About Chris Taylor: Chris is on the Community Review Board for SANS’s OUCH! (the security awareness newsletter designed for everyone), has given over 470 computer-related presentations at the Ottawa Public Library, and is President of the Ottawa PC Users’ Group.
Some look to spring as a time of review. I don’t think we should only review our computing environments that infrequently, but spring is good too! Here are some things I think are worthy of periodic review.
Don’t get compromised
Review your settings in GlassWire to make sure you are getting the best security from the program. I recommend setting the firewall to Ask to connect and in Settings > VirusTotal, check the boxes for Enable manual file analysis by VirusTotal and Automatically analyze all apps with network activity with VirusTotal.
Check that your operating system and programs have the latest security updates and all auto-update functions are working properly.
Check the settings in your anti-virus and make sure it is updated to the latest program and signature files. Run a full anti-virus scan of all storage devices on your computer. Double-check that your anti-virus is not missing anything by running a free on-demand virus scan from any number of major anti-virus vendors.
Get a vulnerability management program that can check all your installed programs for security patches.
Review your authentication to devices and services. Use unique, strong passwords for every service, multi-factor authentication, and a password manager. Review the answers to password-reset questions: use nonsensical answers and record them in your password manager.
Verify the security settings on your router and make sure it is running the latest firmware. Check to see what devices are connecting to your router.
Don’t lose your important data
Backups are one of the most important factors in making sure data is safe and secure. Image, real-time, and offsite backups are all important in ensuring you don’t lose data. Near real-time backup can be achieved for free with Windows’s built-in File History. For image backups, there are many free and paid programs. Be careful if choosing a cloud backup provider: the features, limitations and costs vary wildly!
Review your backup strategy to make sure all threats are covered. Test your backups: we don’t back up for backup’s sake, we back up so we can recover.
Make sure you have at least two accounts on your computer that have Administrator-level access to aid in recovery should your main account becomes corrupted.
Drop stuff you don’t need
Check your password manager for sites and services you no longer use and delete your accounts from those services. If a service is compromised, it may provide a foothold to an attacker.
Use the Windows tools Disk Clean-up and Storage Sense to get rid of dross clogging your drive and making your backups bigger than they need to be. There are also 3rd party tools available that can help you clean up your storage.
Uninstall programs that you no longer use. Not only do they use up space, but they also represent potential vulnerabilities.
If you are getting rid of old computing devices, make sure to sanitize them by securely erasing all personal information. If you can’t be sure data is unrecoverable, it might be best to destroy rather than discard.
Review all your online subscriptions. Get rid of those you don’t need. It can not only reduce your email load, but in the case of paid subscriptions, you can save money with any that are set to auto-renew.
Configure financial accounts so they send you alerts when a transaction is made or there is suspicious activity.
If you are a parent, review parental controls and settings on young’uns’ devices and accounts.
Review privacy settings on social media accounts. Don’t share more than you need to.
Tidy up email. Review your email filters and contacts. Check at https://haveibeenpwned.com/ to see if your email address has showed up in data breaches.
Tweak system performance. Task Manager’s Processes tab can help you track down programs hogging CPU cycles, memory, disk activity and Internet bandwidth. Use the Startup tab to disable auto-start for programs you really don’t need running all the time.
Ensure your online accounts can be handled by someone in the event of your incapacity or death.
Related previous articles I have written
“Public DNS Resolvers” (June 2018)
“Security – it’s all about layers” (July 2018)
“Outbound firewall protection” (September 2018)
“Protecting your passwords” (October 2018)
“Why backup?” (February 2019)
“Home wireless security” (April 2019)
“Updating Your Operating System and Programs” (July 2019)
“Check your backups” (August 2019)
“File History” (December 2019)
“Attack surface” (March 2021)
“Password strength” (December 2021)
“Cleaning up your disk” (March 2022)
“Disabling automatic sign-in to Windows” (September 2022)
“Re-authentication when resuming” (October 2022)
“Re-authentication after inactivity” (November 2022)