In this episode, we introduce the 10 cybersecurity essentials for individuals, families, and small businesses. We end this episode with an assignment, your first steps to take in setting up these essential protections and habits. The next ten podcast episodes will focus on one essential, discuss why it's important, and provide steps for moving forward. The 10 Cybersecurity Essentials Passwords Two-factor Authentication Backups Updates Endpoint Protection Web browser setup Ad blocking Virtual Private Networking (VPN) Firewalls Encryption
Otros episodios de "Humane Tech"
Privacy-stealing browsers and search; Will Windows 10 ever end?
30:41Privacy-stealing browsers and search; Will Windows 10 ever end? Web browsers are our portal to the internet. All the data we want comes in through them; all the data we provide goes out through them. What needs to be checked in the biggest risks to our privacy and security? TOPICS * Windows 11 has been announced for release this fall. Should you upgrade right away? Can you upgrade even if you want to? * It only requires 3 pieces of 'anonymous data' to determine who the data belongs to. Sometimes less. * Browsers and privacy: Most web browsers requires a little bit of configuration in order to protect our privacy. In this first of several episodes discussing browsers and web search, I'll walk through the key things to watch for. My focus is on Mozilla Firefox, which I consider to be the overall best browser for usability, security, and privacy. But Firefox will NOT protect you if you use it badly. Listen in and then check the links below for additional information. ALSO...get on the mailing list for more tips and tricks. -- First five steps towards better browser privacy 1) Get and use Mozilla Firefox 2) Update Firefox's privacy settings - lots of information on this in the episode and the mailing list 3) Install the uBlockOrigin add-on and let it do it's thing (it doesn't require any configuration but you can change how it works). uBlockOrigin blocks a lot of advertisements and unwanted 'scripts'. Scripts are bits of website programming that ask your computer to do things which can compromise your privacy or security. 4) Install the Multi-account Containers add-on 5) Learn how to use Multi-account Containers and use them! HOMEWORK FOR NEXT TIME * Install uBlockOrigin and Multi-account Containers into Firefox (see links below) * Use mulit-account containers * Try the DuckDuckGo.com search engine instead of Google, if you haven't already * I'll be providing bonus information in the mailing list later this week! LINKS FROM THIS EPISODE Windows 11, Apple macOS and iOS updates * Microsoft's https://www.microsoft.com/en-us/windows/windows-11 (Windows 11) home page * Microsoft's https://www.microsoft.com/en-us/microsoft-365/windows/windows-11-enterprise (Windows 11 for enterprise) page (for business users) * From ZDNet: https://www.zdnet.com/article/windows-11-chaos-and-how-copying-apple-could-have-helped-microsoft-avoid-it/ (Windows 11 chaos, and how copying Apple could have helped Microsoft avoid it) * From ZDNet: https://www.zdnet.com/article/windows-11-microsoft-apologizes-for-compatibility-confusion-hints-at-changes/ (Windows 11: Microsoft apologized for compatibility confusion, hints at changes) * Windows Central: https://www.windowscentral.com/how-check-if-your-pc-has-trusted-platform-module-tpm (How to check if your PC has a trusted platform module (TPM)) * Windows Central: https://www.windowscentral.com/one-thing-microsoft-didnt-discuss-windows-11-privacy (One thing Microsoft didn't discuss: WIndows 11 privacy) * Apple https://www.apple.com/newsroom/2021/06/macos-monterey-introduces-powerful-features-to-get-more-done/ (macOS Monterey coming this fall) * Apple https://www.apple.com/ios/ios-15-preview/ (iOS 15 (iPhone and iPad)) https://www.eff.org/deeplinks/2009/09/what-information-personally-identifiable (What Information is "Personally Identifiable"?) - even though this post from the Electronic Frontier Foundation (EFF) is 12 years old, it's still valid and fascinating. Web Browser and Search Engine Security and Privacy * DNS over HTTPS (DoH) - https://support.mozilla.org/en-US/kb/firefox-dns-over-https (Firefox DNS-over-HTTPS) * DuckDuckGo search engine * https://www.mozilla.org/en-US/firefox/new/ (Mozilla Firefox) - privacy-focused web browser I recommend * https://www.chromium.org/ (Chromium Project) - web browser built on the technology behind Google Chrome without the Google "junk" * https://brave.com/ (Brave) - privacy-focused web browser also built on the Chromium...
Let's get current! Breaches, leaks, and passwords...
