Your old Computer might become a data resource for someone, how can you protect?

Your old Computer might become a data resource for some bad guys, today I will discuss how you can protect your information before disposing your old computer.

Security risk with disposing old devices?

Computers often hold personal and financial information, including:

1.     passwords
2.     account numbers
3.     license keys or registration numbers for software programs
4.     addresses and phone numbers
5.     medical and prescription information
6.     tax returns
7.     files created automatically by browsers and operating systems

When you save a file, especially a large one, it is scattered around the hard drive in bits and pieces. When you open a file, the hard drive gathers the bits and pieces and reconstructs them.

When you delete a file, the links to reconstruct the file disappear. But the bits and pieces of the deleted file stay on your computer until they’re overwritten, and they can be retrieved with a data recovery program. To remove data from a hard drive permanently, the hard drive needs to be wiped clean.

How to Clean a Hard Drive?

Before you clean a hard drive, save the files you want to keep to:

•     a USB drive
•     a CDRom
•     an external hard drive
•     a new computer

Check your owner’s manual, the manufacturer’s website, or its customer support service for information on how to save data and transfer it to a new computer.

Utility programs to wipe a hard drive are available both online and in stores where computers are sold. These programs generally are inexpensive; some are available on the internet for free. These programs vary:

•     Some erase the entire disk, while others allow you to select files or folders to erase.
•     Some overwrite or wipe the hard drive many times, while others overwrite it only once.

Consider using a program that overwrites or wipes the hard drive many times; otherwise, the deleted information could be retrieved. Or remove the hard drive, and physically destroy it.

If you use your home or personal computer for business purposes, check with your employer about how to manage the information on your computer that’s business-related.

The law requires businesses to follow data security and disposal requirements for certain information that’s related to customers.

Hope you found this article useful.

Stay Online ! Stay Safe ! 
 - Shantanu

Read more

How simply encrypting your data can prevent bigger problems later?

What is encryption?

Encryption scrambles a message or file so only the sender and the authorized individual with the decryption key can decode it. Encryption solutions generally encompass two types: hardware and software.

Examples of hardware encryption include a pre-encrypted USB device or hard drive; software encryption consists of a program installed on a machine that encrypts some or all of the data on the system.

In this article i will discuss about how, when and where encryption should be implemented in order to enhance security and data protection:

Email

It is important to realize that email and IM messages pass through numerous servers and routers before reaching their final destination. Standard email messages are sent in plain text, so it's possible for someone else to snoop and read them.

When you encrypt mail, on the other hand, it makes the messages completely unreadable to anyone who doesn't possess a decryption key. There are several ways to encrypt email.

The simplest way is to use extra software that plugs into your existing email client. Confidential or sensitive data should not be sent via email in clear text.

Laptop protection: 

If your laptop gets stolen then a person possessing it can gain access to bank accounts, mobile phones, internal networks, and other sensitive information.

To prevent this we can enable encryption on our laptop.

There are different ways to enable encryption on laptops, encrypting specific directories and files or encrypting the entire hard drive (full disk encryption).

In the Windows 7 version , the operating system contains Bit Locker, also known as Whole Drive encryption, as one of its features.

Wireless networks

Encryption encodes the data transmitted between your electronic device and the wireless access point. Most of the times wireless access points are having encryption off.

If you haven't already, enable your wireless access point's encryption, and use the strongest form supported by your network.

The Wireless Protected Access (WPA) protocol and more recent WPA2 have supplanted the older and less-secure Wireless Encryption Protocol (WEP). It is highly recommended that your network support WPA2.

Removable Media

These media are small and easy to lose or misplace.

Your best defence is to encrypt the files on your removable media or use, where available, pre-encrypted removable media such as a pre-encrypted USB drive.

Smartphones, PDAs and other similar devices

Modern smartphones, PDAs, etc., can surf the Internet, email, text and take pictures and videos.

They have large amounts of internal memory capable of storing large volumes of information. Though this is undoubtedly convenient, it makes losing your phone a frightening prospect.

With so much personal data at risk, and identity theft such a major concern, you must take steps to protect yourself. It is recommended that you enable the encryption features on your smartphone.

