TL/DR: Backups; Updates; Technical guards: That’s the secret sauce.
There is no perfectly secure system that’s good for anything. Not online, and not in the physcial world.
Build an underground vault in the heart of a mountain. Surround it with titanium and lasers and twitchy, irritable mountain lions and put one computer in the middle of the vault. The computer doesn’t talk to any other device. There can only be one trusted user of the computer. That user has to go through a two-hour screening process each time she needs to use the computer.
What’s that system going to be good for? Not a whole lot.
And it’s still vulnerable. Just have to figure out how to compromise the user, right?
Anything built by humans can be broken by humans. And if it isn’t broken by people, it’ll be broken by time and nature and entropy.
None of us and nothing we’ve made are long for this world, my friend.
That said, we still got shit to do.
Balancing risk and results
We need our computers (and phones, and tablets, and…) to be reasonably safe while working, right?
We need them to do what we need them to do, when we need them to do it.
The tools need to get out of the way.
By the same token, if the tool is broken (if our digital thing is infected or hacked), that’s no good, either.
The trick with cyber security (as with a lot of things in life) is knowing when enough is enough.
Do you need a decent firewall and automated backups and solid antivirus on your home network? I’d strongly argue YES.
Do your home computers need to have annual penetration tests and warm remote fail-over and a fully-formed disaster recovery plan and same-day on-site technical support? Maybe not so much.
So how do we do this?
- Take care of all the easy stuff first, and move your security posture from “dumpster fire” to “I’ve at least closed the doors.”
- Figure out what causes you unacceptable pain if it fails, and cover your ass for those things.
A good example of the first point are Windows updates.
Everyone here who’s ever clicked on the “postpone” button with Windows updates, raise your hand.
Uh huh. That’s what I thought: hands every where.
Run those updates, friends! That’s a really easy win from a cyber security perspective.
For the second point above, let’s talk acts of God and hackers: How much is it going to suck for you if you can’t get to any of the stuff on your computer this time tomorrow? Is that going to be a burning, puckering-in-the-backside feeling? Maybe a little bile in the back of your throat?
Who here has daily, automated, on-and-off-site backups running? Wait; what? Nobody? It’s a little finicky to set up, but once it’s done, it just runs. And that’s the only thing that’s gonna pull your pickle from the fire when the shit hits the fan.
Okay, that was an awesome sentence!
We want to make it hard for bad stuff to happen, and easy to recover when it does.
Rubber, meet road
I don’t care if you have a single computer at home, or you have a bazillion computers in your evil lair, all ya’ll need some basic protections in place:
- Strong gates (antivirus / firewalls)
Use the links above (on their way!) to get straight-forward, no bullshit instructions about how to do this stuff.
If you have better ways to spend your time (and really, who doesn’t?), contact me, and I’ll be happy to help you out.