The Top 7 Cybersecurity Measures for the Home-computer User in 2023
Now that it’s the first part of the new year, it’s time to start off on the right foot with cybersecurity. Years ago (about ten years ago), I wrote an eBook and published it on Amazon about security for the individual computer user. I have since ‘unpublished’ the eBook since some content is outdated. However, looking through the key items that every computer user must focus on to keep cybersecurity for their home-based system hasn’t changed that much. I am including a list of the top 7 cybersecurity items below for the home user to consider and implement. Oddly enough, these measures haven’t drastically changed from 10 years prior (except for an emphasis on 2FA or multi-factor authentication).
To bring in the 2023 New Year, here’s a list of the top 7 cybersecurity protections for the home computer user.
1. Antivirus software: This is a key item. As we generally know, antivirus software is a program designed to identify, prevent, and remove malware and other malicious software from your computer. It works by scanning your system for known threats and can also monitor your system for suspicious activity that may indicate the presence of malware. It is essential to have an antivirus program installed on your computer and to keep it up to date with the latest virus definitions to ensure that it can effectively protect your system.
2. Firewall: A firewall is a security system that controls the incoming and outgoing network traffic based on predetermined security rules. It can be hardware-based, software-based, or a combination of both. The firewall is embedded in a home router. The primary function of a firewall is to help protect your computer from unauthorized access by blocking incoming traffic that does not meet the security rules set by the administrator. Firewalls can be configured to allow or block specific types of traffic based on various criteria, such as the traffic source or destination, the traffic type, or the port being used.
3. Secure passwords: Using strong and unique passwords for your accounts is essential to maintaining the security of your computer and online accounts. Strong passwords are difficult for an attacker to guess or crack using automated tools. They should be at least 8 characters and include a combination of letters, numbers, and special characters. Using a different password for each account is also important to minimize the risk of an attacker gaining access to multiple accounts if one password is compromised. A password manager can help you generate and store strong, unique passwords for your accounts.
4. Software updates: Keeping your operating system and other software programs up to date is important for maintaining your computer’s security. Software updates often include security fixes that address vulnerabilities discovered in the software. Installing these updates can help protect your system from attacks that exploit these vulnerabilities. It is generally a good practice to set your computer to install updates automatically to ensure that you are always running the most secure software version.
5. Online security practices: It is important to practice safe online habits to help protect your computer and personal information. This includes being cautious when opening emails or clicking on links, especially if you do not know the sender or if the email or link seems suspicious. Avoid sharing personal information online, such as your name, address, phone number, or financial information, unless you are using a secure website (those with “HTTPS” in the URL) and are certain that the information is being transmitted securely. When entering sensitive information online, such as passwords or credit card numbers, make sure to use a secure website to help protect your information from being intercepted by an attacker.
6. Encryption: Encryption is the process of encoding data so that someone with the proper decryption key can only access it. Encrypting your data can help protect it from being accessed by unauthorized individuals, such as hackers or government agencies. Various types of encryption can be used, including symmetric encryption, which uses the same key for encryption and decryption, and asymmetric encryption, which uses a pair of keys, a public key for encryption, and a private key for decryption.
7. Two-factor authentication: Two-factor authentication (2FA) (e.g., Multifactor Authentication/MFA) is an additional security layer requiring a second form of authentication and a password to access an account or system. This can help prevent unauthorized access to your accounts, even if someone else has your password. Examples of 2FA include using a code sent to your phone or email, a physical token such as a security key, or biometric authentication such as a fingerprint or facial recognition.
That’s a quick list of the top 7. However, based on your home environment, you may need to take additional measures. For example, if you do work at home from your home computer, there are several other mitigations that can support your cybersecurity posture. Also, if you have many users and a variety of users on your home network (e.g., children, others that work at home, etc.), additional security measures to include network segmentation and additional firewall filtering may be called for. I’ll post additional information about this during this year (2023). But, feel free to contact me if you do have any questions.
About the Author
Ron McFarland, PhD, CISSP is a Senior Cybersecurity Consultant at CMTC (California Manufacturing Technology Consulting) in Torrance, CA. He received his doctorate from NSU’s School of Engineering and Computer Science, MSc in Computer Science from Arizona State University, and a Post-Doc graduate research program in Cyber Security Technologies from the University of Maryland. He taught Cisco CCNA (Cisco Certified Network Associate), CCNP (Cisco Certified Network Professional), CCDA (Design), CCNA-Security and other Cisco courses and was honored with the Cisco Academy Instructor (CAI) Excellence Award in 2010, 2011, and 2012 for excellence in teaching. He also holds multiple security certifications including the prestigious Certified Information Systems Security Professional (CISSP) certification and several Cisco certifications.
CONTACT Dr. Ron McFarland, PhD, MSc, CDNA, CISSP
· CMTC Email: rmcfarland@cmtc.com
· Email: highervista@gmail.com
· LinkedIn: https://www.linkedin.com/in/highervista/
· Website: https://www.highervista.com
· YouTube Channel: https://www.youtube.com/@RonMcFarland/featured