Hope you found this article useful.

In one of my later articles I will discuss about how to encrypt your smartphone, its pros and cons.

Till then, Stay Online ! Stay Safe ! 
 - Shantanu

Read more

How to secure your WiFi network in 6 Simple steps?

In the previous article I discussed why securing your WiFi network is really important? Now I m going to discuss about how you can secure your home or office WiFi network in simple easy steps.

Enable Encryption

Encryption scrambles the data in a way that if your signal is intercepted there is reduced risk of someone being able to eavesdrop or monitor your communications. There are several standards of encryption common to most WAPs.

Newer wireless access points include Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2). WPA2 is stronger and the preferred method of encryption.

If WPA2 is not available, it is recommended that you use WPA.

If your network only allows for WEP (Wired Equivalency Privacy), an older standard of encryption, it is recommended that you replace your wireless network with one that supports WPA2 or WPA.

Change the Default Password

Change the default password that comes with your WAP. The default passwords used by manufacturers are well known to the hacking community.

Be sure to use a strong password, that is at least eight characters in length and include a mix of upper and lower case letters, as well as special characters. I have posted a special article on passwords here.

Change SSID Name

The Service Set Identifier (SSID) is the name of your wireless network. Default SSIDs are well known as often the name of the manufacturer are easy to guess.

Change the SSID name to something unique and be careful not to use a name that freely discloses information.

For example, avoid using your family name. Avoid descriptive or functional names as well, such as "Payroll" or "Accounting" since this would advertise an attractive target for an attacker.
 

Turn Off SSID Broadcasting

By turning off SSID Broadcasting, your WAP does not advertise its presence. It is similar to having an unlisted telephone number.

This is a way to reduce the visibility of your network to others within the range of your WAP.

The only way to connect to a WAP with SSID Broadcasting turned off is to know the SSID name and password.

Use MAC Filtering on Your WAP

The MAC (Media Access Control) address is the unique ID assigned to your computer's wireless adapter.

It is referred to as the computer's "physical address." Enabling MAC filtering on your WAP allows you to designate and restrict which computers can connect to your WAP.

If the computer's address is not listed, a wireless connection cannot be made to the WAP.

To look up a MAC address on a Windows computer, select "Start" then "Run" and type "cmd"; then a new window will open; type "ipconfig /all" and press the enter key. A number of attributes will be displayed.

The MAC address is identified as the "Physical Address."

For a MAC Operating System, click on "System Preferences"; select "Network"; select "WiFi"; click on "Advanced"; in the tool bar that appears, click on "Hardware." The MAC address will be displayed on the first line.

Update the Software/Firmware in Your WAP

Contact the manufacturer for directions and guidelines on how to update the software and firmware in your WAP.

If the option is available, enable the auto-update feature on your WAP.

These are some simple steps in which you can secure your home or office WiFi network. Hope you find this article useful. In future articles I will discuss more in detail about securing a WiFi connection.

Till then, Stay Online ! Stay Safe ! 
 - Shantanu

Read more

3 Reasons why you should secure your home or office WiFi network?

Many times people unintentionally leave their WiFi network open for the bad guys.The bad guys use this opportunity to get access to your network. Today i m going to share 3 reasons why you must make your WiFi network secure.

1. Illegal use

If the bad guy gets access to your network he can use it for performing some illegal actions such as publishing illegal content over the internet.
He may use it to hack into other networks over the internet, when the police will trace back the incident it will lead to your network and you may not have any answer to prove your innocence.

2. Your data at risk:

If the bad guys get access to your network then your data which flows from the network is at a big risk. The bad guy may intercept some very personal or confidential information of yours. Also there is a possibility that the data which flows from the network is tampered by the bad guy.

3. Network usage

Sometimes the person who got access to your network may not have bad intentions. The person may only want to use free internet, this may cause problem if you have a limited data-plan. It may seem to be a very small reason but this may cause big problems, like network blockage just before an important work.

There may be many different problems which you may face if your WiFi network gets compromised.

Hope this small post helps you understand the importance of securing your WiFi network. In my next article I will discuss how you can secure your WiFi network in simple steps.

Please feel free to contact me thorough comments or personal message about any queries your have.

