Activating a password-protected screensaver is a simple and very effective way to prevent an unauthorized person from rifling through the data on a computer or other device that’s been inadvertently left on or lost. All versions of Windows and Apple operating systems allow you to add a password to a screensaver. Remember to log out of any applications containing sensitive data and lock your screen when you leave your desk, or set a fairly short wait time on your screensaver so that it locks automatically if you step away. BlackBerry, Android, iOS and Windows mobile devices also have an automatic screenlocking feature. Turn it on so prevent anyone that finds your lost or misplaced phone or tablet from accessing the data on it.
All Our Technology Tips
Protect Your Data by Putting a Password on Your Screensaver
Back Up Before You Install Updates to Avoid Data Loss
It is very important to remember that installing updates can unintentionally interfere with the way your computer/device or individual programs/apps on it operate. It is possible that a program/app may not operate properly or at all, that data could be lost, or that a device will fail to restart after an update is installed. Creating a restore point (a temporary backup of your configuration and data) and/or making a proper backup of all the programs and data on a device before you install updates can help you recover if there are unanticipated problems. Always remember to back things up before you install updates so you don’t lose any of your data in the event an app or even your device no longer operates properly.
How to Recognize Your Computer Is Infected With Malware
Ideally you have one or more types of properly updated anti-malware software running on your computers and networks. And hopefully that software detects and prevents any malware infections from occurring. However, because anti-malware software may not detect an infection, watch for the symptoms that can indicate a computer is infected with malware. These include:
- It takes longer than usual for your computer to start up, it restarts on its own or doesn’t start up at all;
- It takes a long time for one or more programs to launch;
- Your computer and/or programs frequently lock up or crash;
- Programs are starting and running by themselves;
- Your hard drive runs continuously, even when you aren’t working on the computer;
- Your files or data have disappeared;
- You find files with new or unfamiliar filenames;
- Space on your hard drive(s) is disappearing;
- The homepage on your web browser has changed;
- Your browser starts launching multiple tabs;
- Web pages are slow to load;
- There is a lot of network or web traffic, even when you are not browsing the web or using the computer; and/or
- Parts, or all, of your computer screen look distorted.
If one or more of the above things are happening, make sure your security software is up to date and run it to check for an infection. If the first scan finds nothing, try running a scan with a second product. If the odd behaviours continue or there are other problems, seek technical help.
Two Simple Rules for Avoiding the Dangers of Email Attachments
While email attachments are frequently used to share documents between lawyers, law firm staff, and clients, they are also one of the most common delivery mechanisms for malware. While most messages that have infected attachments will be stopped if your anti-malware software and/or spam filter are working properly and updated, some will make it through. For this reason, staff and lawyers at every firm should follow should follow these two simple rules:
1. No matter how interesting or enticing they appear to be (e.g., jokes, celebrity gossip or pictures), never open attachments from strangers.
2. No matter how interesting or enticing they appear to be, never open attachments unexpectedly sent to you by people you know.
The reason for Rule #1 should be obvious – enticing attachments from strangers usually have a malware payload. The reason for Rule #2 might be less obvious: to trick you into feeling comfortable about opening an attachment, some types of malware will send an email with an infected attachment to all the address book contacts it finds on a computer that it has just successfully infected. This is done intentionally with hope that people getting such a message will be comfortable opening the attachment as it came from someone they know – and bingo – the person opening the attachment will become infected and all their contacts will get a similar message.
Avoid the headaches of dealing with a malware infection by making sure everyone at your firm follows the above two rules.
Passphrases Can Help You Remember Complex Passwords
Creating a long, unique, complex (letters in upper and lower case, numbers and symbols) and random password for every service you use is the best practice standard when it comes to using secure and strong passwords. If you follow this advice however, your passwords will be an unreadable mix of letters, numbers and characters. While good for security, they will be hard to remember.
As a solution, consider using a “passphrase” to remember complex passwords. A passphrase is a mix of letters, numbers and characters that has a translation that makes it easier for you to remember the correct sequence. Here are some sample passphrases:
- !am@#1DJ!nuSSr “I’m a number one DJ in Russia”
- Rm@y0risKrayz “Our mayor is crazy”
- l@wPR0!sgr8! “LAWPRO is great!”
