I need cyber security advice for awareness and safety

[amralaa 0]

I need an answer to my questions, am I right or am I wrong in protection?

Question 1 === I use your product ESET Smart Security Premium. Am I protected from ransomware and network hacks, all complex viruses, all other new and unknown viruses, and complex security vulnerabilities?

Question 2 === I practice excellent security and do not download unknown files via email and websites. Should I continue on this basis and be protected?

Question 3 === I keep updates and definitions up to date and use the latest version of Windows 11. Am I thus protected from device vulnerabilities?

[Marcos 5,274]

ESET protects you from all kind of threats. While you seem to be pretty well protected, it's wise to remember that there's nothing like 100% protection.

[Aryeh Goretsky 388]

Hello,

I would suggest visiting ESET's [url=https://www.welivesecurity.com/]WeLiveSecurity[/url] blog and podcasts for keeping up to date on the latest security news.

Also, here is something I wrote on another forum about the other layers of protection for your computer that you can take in addition to using security software.  Perhaps you will find it of use/interest.

Regards,

Aryeh Goretsky

 

---

Securing Your Computer

It is important to understand that there's no such thing as 100% protection from malware, and that security software is only one component (or layer) of protecting your system. Here is a partial and very incomplete list of things you can do to help protect yourself in addition to using security software:

• Setting up separate a standard user account for general everyday computing, another low-privilege (restricted) one for banking, and a third account for performing system administration and maintenance tasks. Do not log into the Administrator account for everyday use.

• Keep the computer's operating system and applications patched and up to date. As a matter of fact, just have the computer go and check for Windows Updates at the start of the day. Launch it, start the install of any updates, go get a cup of coffee, and come back and reboot if needed. That way you won't have to deal any reboot-in-the-middle-of-work shenanigans.

• Equally important is to check for web browser updates. If your browser has automatic updates, enable them. If it does not, manually check for web browser updates at least once a week, if not more daily. The web browser is often the gateway for threats into your system and needs to be regularly updated in order to maintain its security.

• Speaking of web browsers, use only extensions and plugins from reputable entities that you trust. Use extensions to disable scripting, prevent plugins from automatically running and block ads. You can even look into blocking via the hosts file. It's all about layers of security.

• Check regularly with your modem or router manufacturer for updated firmware, because it doesn't matter how much your secure your PC if the network connection it uses is compromised and being redirected, malicious content is being injected, and so forth.

• Consider using safe(r) DNS services like Google DNS, OpenDNS, and Quad9, instead of the one provided by your ISP. Comodo and Symantec offer secure DNS services as well.

• Use sufficiently strong and different passwords (or passphrases) across all web sites. This also applies to computers that you log in to and Wi-Fi networks you set up. Likewise for PINs on phones. As computational power has increased over the years, it becomes easier everyday to crack or brute-force (guess) passwords and PINs. A unique password of a dozen or more characters, and PINs of 6 or more characters are currently recommended for each separate account or device that you use.

• If a device comes with a default password (be it a computer, smartphone, router, Wi-Fi, and so forth), change it!

• Don't rely solely on biometric logins (fingerprint reader, iris recognition, etc.). Biometrics are extremely useful for identification purposes because they are something which you should always have (barring accident) and be unique to you, but far less so for authentication purposes since the law is rather fuzzy when it comes to compelling you to unlock a device.

• Use two-factor authentication (2FA) wherever possible for services involving your identify, financial information and stuff like that.

• Back up your valuable data. What's defines valuable? Anything that you cannot easily obtain elsewhere. If it's really valuable (e.g., not available elsewhere at all) make multiple backups. On different media. And store them in multiple locations, including off-site and off-region, if possible. And test your backups by restoring them, preferably to a different computer, so you can verify the backup process works. Remember, Schrödinger's Law of Backups: The state of any backup is unknown until you have successfully restored your data from it. Here's a link to a paper @goretsky wrote giving an overview of backup (and restore) technologies: Backup Basics. While a few years old, geared at home/SOHO users and small businesses and does not get into cloud-based backups at all, only on-prem storage, but it should give you an idea of what the options are out there. It doesn't mention any products, just looks at the various technologies and their pros and cons.

• Encrypt your valuable data.

• Look into installing and using some kind of anti-malware software on all your devices if they do not have any. It could be something free, something commercial, whatever.

• Be cautious when dealing with email, SMS texts and instant messaging chats where the other party is enticing you to click on something or give them information, especially if they imply it is urgent, time-sensitive, or may come with some type of financial rewards or penalty. *Do not click on attachments or visit websites if the message is from someone you do not know and trust, or the message sounds out-of-character for them. *

• Be careful when using P2P file sharing services.

The above are general guidelines, and your situation may vary. There may be many other additional steps to consider based on your level of risk.