Till then, Stay Online ! Stay Safe ! 
 - Shantanu

Read more

How to reduce the ammount of Spam you recieve ?

In the recent years there has been a huge increase in spam messages received by users.  Though many mail service providers are trying to prevent users from receiving spam, still spammers figure out ways to beat the system. I thought why not share some ways in which we can prevent or reduce the amount of spam messages we receive.

Here are some easy methods which we can implement to prevent spam,

Always use an email filter.

Most of the mail service providers also provide called a filter which prevents potential span from reaching your inbox. I will discuss in a special article about how to setup a filter and its other features.

Submitting your email:

Before submitting your email on any site you must first check if the privacy policy and see if the company is going to sell your email information to others. Only submit your email to website which protect your information.

Different email address

You must use at least two email address one for official work which you will share only with people you know. The other email address will be for signing up into different website like Facebook, twitter, etc.
This will prevent your official email from getting spam messages. Spammers use different software's to scan the web for email address. Therefore don't post your official email anywhere on the web.

Choose a unique email address.

Many spammers use softwares which use different words in a dictionary or namelist and send mails to all possible combinations of mail address. So if your email address doesn't contain a word from dictionary there is a possibility that your mail address wont receive spam mail.

How Can I Help Reduce Spam for Everyone?

Many people use unprotected computers to send out a large number of spam. It might be your computer which is used by spammers to send out spam mails and the worst part you won't even know if it is happening in the background.

By installing different malwares through different free softwares spammers can control your computer from remote systems and send out spam messages to other people. Thousands of computers which are affected by different malwares which send out spam to other people, this is called a 'botnet'. You must take steps so that your computer does not become a part of a botnet network.
 

If your computer has been hacked or infected by a virus, disconnect from the internet right away. Then take steps to remove malware. I have a special article on how to make your computer secure.

Hope this article helped you. Please feel free to contact me thorough comments or personal message about any queries your have.

Till then, Stay Online ! Stay Safe ! 
 - Shantanu

Read more

Are you sure your computer is secure? Here is a way to be sure.

Whats the point in securing your online accounts when your own PC is not secure. So lets see how we can take simple steps to make our PC and data stored on it secure.

The world is now full of people trying to access your computer. There are lot of Viruses, Spywares Trojans, and Worms, which allow bad people to get access to your computer. Following are some methods which your can implement to make your PC secure.

 Updating your OS

 Updating your operating system fixes the security holes present in your operating system. Automatic update is the best option you can enable so that your computer remains secure. If it is not possible for you to turn on automatic updates then you must regularly install the security updates manually.

Use genuine software.

Most of the pirated software's available online contain malwares and viruses which are not detected by most of the Anti Virus software's. It is recommended that you always use genuine software to be sure that your system is free from viruses.

Updating your software’s

The software which you use must also be updated. Same as the OS updating software will fix the security holes present in it. The most targeted software are browsers, flash, java, etc.

NO trial Antivirus

Updating your antivirus is very necessary to protect you from the latest threats online. Most trial software don't get updates and later when they expire they become a gateway for online threats to enter into your system. So use full version antivirus.
There are some websites which display pop-ups which show a message that your system is infected with a virus.  If you click on the pop-up message a small malicious software is downloaded to your system which send your information to the bad guys.

Use a Firewall

A firewall sometimes comes as a part of your antivirus program. A firewall acts a guard to for your system and lets you select which programs to allow internet connection and which to block.

Enable file extensions

Many times some viruses are patched to document or image files. Whenever you open the image or the document the viruses is executed in the background. To see if the file is infected with virus enable file extensions in your system and see if the file name is different. for e.g. "image.png" will be "image.png.exe"

Risk in using P2P software’s

P2P software’s like u torrent, bit torrent, etc. may act as a gateway for viruses and Trojans because they are allowed full access in most of the firewall software.

Use secure passwords

Make sure you use a secure password. Read more about secure password here.

Keep Administrator account different

If you are using an administrator account on your PC, malware may also execute as admin.
Create a new user with required permission and then use it.

Protect from physical threats

By using different Bios setting your system can be accessed without knowing your password therefore you must use a BIOS password.

