As part of the NonProfit Capacity Building Program, Tech Talk networking began in December 2014–but it’s not too late to join in! If you’d like to be a part of it and haven’t yet responded, reply to this post, or Tweet us @ShiaNPCB or @awolber
The tech group will meet again on January 27, 2015 at Safe Center (1300 North Hickory Street, Owosso, MI) where we’ll focus on security. Read through the following to learn a few ways to improve the security of your accounts and devices. If you want to improve your security setup, bring your phone and laptop to the session for some “hands-on” help.
Improve Security with 3 Apps by Andy Wolber (@awolber)
Too often, headlines proclaim “Millions of passwords stolen”. The news may cause concern. But unless you’re hacking or hiring for the compromised company, there’s not much to do after a security breach except change your password and monitor your accounts.
Yet you can improve your security with three apps: two to protect your accounts, and one to protect your device. The apps? A password manager app, a two-step authentication app, and a device remote management app.
Protect your accounts
- A password manager app
A password manager app solves two problems: length and re-use. A password manager generates a long, random string of characters for each of your online accounts. With a password manager, you never use the same password twice. Should a site be hacked, you only need to change the password for that single account.
I use LastPass, which works on most operating systems (Windows, Linux and Mac) and with most browsers (Chrome, Firefox, Safari, Opera, and Internet Explorer). I pay $12 per year for LastPass Premium to access LastPass on mobile devices (Android, iOS, Blackberry, and Windows Phone). You might also consider Dashlane. (See “The best password managers for PCs, Macs, and mobile devices” by Tim Ferrill at Infoworld.com for more reviews.)
Both LastPass and Dashlane encrypt your information, then sync your passwords to their servers. This encrypted data syncs to each of your devices. Because of this, use a strong password to secure access to your password manager app.
- A two-step authentication app
A site that supports two-step authentication requires you to login with your username and password, then enter a six-digit number for access. You obtain the six-digit number from your phone, either from an app or a text message. Even if someone hacks your username and password, they’d still need your phone to access your account.
You need two things for two-step authentication to work: you need a phone to obtain the code, and the site needs to support two-step authentication. Facebook supports two-step authentication, for example, as do Apple, Dropbox, Google, and Microsoft. Follow the links to instructions to enable two-step authentication at each of these sites. See https://twofactorauth.org/ for a long list of others sites that support two-step authentication.
Protect your device
- Device remote management app
If you lose your phone, lock your device first to protect your data. Then login to your account online to locate your phone — or force it to ring, which is helpful if you’ve misplaced it nearby. As a last resort, send a signal to erase your phone the next time it connects to the network.
Similar tools protect laptops or desktops. For example, Prey protects Windows, Mac OS, and Linux systems, as well as Android and iOS devices.
For most people, the three steps above will improve security. A few other actions help, too, though.
- Install updates to your system and software regularly to protect against known exploits (more on this for Android, iOS, Windows 7 or Windows 8, and OS X).
- Require authentication — such as a username, password, pin code, password, or fingerprint — for access. Set this up on Android, iOS: passcode or Touch ID, Windows 7 or Windows 8: password, PIN, or picture, or OS X.
- Connect securely to password-protected WiFi networks you trust. Use a VPN, a virtual private network, when you access WiFi elsewhere. Lifehacker explains VPNs and suggests a few VPN providers. I use PrivateInternetAccess.com.
- Encrypt information wherever possible. Encrypt information when stored, to prevent access to your data even if someone achieves access to your storage. In other words, if I remove a drive from your laptop, I can bypass the operating system and access the data, unless you’ve encrypted your information. Follow the links to learn more about system encryption for Android, iOS, Windows, or OS X systems.
- Backup your data automatically, wherever possible (more on this for Android, iOS, Windows 7 or Windows 8, and OS X).
To ensure complete computer security, build every part of your system from scratch — and never connect it to a network. Since that’s likely not practical, then at least install and configure the apps above to make your accounts and devices more secure today.