools you can use to protect yourself.
Website trust: How do you know which websites to trust, other than the ones you use regularly and already trust with your data, but what about domains that are unrecognized or domains you have never interacted with or sent via phishing emails? Or even more simple – what about they typo domain squatter just waiting to grab your data with a look-alike site.
That is where tools like the Web of Trust (myWOT), and Webutation come in handy. Both of these services give user and automated data reporting on website that are being visited and rated by other users, much like yourself. These tools are available for most current browsers and provide easy to understand feedback on each website your browsing. Do they respect your privacy, or your child’s? Is the Vendor trustworthy? are there malware or security concerns regarding this website?
Password Security: I’ve already mentioned the use of LastPass (in an earlier post) for encrypted password management. With the number of data breaches that we saw last year, and this year already, I can’t stress the importance of having a unique password and user name combo across multiple websites/accounts.
If your like me managing this in a excel file or database would simply become unmanageable, plus admit it you are lazy when it comes to passwords. To get you started they will even import your existing saved passwords from your browser – then erase them from it’s memory. A full Security scan can be run against your personal password database to see how secure you are can also be run on your data resulting in a report showing; a score, the number of duplicated passwords and the strength of your passwords.
This tools is free to use on on a desktop/laptop, and only 1$ a month to run on your mobile – never be without your passwords.
Prevent Key logging: I’ve been using this took KeyScrambler for some time to encrypt keystrokes as you type them in your browser (works in Firefox, IE and Flock). typing your user name and password your transmit across the network as gibberish, this is especially use for for sites that do not implement “https”. Other use full plugins include the EFF’s HTTPS Everywhere plugin (for Firefox) and KB SSL Enforcer (for Chrome), that tells your browser to try https://google.com instead of simply http://google.com.
Secure your Social Networks: With the number of fraudulent posts on Facebook and twitter look to the security experts again for help. Two applications for Facebook (that I use regularly) are BitGo’s Safego for Facebook and Norton Safe Web. Both of these tools will scan your news feed for potential threats and alert you (and your friends if you configure it) to potentially harmful news items. Bitgo also recently released a Twitter focused link security service, safego.bitdefender.com/twitter which uses Twitters OAuth to scan your content and report on the potential threats you may face. I couldn’t get into using this solution, when it first launched, but it does provide an easy to use interface and option to prescan potential new accounts to follow.
While your securing your Facebook account also head over a “like” the FaceCrooks page for the latest in Scams and active threats.
Your Browser Matters… Get out an upgrade your browser now! The Online Trust Alliance along with a number of other industry security firms are pushing for browser security, but if you don’t upgrade you wont benefit from these enhanced features.
Head on over to the OTA’s Why Your Browser Matters page for more details.
Have any other tips to share – please leave then in the comments.