Once you are sure about the security of your PC you can move forward to make your account secure.

Stay Online ! Stay Safe ! 
- Shantanu

Read more

9 things you should know before you use online banking.

You may have installed a Anti Virus software in you system, but is it sufficient to protect you from online threats? Does it protect from threats to online banking. Obviously no, because no software can protect you if you are not aware of the different threats present over the internet. Don't worry I m here! Today lets see how we can adapt 9 things which can help bank online safely.

So lets get started,

1. Logging in from different places:

 Always type the website URL by yourself and then login into your bank account. There are many people who send fake emails which appear to be coming from your bank.

 It is possible to send fake mails which appear to be from your bank but they are not. Through these emails the bad guys make you enter your password into their fake website(looks same a original website) and then redirect you to original website. So always type the web address yourself.

2. Using Secure Connection:

The beginning of your bank’s internet address will change from ‘http’ to ‘https’ when a secure connection is made. I don't want to explain all the technical differences between ‘http’ and ‘https’ but in simple words we can say ‘https’ is more secure than ‘http’.

3. Pop-Ups:

Close any unexpected or suspicious looking pop-ups that appear during your online banking session. Sometime we might enter confidential information in a wrong pop-up window. Close all pop-ups which your are using online banking and never click them.

4. Emails:

Never respond to any emails which ask you your financial information like you Account NO or PIN etc.

Your bank will never ever ask your information through mail or on voice call. If you get any of these mails or calls contact your bank to let them know about the incident.

5. Closing session:

Always log out of your account every time, so that the session gets closed and no one other than you has access to your bank account.

I will suggest using private browsing feature for online banking. This will clear all account info when you exit the browser or in case of power failure. For example in Firefox you can start private browsing by “ctrl+shift+P”. Other browsers also provide private browsing feature.

6. Remember Password:

Never use the “remember my password” or “remember me” options on shopping and banking websites.

Most of the times the option is already checked so be sure to uncheck it. I don’t know why banks provide it. Its risky because the user might unknowingly save his/her password on the system. Anyway its our responsibility that we make sure that check-box is unchecked.

7. Storing password:

Never save your account ID and password in any file on your PC or email draft. You don’t know when anyone can access this info. Use password managing software if required for storing passwords.

8. Changing Password:

Change your password regularly, some banks have restriction on changing the password every 15 or 30 days. If your bank doesn’t have the restrictions then also change your password regularly.

If you are a victim of banking fraud, then immediately contact your bank.

9. Use Trusted Computers:

Always use trusted computers to access online banking. Most public computers are infected with keystroke loggers, spywares and malwares. 

These are some of the things you must consider before using online banking, I will keep you updating on this topic. See you soon...

Stay Online ! Stay Safe ! 
- Shantanu

Read more

What makes a Password uncrackable?

Starting our journey with the basic element of any security system, today I m going to discuss about all the factors which help us make a uncrackable password.

The first line of defense against any unauthorized access to your information, your accounts or your computer is a password. Always make sure that the password you use must be a strong one. So what does a strong password mean? Lets see.

These are some of the factors which all of us must consider while selecting a password :

Simple vs Complex Password:

Accounts with simple passwords get easily compromised, so always use a complex password for any of your account. So How will you make a password complex? Its easy! use a combination of letters and numbers. Its a good practice to use special symbols in you password. Also passwords with more than 8 characters are not easy to crack.

Never ever use common words like from dictionary, or Names or Phone Numbers, but a combination of these will be a very useful strong password and it will also be very easy to remember.

Same for all website vs Unique:

Always use different passwords for different website you use.  Never ever use the same password for all your accounts because if someone gets access to any one of your account all other accounts also get compromised.

Specially for online banking and other confidential information, use unique passwords to make your accounts more secure.

Password manager:

Some of you might say how can we remember all the passwords if they all are different and complex. The answer is easy use a password manager.

A password manager helps you store all your complex password in one place and then you just need to remember only one password i.e use to open the password manager. That's it no need to remember complex and long password.
Also beaware of fake programs which act as password manager and send your data to other people in the background.

