Personal data security

Let me state up front I am not an expert on this topic. Everything I am presenting in this post is copied from the best advice I have been able to glean from some folks who ARE. I will be compiling the various sources to make them topical. Some of the basic stuff I also received in PM’s from a VERY savvy guy who does a lot of work for the government in this area. His website will be included in the links.

As someone who regularly travels and lives overseas it is imperative for me and my family to take every measure we can to secure our digital information. We, of necessity, have to take some risks with the Wi-Fi sites we access, whether in airports or hotels, and the amount of financial traffic we conduct over the internet. As such, I am learning as much as I can to make us as secure as possible. Below are my notes, as much for myself as anyone, but I hope you find it useful.

ID theft: We are very happy customers of LifeLock.

Home Wi-Fi security:
These quotes are from www.getoffthex.com. Search for best spyware or best anti-virus.
“I also run Ad-Aware and Spybot Search and Destroy, which are both freeware. Each seems to catch something the others don’t”
“I was an employee at one of the two biggest consumer AV companies (until I had the opportunity to run like hell), and none of the suites you find in stores are worth the boxes they’re in, as far as actually protecting you.

Avira, however, is quite good in just about every aspect. We actually OEMd their stuff and relabeled it as our own for use in some of our Enterprise/Government products.

And the “lite” edition is free… and catches about 60% more stuff than their next highest competitor.”

http://www.chesbro.net/images/Cyber-Security_Toolbox_Edition-3.pdf

Online Training:
http://www.tcpipguide.com/free/t_UnderstandingTheOSIReferenceModelAnAnalogy.htm
http://iase.disa.mil/eta/online-catalog.html
https://www.vte.cert.org/vteweb/
http://www.dc3.mil/home.php
There is also SkillPort on AKO (or the direct link www.usarmy.skillport.com) which offers a bunch of computer training. This isn’t great, but it doesn’t completely suck either. It also has the Books 24/7 link which lets you get references; which is a good value.

Passwords:
This is taken from here: http://thesurvivalpodcast.com/forum/index.php?topic=23865.0
“What I do for passwords is simple and helps me remember. I have a root word that I preface and suffix with a number, a symbol.
The root word must have an upper case letter.
The root word cannot be a family name, pet name.
The root word must be a minimum of six letters.
No birth dates, no anniverseries.
Every 90 days I change the root word.
It’s not perfect but it works for me.
For my PC I use Bitlocker.”

“I use a algorithm password. All My passwords are basically the same except for one part of it. Say for The Survival Podcast my password might be 1234SUxx7890. My password for Save our Skills would be 1234SAxx7890. Something I havent thought of is having another variable in there for different types of passwords. Maybe for a website it could be 1234SUws7890. For a file named Preps.doc it could be 1234PRfi7890. Maybe you should use a symbol in stead to make it more secure (1234SU%7890 -where all website passwords have the % sign) Obviously you want to make up your own algorithm.”

www.passwordcard.org

“I use 1Password – mac/windows program and I have it generate random and crazy passwords. As long as the given system will let me. I have a long phrase that i can remember with spaces stripped out for a PGP key and to authorize one password. years ago i used a monty python line (i don’t use this anymore);
ifwetookthebonesoutitwouldn’tbecrunchynowwouldit?
I get two symbols and that would be quite difficult for a password crack file to handle. Make them capital letters at random or switch a few e’s to 3s and it gets better.
I also recommend trying apple’s “memorable” password generator in their keychain access application. It makes complex passwords that are easier to remember but give you a decent level of security.”

http://keepass.info/
http://www.lifehacker.com.au/2010/03/how-i%E2%80%99d-hack-your-weak-passwords/
“I’ve used RoboForm for five or six years. It will generate passwords for you and can also store application passwords. They have multiple versions: portable (on USB device) or licenses connected to a computer, smartphone, ipad, or “the cloud”. Each site password is a separate, encrypted file which can be emailed to someone else (e.g., sending an alarm code or other secure info to a family member) They have a free trial and there is a free version for 10, or fewer, passcards. They have good tech support, too. Just select a very strong master password and change it periodically.”

http://www.xkcd.com/936/

http://lastpass.com/
http://www.grc.com/sn/sn-256.htm
http://www.steganos.com/us/products/for-free/locknote/overview/
http://sourceforge.net/projects/locknote/

Encryption:
http://www.chesbro.net/images/Use_a_Digital_Certificate_to_Encrypt_Your_Personal_E-mail.pdf

http://www.hongkiat.com/blog/how-to-encrypt-usb-flash-drive/

Spyware/Malware protection
http://www.amazon.com/Kaspersky-Lab-KAV60BOXNC-Anti-Virus-6-0/dp/B000FRTTVY/ref=pd_bbs_sr_1/105-2461992-4332432?ie=UTF8&s=software&qid=1188496835&sr=8-1
http://www.avg.com/us-en/download
For computers that get infected with super nasty spyware, I use Super Anti-Spyware http://www.superantispyware.com/
Zone alarm has a free stand alone firewall if your hitting public hot spots.

http://www.avast.com/free-antivirus-download

Advertisements

About cptcaveman

An Army Major, my family and I are in Fort Leavenworth, Kansas. We enjoy photography, cooking, reading and outdoor sports like hunting, fishing and trapping.
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

2 Responses to Personal data security

  1. alephhttps://cptcaveman.wordpress.com/2011/08/17/personal-data-security/#comment-form-guest says:

    one additional question

    How is it best to secure an external hard disk (which I use for a lot of my backups and on different machines?

  2. cptcaveman says:

    I think the info in this article for data sticks can also be used for larger external hard drives.

    http://www.hongkiat.com/blog/how-to-encrypt-usb-flash-drive/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s