18:22It's been too long since our last episode. Let's get caught up and then move forward! TOPICS * It's been a challenge to do these episodes on top of being the sole person building my business. I've worked with a mentor, though, and I'm changing my process. Episodes are going to be coming much more quickly now. * Data breaches - I talk about the Facebook and Ubiquity data breaches and what do do about them. * 2FA/Two-factor authentication via texting and email. These are bad methods for securing your accounts. Well, OK, they're better than NOT using two-factor authentication. IF you have the option of using app based 2FA such as Authy, Google Authenticator, etc. or a hardware token such as a Yubikey, please use one of those methods INSTEAD of text messaging or email. A lot of banks (WAY TOO MANY) don't allow anything but text or email. We do our best. * Backups - I like SpiderOak One for a secure, private data backup provider. * Secure file sharing services - I'm playing with Boxcryptor for encrypting data inside less private services like OneDrive, Google Drive, Dropbox, Box, etc. So far it looks very good. It's not super easy to use, but it's not bad. Plus, there is a free option. * Text messaging is NOT secure. It's very easy to steal your cellphone number for texting. This is why I don't want you using texting for two-factor authentication. There's a link to an article on this. It's a quick read! * Apple and Google are most definitely collecting information from our devices every few minutes (at least). There's an interesting study (link below). I hope to revisit this in future episodes. HOMEWORK FOR NEXT TIME * Do you first, or next backup! Extra credit: Do a test restore! * Collect your data from Facebook. Extra credit: Leave Facebook (if you can) * Update your passwords, especially at Facebook and Ubiquity/UniFi, especially if you've been in these breaches. Check https://haveibeenpwned.com (https://haveibeenpwned.com) to see if you're listed there. * Move form text (SMS) and email two-factor authentication to using Authy, Yubikey, etc. as much as possible. Links are below LINKS FROM THIS EPISODE * https://authy.com (Authy) - two-factor authentication (2FA) app * https://spideroak.com/one/ (SpiderOak One Backup) * https://krebsonsecurity.com/2021/04/are-you-one-of-the-533m-people-who-got-facebooked/ (Facebook data breach) * https://krebsonsecurity.com/2021/04/ubiquiti-all-but-confirms-breach-response-iniquity/ (Ubiquity data breach) * https://www.vice.com/amp/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber?__twitter_impression=true (A Hacker Got All My Texts for $16) - an easy, interesting read * https://www.scss.tcd.ie/doug.leith/apple_google.pdf (Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google) - very scholarly and interesting (PDF download) or an https://www.theregister.com/2021/04/01/android_ios_location/ (article by The Register) PODCAST WEBSITE https://monozukuritech.com/podcast HUMANE TECH EMAIL NEWSLETTER Sign-up to receive a weekly newsletter that's to-the-point with helpful advice, links, and information on upcoming podcast episodes, and more! Your information will never be sold or shared. If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
Backups 102 and 2FA restore fail
17:25It's not just data that we need to back up. We also need to back up processes. I recently failed to do that and I share a story of woe from my phone breaking my two-factor authentication. TOPICS * story about 2FA backup methods * 3-2-1 * backup to external drives * consider encryption * how often? as often as your data changes.... * two local drives - continuous backup vs point in time HOMEWORK FOR NEXT TIME * Do you first (next?) backup. * Extra credit: Do a test restore! LINKS FROM THIS EPISODE * https://authy.com/ (Authy) - two-factor authentication (2FA) app * https://support.apple.com/en-us/HT201250 (Apple TimeMachine) (macOS and Mac OS X only) * https://www.microsoft.com/en-us/account/authenticator (Microsoft Authenticator) - two-factor authentication (2FA) app * https://amzn.to/2OCO4az (SanDisk 256GB USB Flash Drive) * https://amzn.to/2ZbX3S9 (Seagate Backup Plus Portable 5TB for Windows or Mac) * https://www.veracrypt.fr/en/Home.html (VeraCrypt) - encryption software for Windows Mac, and Linux (warning, not incredibly user friendly -- I'll cover this more humanely in the future) * https://support.microsoft.com/en-us/windows/back-up-and-restore-your-pc-ac359b36-7015-4694-de9a-c5eac1ce9d9c (Windows Backup) (Windows 8.1 only) PODCAST WEBSITE https://monozukuritech.com/podcast HUMANE TECH EMAIL NEWSLETTER Sign-up to receive a http://eepurl.com/he8SQ9 (weekly newsletter) that's to-the-point with helpful advice, links, and information on upcoming podcast episodes, and more! Your information will never be sold or shared. COMING SOON * file sharing services: Dropbox, OneDrive, Google Drive, iCloud Drive, etc * secure cloud storage If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
Urgent iPhone and iPad Update