Storing Information:

All of us store important data file on our computer, some of the files contain very confidential data such as bank account information or social security information or tax information. If you laptop or mobile gets stolen then all your data will be available for open access to anyone who has your device.

You can add a password to your confidential folders and file using any locking software available on the net.

Encrypting data on the computer also helps in protecting your information in case of lost/stolen laptop or other device. True Crypt is one of the free and open source software which help us in encrypting data on our system. In one of the further articles I will discuss how to use True Crypt and its benefits.

Hard Security questions:

Security questions are a big reasons why peoples password are compromised. Easy security question like date of birth, anyone name, etc are a reason for this. Many people have a lot of information about you with them, like from web search, social networking sites etc.

So always use questions which only you know and there is very less possibility that anyone else knows it.

Changing Default password:

 The default password is the first password entered by anyone who is trying to get access to your account. Most people don't bother to change the default password of their account which is provided at the time of signup.  So it advised that you change the default password as soon as you sign up to any account.

Updating frequently:

It is a good habit that you change password on regular intervals. Because even if someone gets access to your account, there is a good possibility that you will change the password before any damage is done to your account or information.

And don't use a password you have previously.

Saved info in System:

Frequently delete cookies, history and cache stored in your system because many time due to slow internet connection some fragment of data is remained in the files which can be use for getting unauthorized access to your account. 

I will be updating more on strong password on this blog, subscribe to our blog feed or download our android app to stay updated.

In the next article I will discuss the precautions which we need to take care while banking online.

Stay Online ! Stay Safe ! 
- Shantanu

Read more

Why is Cyber Security important to everyone?

When people hear about Cyber security they think it as a very overwhelming task.
 
 When you hear that thousands of new computer viruses are reported each year, it is not hard to imagine how a virus or computer compromise can impact our networks and the information contained within those systems.

 Just think for a moment that you account has been compromised and you don't have much knowledge about recovering it, or making it more secure. How will you feel? you may feel helpless. Trust me I have been through this situation and I don't want anybody else get in this situation.

 Don't worry I m here to help, I will update you with all the latest information on latest threats and security tips which will help you to be secure online.

 The start is the hardest part, subscribe to our feed or download our android app and take your first step towards a secure digital environment.

 Cyber security may seem like a difficult task but if you do it in small steps it very easy and interesting. This blog is going to make it very easy to setup security environment and to adopt new security habits. 

 Cyber security not only includes installing an antivirus software or a firewall but also includes physical security of system, social security etc. 

 Regardless of the fact that you are an individual or representing an organization,all of us are connected to each other and share the same threats. Therefore, every one of us needs to be aware of the cyber threats, understand what the risks and consequences are and then we must take appropriate steps about it. 

 Your security depends on the security of your friends, because if they are not secure then they can become an entry-point to threats into your information. Please share this blog with all the people you care, because sharing is caring. 

 Lets start our journey towards a secure and safe online environment. 

 Hope you found this blog useful. If you have any queries, suggestion or complaints please feel free to contact me.

Stay Online ! Stay Safe ! 
 - Shantanu

Read more

About Naive Security Blog.

      This blog is all about security for all the people who don't want to read deep technical information to make themselves safe over the internet.  This blog will help you to protect your information and will discuss about how you can make your different accounts secure while you access them on your PC/MAC or mobile phones through internet.

       I won't sat that this blog is only for naive users. This blog is for everyone out there who want to be secure online because there have been cases where even the people who teach cyber security got hacked.

      Sometimes in a hurry we cannot see simple things which are in front of us which can make you and people around you less secure online.

      If you take your security and your friends security very seriously then this blog is surely for you.

       There is no point in trying to recover your account after it has been hacked, because there is very little possibility that you will be able to recover it.

“Hackers cannot be hacked”

      Its because the person who is aware of all the hacking techniques will not fall for the same techniques. Precaution is better than cure, so its necessary to take precautions beforehand to protect ourselves from online threats.

       This blog will not contain any information for hacking, it only contains information which will help you to be secure over the internet.

       If you have any queries, suggestion or complaints please feel free to contact me. You can also download our android app which will help you get all the contents of this blog right to your mobile phone.

Stay Online ! Stay Safe ! 

- Shantanu

Read more