Quick Start Guide to OpSec
Here are 7 key steps that can help mitigate hacking, data loss and account takeover.
1. Update Your OS's
Windows, Mac OSX and Linux. iOS and Android, the latest updates don't just add features, but they include security patches for the latest CVEs (Common Vulnerabilities and Exposures) which put your devices at risk of being exploited.
The goal of a clever exploit is to steal your data and passwords without you even noticing.
4. Secure Your Phone
Is your phone number secure? Once you were allowed to keep your cell number when changing mobile providers, your cell number became synonymous with your identity. The problem is that Verizon, AT&T, T-Mobile and Sprint have been quoted as saying that they are not in the business of securing your number, which gave rise to a a whole new form of hacking called SIM Swapping
5. Use a Secure Browser
Popular browsers and browser settings are optimized for convenience, not security or privacy. Firefox and Brave browsers are privacy focused and offer extensions that extend those benefits.
Microsoft and Chrome browsers track your every move as does the Google search engine. Using Duck Duck Go and Startpage offer more privacy
6. WiFi and VPNs
Do you ever connect to the free public WiFi at a coffee shop, airport or library? if so, you are just asking for someone to peek into your device and steal your data. Virtual Private Networks create an encrypted tunnel for you and they are not very expensive. Do you know how to log into your home router and update the firmware and check the settings to make sure you have the correct security enabled? You should, and I'll show you have to get this set up.
7. "Don't Trust, Verify"
When you download software from the Apple App Store or Google Play, you are trusting that they have vetted the apps as authentic and malware free. Apple does a much better job of this than Google based on reports on Bleeping Computer. However when you download software from a website, it's possible to get a malware infected version. Do you know how to check the authenticity of the program and that it came from the developer. I'll show you how.