6:45URGENT APPLE UPDATES Apple releases iOS 14.4 and iPadOS 14.4. These updates fix problems with the iPhone and iPad which have been used to attack devices. It's been a while since our last episode. Thank you for waiting! This podcast was going to be relaunched TOMORROW with a full episode, but this update was too important to ignore. LINKS FROM THIS EPISODE > HOW TO BACK UP YOUR APPLE IPHONE OR IPAD https://support.apple.com/en-us/HT203977 > HOW TO UPDATE YOUR APPLE IPHONE OR IPAD https://support.apple.com/en-us/HT204204 > HOW TO BACK UP YOUR ANDROID DEVICE https://support.google.com/android/answer/2819582?hl=en > HOW TO UPDATE YOUR ANDROID DEVICE https://support.google.com/android/answer/7680439?hl=en NEXT EPISODE Once I get all of our Apple devices updated I'll finish editing Episode 9 - Backups (continued). If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
Backups 101 (Cybersecurity Essentials #3)
18:15Backups 101Cybersecurity Essentials #3We start this episode with two stories. How was my old Gmail address found in website's data breach when I never had an account there? A growing small business was horribly hurt because the cybersecurity essentials were not in place. Still, backups partially saved the day. New Cybersecurity Class - $56Personal Cybersecurity Foundations opens October 8th. You know that your email addresses and passwords have been stolen in data breaches. Are you using a password manager and two-factor authentication on a daily basis? If not, I'll walk you through choosing, installing, and using both through live and recorded sessions and step-by-step instructions. See how to work around any challenges you might face. Ask me questions online or schedule an included one-on-one session with me! https://training.monozukuritech.com (https://training.monozukuritech.com) LINKS FROM THIS EPISODEBackup Hard Drives Backup your Windows computer using this hard drive and the included software - WD 4TB My Passport Portable External Hard Drive, Black - WDBPKJ0040BBK-WESN - https://amzn.to/2GjurQQ (https://amzn.to/2GjurQQ) Backup your macOS computer using this hard drive and your Mac's built-in TimeMachine software - WD 5TB My Passport for Mac Portable External Hard Drive - Blue, USB-C/USB-A - WDBA2F0050BBL-WESN - https://amzn.to/3jtTq2j (https://amzn.to/3jtTq2j) Humane Tech Email NewsletterSign-up to receive a weekly newsletter that's to-the-point with helpful advice, links, and information on upcoming podcast episodes, and more! Your information will never be sold or shared. http://eepurl.com/he8SQ9 (http://eepurl.com/he8SQ9) Next Episode!Cybersecurity Essentials #3: Backups 102 If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
The Evacuation Episode
17:31The Evacuation Episode Hurricanes, fires, COVID-19, and online school...the world is a challenging place for most of us an horribly frightening for many. What can we do to stay safe when we're suddenly displaced. LINKS FROM THIS EPISODEFREE ANTIVIRUS/ENDPOINT PROTECTION Sophos Home (free and trial versions) - https://home.sophos.com/en-us.aspx (https://home.sophos.com/en-us.aspx ) - There are lots of options for good endpoint protection. I'm offering Sophos as an option because it works well, is easy to install and get running, and is free for 30 days. It's also available for both macOS and Windows. VPN ProtonVPN (free and paid versions) - https://protonvpn.com/ (https://protonvpn.com/) - I'll be talking in depth about VPNs in a future episode. As with endpoint protection software, there are other good VPNs. I believe ProtonVPN is one of the best for both security and privacy. Next Episode!As I upload this episode, the air quality is greatly improving and it's actually raining. If things remain relatively calm, we'll be back on schedule with Cybersecurity Essentials #3: Backups. If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
Multi-factor Authentication (Cybersecurity Essentials #2)
17:07Multi-factor Authentication (Cybersecurity Essentials #2)What if there was a way to keep people out of your accounts even if they did steal or hack your password? There is and it's time to get it on every account you have. LINKS FROM THIS EPISODEDATA BREACHES, LEAKS, AND OTHER COMPROMISES If you haven't looked yourself up in Have I Been Pwned https://haveibeenpwned.com/ (https://haveibeenpwned.com/ )please do it now! If your information has been compromised please change your password at any listed sites. This database is not all inclusive and there are other ways to search for your information but this is a good start. WARGAMES (1983) https://en.wikipedia.org/wiki/WarGames (https://en.wikipedia.org/wiki/WarGames) MULTI-FACTOR AUTHENTICATION APPS Authy - https://authy.com/ (https://authy.com/) - Use it just about anywhere including sites that say they're only offering Google Authenticator. Google Authenticator - https://www.google-authenticator.com/ (https://www.google-authenticator.com/) - Review it for yourself, but I think you'll prefer Authy. Microsoft Authenticator - https://www.microsoft.com/en-us/account/authenticator (https://www.microsoft.com/en-us/account/authenticator) - It's probably no surprise that Microsoft's own MFA app works great with Microsoft online accounts. It will also work as a replacement for Google Authenticator. Hardware Authenticators aka Tokens YubiKey - https://www.yubico.com/ (https://www.yubico.com/) - YubiKeys are very well known in the security world and have been trusted for a long time. Compared to the free apps the YubiKey options may seem very expensive. If you can afford them, they are much better than the apps. A warning, though, they can be complicated to initially set up. Once they're working, they're amazing. OnlyKey - https://onlykey.io/ (https://onlykey.io/) - OnlyKey has options are less expensive and have more features than YubiKeys. Like YubiKeys, they can be more difficult to use than MFA applications. If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
