Safe Computing Guide

These are the steps that I recommend to help ensure your computer continues to run well and to reduce the likelihood of encountering issues during regular use.
It is important that you take steps to protect your information on your personal computer and follow basic security precautions to prevent virus and malware infection, and even from your identity being stolen. It is extremely important that you also take precautions to ensure that your information and data remains safe and secure. Please read and follow these safe computing practices:

1. Use Paid and Reputable Anti-virus Software

I strongly recommend ESET’s NOD32 Internet Security
Computers these days are always connected to the internet. Therefore, there is always the potential risk of infection or infiltration by intrusion software commonly known as Trojan Horses and the like. Computer viruses can modify the settings of Windows and programs and delete and infect files. Trojan Horses can have also capture keystrokes, including passwords (see below). Spyware, malware, and other deceptive software can perform certain activities on your computer without your knowledge or consent.

I have used many free anti-virus programs over the years, and frankly, you get what you pay for. They are never as effective, because the incentive isn’t there, and they often nag you to upgrade.

That said, I do not recommend products like Norton or McAfee, as they have added some many features over the years that they have become bloated, less effective, and slow your system down.

2. Use A Password Manager

In general, choose a password that is difficult to guess by using a combination of letters, numbers, and symbols. Do NOT use words that are easy to spell or guess. Ensure it is at least 16 characters long. The best way to do this is to use a password manager like 1Password or BitWarden.

Password managers can generate completely random passwords that are impossible to guess, and will auto-fill login details for you, to avoid the possibility of keystroke loggers from collecting that data. They will also remember the login details for you and store them in your secure online account where virus and the like cannot access it.

This also prevents the temptation to share your login details with anyone else.

3. Keep Windows and Software Up To Date

Microsoft releases updates and patches for Windows on a regular basis, generally on the second Tuesday of every month. Windows should alert you to these, and may even download and install them, depending on your settings. But, one of my mottos is ‘trust, but verify’, so make a habit of checking Windows Update by clicking the Settings ‘gear’ icon in the Start Menu, then ‘Windows Update’, then ‘Check for updates’. Install them all, restart if necessary, and keep checking for updates until it says ‘You’re up to date’.

Shut down or restart your computer at least weekly, and whenever your programs tell you to in order to install updates. This will make sure software and security updates are properly installed.

4. Better Protect Your Web Browser

Web browsers like Firefox don’t come with everything you need “out of the box” to keep a high level of confidence while surfing the internet. This is where some trusty browser extensions is necessary.

I strongly recommend Ublock Origin, Privacy Badger, and more.

5. Only Trust Secure Websites Using HTTPS (not HTTP)

Check the URL on every website you visit to ensure data is being sent over a secure connection (HTTPS). This is especially important for website you are logging into, such as your banking and email.

6. Remove Adobe Flash

Adobe Flash was a technology that almost all websites used for decades, but it was notoriously vulnerable and could easily be used to infect your computer by a malicious web page. Flash is no longer available and web browsers no longer allow it’s use by default. Microsoft even released an update to remove it from ALL Windows computers. Please ensure it is removed before surfing the internet. Do so by clicking the ‘Settings’ gear icon in the Start Menu, clicking ‘Apps and Features’, and make sure Flash isn’t in the list of installed programs. Flash has been replaced by HTML3 technology. How you use web pages does not change as a result.

7. Installing Software

When you install software, take the time to read every option it gives you. Adware is often bundled with FREE software because they need to pay for development somehow. You should uncheck those option during installation. If given an option to perform a ‘custom’ installation, please do so to ensure you know exactly what you’re installing.

8. Never Open Attachments Unless You Are Expecting Them

Email addresses can be easily “spoofed” or faked. They can appear to be VERY legitimate and from someone you trust and would expect email from. Please ensure you do NOT open attachments unless you are expecting them. If not, send a brand-new email to that person and ask if they sent you attachments.
Attachments can appear very legitimate, but contain viruses or malware, so it’s important to be careful.

9. Beware of Email and Phone Scams

If you receive an email or phone call claiming to be from the IRS or CRA, or even Microsoft claiming you must send money, bitcoin, gift cards, or demand they give you remote access to your computer, hang up or delete the email. None of these organizations will EVER contact you or demand anything from you this way. If you unsure about something regarding a supposed call from the CRA or another organization, hang up and call them directly. Do NOT call the possible scam number back, or reply to their email, as it is likely the email or phone number of a scammer.

In addition, ensure you have hung up and don’t just hear what sounds like you hung up. The scammers are very crafty and can make you think you have hung up when you haven’t. You could then dial the number, and they’ll pretend they are the CRA or Microsoft.

10. Don’t Install or Download Unknown Programs or Apps

There are countless companies that create software, and not all are legitimate. Be sure to ONLY download software directly from the company that created it, and Google that software and the company to ensure they are trustworthy and reputable. That said, there are trustworthy “mirror” websites that host those reputable downloads as well, such as MajorGeeks and Snapfiles. But whenever possible, download directly from the company that created the program.

11. Keep Current Backups

I have a blog post on how to develop a simple backup strategy. Suffice to say, make regular backups of the files you are not willing to lose. Store a copy of these files locally on an external hard drive that is ONLY connected to your computer when backups are taking place, or when you are restoring files. Also use an off-site automatic backup service like Backblaze, iDrive, or Carbonite.

13. Secure Your Home Network WiFi

Please take the time to login to your Router and properly secure your home network, including password protecting your WiFi. Otherwise, your neighbors or anyone parked outside or walking by can use your WiFi and do anything they want online without your knowledge.

ALWAYS use a trusted computer and protected Wi-Fi for banking activities. DO NOT use a public network to access banking or private information, because there is simply no way to trust it, and ALL the files travelling through the air can potentially be captured and used.

14. Securing Your Online Accounts with 2FA

Two-Factor Authentication, or 2FA, is becoming a much more common method to better protect your online accounts from being compromised. You can setup your accounts to use one-time 6-digit numbered codes, accessible via trusted 2FA app on your mobile device, and enter the code in addition to your username and password to gain access to your accounts. If no one else has access to your mobile device, they can’t see those codes.

Alternatively, the option exists to have a one-time code sent via text message to your phone. But this method is much less secure and is susceptible to what is known as SIM Swapping.