How to Use Google to Search With a Specific Website
The search functionality on many websites is dismal, and in sometimes it is non-existent. If you are looking for something on a specific website and can’t find it, don’t despair, Google comes to the rescue.
You can use Google to search within a specific website by preceding your query with “site:SpecificSiteURL” [substitute your URL and don’t use the double quotes]. For example, to find the retainers on the practicePRO site, type “site:practicepro.ca retainers” in the Google search box [don’t include the double quotes].
You can also search within a specific type of site by doing the following: “site:edu YourSearchTerm”.
To Avoid Corruption – Formatting a Memory Card Is Better Than Erasing Images on It
With DSLRs, it has become very easy to fill your SD or memory card to capacity. Many of us have will have found ourselves deleting pictures when we run out of space. Doing this in the middle of a photo shoot is fine. However, if you are taking a bunch of pictures off a memory card, remember to reformat the card. This wipes the card clean and will remove all picture and camera data. Simply erasing your pictures can leave data on the card and can make it more likely corruption may happen. For this reason when you take pictures off your camera you should always reformat your memory cards to reduce the risk of data corruption occurring. You will find the reformat memory card command in the the setup menu on most digital cameras.
Using Windows XP SP3 and Office 2003 After April 8, 2014 Will Expose You to Security Dangers
Microsoft will no longer be supporting Windows XP SP3 (Service Pack 3) and Office 2003 (SP3) as of April 8, 2014. After this date there will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates from Microsoft. Your computer will still operate, but if you continue to use Windows XP or Office 2003, you will become more vulnerable to security risks including harmful viruses, spyware, and other malicious software, which can steal your personal information or destroy your data. For this reason, you should immediately start planning to migrate to more current versions of Windows and Office on all law firm and home computers running Windows XP SP3 and/or Office 2003. More details are available here.
Avoid Data Disasters by Properly Ejecting USB Devices Before You Remove Them
How many of you take the time to “eject” your USB devices before you remove them? I know some of you didn’t raise your hand. Does it really matter? Yes it does. Why? Because you can end up with corrupt data if you yank a device out while data is still being written to it.
Some devices will have a flashing LED that tells you when data is being written to the device, but many devices do not. And even on devices that have a flashing LED, you can’t always tell when the data writing is complete. If the computer is multitasking, the LED may even stop flashing before all the data is written.
The lesson here is simple: Take a few extra seconds and eject your devices properly – don’t tempt data disasters.
15 Tips for Preventing Identity Theft and Online Fraud
Cyber criminals and identity thieves want to steal your personal information to commit fraud. They may try to get a credit card in your name or to access funds in your bank account. On top of directly losing money, your credit status can be damaged and it can take a great deal of time and expense to restore your good name.
And this goes beyond being an issue of personal concern. LAWPRO has seen situations where law firm bank accounts were hacked and where law firm bank account information was used on counterfeit cheques.
There are many different ways to steal personal information. Identity thieves will target you online and by “dumpster diving” in your garbage. You should also be familiar with the common ruses that criminals use to trick you into disclosing personal information.
Here are some simple steps you should take to protect yourself from identity theft and online fraud:
1 Protect your Social Insurance Number: It is a cornerstone of your identity and one of the best pieces of personal information an identity thief can have to create a new you. Don’t carry your SIN card in your wallet or write your SIN number on your checks. Only give out your SIN when absolutely necessary for tax purposes, and never for identity purposes.
2 Keep your PINs private: Never write the PINs for your credit/debit cards on the cards themselves or on a slip of paper kept in your wallet. Watch for “shoulder surfers” and always use your free hand to shield the keypad when using an ATM or paying a cashier.
3 Don’t let your mail fall into the wrong hands: Thieves can get a considerable amount of personal information from your mail. Empty your mailbox promptly, or better yet, install a mail slot that goes directly into your house. Ask the post office to hold your mail or get a neighbour to collect it when you are away. Pay attention to your billing cycles and if bills or statements are late, contact the sender.
