The Biggest Security Hole is You

Yep, you read that right, you are the biggest security hole when it comes to your computer.  Before you get offended, allow me to explain:

Hackers Are Social

Technology has gotten to the point where our anti-malware programs are really good at detecting and eliminating viruses, spyware, social_engineering_security_holeransomware, worms, trojans and all kinds of other nasties.  Some of them even intercept “zero-day” exploits using advanced heuristics and other cool tools.  Despite the leaps in anti-malware technology, there is one security hole that cannot be patched: the user. Increasingly, hackers are using social engineering to manipulate us into doing their bidding. The email phishing schemes that were big ten years ago (and that still crop up today) are a great example.  By using fear, hackers trick people into divulging critical personal information.  The best hackers are also some of the best psychologists – they understand how the majority of people respond to certain circumstances, then leverage those responses to exploit as many people as they can.

Don’t Be Intimidated

intimidation_security_holeHackers prey on one primary motivation – fear. Phishing schemes attempt to get you to divulge your login or other personal information on the pretense of a security breach requiring your attention; ransomware locks your files away with the fear you’ll never get them back. In a day and age when technology allows us to construct a veritable fortress around our computers and networks, the biggest security hole is still the age-old ploy of fear and intimidation. Bullies know few other tactics so effective. They believe they can push enough people into doing what they want through fear and intimidation to make their endeavor worthwhile.

Don’t Be a Security Hole – Get and Stay Educated

When you bought a car, you probably (hopefully) learned that you need to change the oil every 3,000-5,000 miles, you need to change your transmission fluid and if you hear a knocking in your engine, it’s probably not good. You don’t have to be a mechanic to know or do any of this – it’s the basics car usage. Unfortunately, most people begin using a computer and surfing the Internet without ever really learning the basics of security. So, here are the basics:

  1. Back up your stuff – This can be a simple $90 external hard drive that comes with its own backup software or (my recommendation) a cloud-based, real-time backup solution with version history.
  2. Have great anti-virus – Whether PC or Mac, you need a great anti-virus. Threats are more advanced than ever and to not have a good anti-virus solution is simply foolish.
  3. Stay on top of updates – Software updates come out on a very regular (Windows) or pretty regular (Mac) basis.  Don’t just ignore Windows Update or Apple’s Software Update! Yes, it might be annoying to have to update, but very often these updates contain important security patches for your computer.
  4. Take a look at tech news every now and then to know what’s going on.  TechCrunch, The Verge or CNET are great places to get a general overview of what’s going on in tech in language that you don’t have to translate.

If you just do these four simple things, you can avoid being a security hole on your home or office network.  You can keep up with tech news in less than 10 minutes a day and to have a good backup and anti-virus solution costs less than $10 per month.

Use Good Judgement

You can avoid being a security hole by leveraging the best computer you’ll ever get: your brain. If you keep all of your passwords in a paper notebook marked “Internet passwords,” well, that’s just not a good system. If you get an email from your bank asking you to click a link and enter your username and password, CHECK WITH YOUR BANK to see if it’s legit. If you get an email attachment from a nice lawyer in Nigeria telling you to “click the attachment” for information on your multi-million dollar inheritance, DELETE THE EMAIL. Many exploits are also delivered through security holes in websites; most legitimate sites keep up with security patches and updates, but many, um, less reputable sites do not – AVOID THOSE SITES.

By using simple good judgement, educating yourself and refusing to give into fear and intimidation, you can be the patch to your own security hole.

1 Comment
  1. Ola Fischer April 20, 2016

    Thanks for sharing this information, Steve. I appreciate your concern for all of us “tech” challenged amateurs.

Leave a Comment