Passwords (Cybersecurity Essentials #1)
17:37Passwords (Cybersecurity Essentials #1)Our passwords are an essential ingredient to our privacy and cybersecurity protections. They're also a pain, easy to steal, often reused (bad idea), and hard to remember. That said, I want you to forget all of your passwords except two. LINKS FROM THIS EPISODEDATA BREACHES, LEAKS, AND OTHER COMPROMISES Look to see if you've been in one or more data breaches or leaks at Have I Been Pwned https://haveibeenpwned.com/ (https://haveibeenpwned.com/). Safely enter your email address(es). If your information has been compromised please change your password at any listed sites. This database is not all inclusive and there are other ways to search for your information but this is a good start. PASSWORD MANAGERS All of these are end-to-end encrypted (technically it's just encrypted if it's installed on your computer) and are zero knowledge. These terms mean that the organizations creating and managing the password managers can't see, access, use, or change the information you save in their systems. KeePassXC - https://keepassxc.org (https://keepassxc.org) - free and open-source. ONLY works on the computer running the application. Can be synchronized with your other devices but can be tricky to set up and maintain. Does not automatically store any information in the cloud. BitWarden - https://bitwarden.com (https://bitwarden.com) - free and paid accounts available, open-source. Options to store only on your computer, in the cloud, or both. LastPass - https://lastpass.com (https://lastpass.com) - free and paid accounts available, closed-source. Cloud-only. Easily accessible and fully synchronized on desktops, laptops, and mobile devices. 1password - https://1password.com (https://1password.com) - only paid accounts available (free trial option), closed-source. Cloud-only. Easily accessible and fully synchronized on desktops, laptops, and mobile devices. WEB BROWSERS - Do not save your passwords in your browser(s). If you're enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at [email protected]
The 10 Cybersecurity Essentials
16:31In this episode, we introduce the 10 cybersecurity essentials for individuals, families, and small businesses. We end this episode with an assignment, your first steps to take in setting up these essential protections and habits. The next ten podcast episodes will focus on one essential, discuss why it's important, and provide steps for moving forward. The 10 Cybersecurity Essentials Passwords Two-factor Authentication Backups Updates Endpoint Protection Web browser setup Ad blocking Virtual Private Networking (VPN) Firewalls Encryption
General safety and online conferencing
19:59Humane Tech gets a new structure. Shorter and to the point. YOU ARE NOT ALONE. COVID-19 has us isolating but that doesn't mean we can't be in each others' lives. In episode 2, I bring you general privacy and cyber security tips. Do these seven (7) things and you're in pretty good shape. Then we hit on online conferencing concerns and how to approach them. Finally, I illuminate a few of the threats we need to watch out for. SUPPORT Humane Tech is not sponsored and there are no paid advertisements. Instead, we prop up each other. In this episode, I mention three businesses supporting women in the Portland/Vancouver metropolitan area (this is Oregon and Washington states). https://www.psandqsmarket.com/ (Ps & Qs Market) is offering curbside groceries service and take-out meals. Their food is wonderful and so is their staff. https://thatcherscoffee.com/ (Thatcher's Coffee) is owned and operated by our great friend and her incredible staff of women. They support the community and now we can support them. While they are currently closed, you can support them by buying Thatcher's Blend Coffee from https://roselinecoffee.com/ (Roseline Coffee). We ordered two bags over the weekend and expect to brew some up on Wednesday or Thursday. https://rosehaven.org/ (Rose Haven) is a day shelter and community center serving women, children and gender non-conforming folks experiencing trauma, poverty, and physical and mental health challenges. Restoring stability and dignity for 3,500 guests annually. They are incredible people and continue to work hard through this COVID-19 crisis. We'll support them as long as we can. We're grateful for you. Let us know what you want to hear next.