4 Keep your receipts: Receipts are essential for cross-checking your billing statements (see the next tip). Keep receipts for refunds and incorrect charges as well.
5 Review bills and statements: Carefully review your bills, credit card and banking statements for unauthourized charges or transactions. They are an indication that your credit card has been compromised or that someone has access to your account.
6 Store personal information in a safe place at home and at work: Never leave sensitive personal information lying around. This just makes it easier for a thief to steal your information.
7 Tear up or shred unwanted or discarded receipts, credit offers, account statements, expired cards, etc.: Destroying these documents will prevent dumpster divers from easily getting a wealth of personal information.
8 Never respond to “phishing” requests for personal information in the mail, over the phone or online: This includes cold-calls asking you to complete a survey or offering a prize. And most importantly – this is probably the most common way that personal information is stolen – never ever reply to unsolicited or suspicious emails, instant messages or web-pages asking for your personal information (e.g., usernames, passwords, SIN number, bank account numbers, PINs, credit card numbers, mother’s maiden name or birthday), even if they appear to be from a known or trusted person or business. These “spoofed” messages or websites (see the next tip) will suggest your account has been compromised and will ask you to reset your password. By replying to them you are giving your personal information directly to the thieves.
9 When logging in always check for a secure connection to the correct website: First, look at the address bar in your browser or place your mouse over the link to see if the URL looks correct. It should start with the proper URL (e.g. cibc.com) and not a URL that appears unrelated (e.g., http://12.67.876.5/aed/bnklogin). You should also check to see if the web address begins with https://, as opposed to http://. Look for the “s” which signals that your connection to the website is encrypted and more resistant to snooping or tampering. It’s always better to go directly to a site by using a bookmark or typing in the site’s address directly into the browser address bar.
10 Be careful with odd messages from people you know: If you get a message from someone you know that has odd information in it, their email account may have been compromised by a cyber-criminal who is trying to get money or information from you. These usually take the form of an urgent request for money because the person is stranded in another country and their passport or wallet has been stolen. Don’t reply to or click on links in these messages. Contact the person by phone or use an alternate email address to tell them this has happened.
11 Install anti-malware software and firewalls on your computers: Computer viruses, spyware and other types of malware are a fact of life. Just clicking a link in an email or on a website can infect you. All your computers should have anti-malware software installed on them. And to keep up with current threats, make sure your anti-malware software is configured to automatically update itself. When you are connected to the internet, the internet is connected to you. Information can flow freely both ways across your internet connection. You also need a firewall to act as a gatekeeper to prevent unauthorized access to your computers and network.
12 Learn how to safely surf the web: Your internet browser is one of the more dangerous tools in your office. Even casual surfing on the web can expose you to malware and divulge personal data. Learn
how to safely surf the web and how to configure your browser so that surfing is less dangerous. This involves disabling some browser features, controlling which cookies can be stored on your computer, and preventing pop-ups.
13 Use “strong” passwords: Don’t use a common word or name – and especially one connected with you. Any new password should be significantly different from passwords you have used previously. Make your passwords at least eight characters long – the longer the better. Use a mix of uppercase and lowercase letters, plus numerals and symbols. Use different passwords for different programs, and especially for bank accounts and other sites with sensitive information.
14 Protect the confidentiality of your passwords: Never share your passwords (even with family or friends) and be careful that no one sees you type in a password. If you absolutely have to write down passwords, write them out so they have to be translated in some way. Don’t save passwords on your hard drive unless you use a password manager (e.g., LastPass, RoboForm, 1Password). Change any compromised password immediately, even if you only suspect it has been compromised. Change important passwords every 60 to 90 days. Don’t let your operating system, browser or other programs cache your passwords.
15 Check your credit report once a year: This can help you spot if someone is using your identity without your knowledge. Check it more frequently if you suspect someone has gotten access to your personal information.
This article originally appeared in LAWPRO Magazine “practicePRO: 15 Years Of Claims Prevention (Vol. 12 no. 2).