I continually discover how many simple things that we in tech always tell other people to do... are still undone by us. So yet again, I am spurred to do another 'best practices' post. But this time, the inspiration came from within the ranks of the techies. I will mention no name in connection to any such foolishness exept my own. If we have good advice, we should take it ourselves.
BEST PRACTICES, version 34.09?
Change passwords regularly and keep a secure master list offline.
Don't use the same password for everything.
Don't be needlessly repititious in other areas, like calling a host the same thing as a domain name. That can confuse people as well as systems.
Do backups of all unique data regularly either offline or on an additional disk.
Don't do "secure" work from public sources like schools, libraries, restaurants or coffee shops. If you need to do that, use encryption on an additional computer that's cleaned often.
Run rootkit hunters, antivirus, antimalware, etc. regularly.
Update the operating system and all APPLICATIONS regularly.
If your activities are tied to a particular OS that's dependent on a particular set of hardware, keep important spare parts around.
Don't get rid of your laptop and desktop, attempting to do everything on your phone. It only takes one drop to the concrete, loss/theft or accidental dive into a public toilet to ruin your whole week. Particularly when there were no backups for 6 months.
Be discreet on social media; delete unused accounts.
Keep webmail accounts lean and backed up. Use more secure options when possible - like paid as opposed to free.
Turn off communications capability when not in use. This can include computers, routers, modems, terminal units, repeaters, gaming devices, etc. To leave everything on for two weeks is a prescription for trouble.
Don't click on a link if you don't know where it's going. And never respond to bank emails; call the bank.
Check your own history. Do web searches on yourself, and for old sites, see what archive.org has on you.
