How To Practice Good Technology Hygiene
- Spam is the most common form of scam. Most of it gets filtered out by good webmail services, but people still fall for it (otherwise nobody would send it anymore). Don't encourage them. Never respond.
- Social-engineering attacks are on the rise (unsolicited telephone calls: "Are you near your computer?"). Phishing is a form of this. Learn the signs of an illegitimate attempt to hijack personally-identifying information.
- Mass-media advertising with vague promises about computer security. Ignore these, just like you'd ignore someone who offers to cure every physical ailment under the sun without ever really telling you what they're going to cure and how.
- Forwards. Stop sending them around. Be skeptical. Look at Snopes.
- Fake images. It's incredibly easy to falsify an image. Don't believe everything you see. Digital imagery begs to be manipulated.
- Always operate your computer on the lowest level of authority you can. For Windows-based computers, this requires setting up an administrator account that is separate from your standard user account, and using the administrator account only when installing or updating programs.
- Remove the hard disk(s) from any computer before selling it or giving it away to others. A great deal can be recovered from a hard disk, even if you think you've deleted its contents.
- When given the choice, always use two-step verification (sometimes called two-factor verification) to login to any important accounts, like your email. These require you to enter your password, then they send a message to your phone with a code to enter to complete the login. This prohibits anyone from signing in to your account unless they also have your phone.
- Pay for it. It's a small insurance cost to pay for your expensive electronics and (more importantly) for first-in-line protection for your data.
- Free is better than nothing at all (if it comes from a reputable source). But free isn't the same as good.
- Update frequently.
- Browser diversity. Install more than one browser and be able to jump from one to another if a security flaw is exposed (as they will be from time to time).
- Delete cookies
- Don't auto-fill forms
- Don't save passwords
- Look for secure connections (https://) when entering sensitive data
- Double backups. Have backups of anything important saved in two locations.
- Physical isolation. A portable hard drive that automatically backs up your computer is great, but not if it gets fried by the same lightning strike that burns up your computer because the two were connected via USB.
- Store a backup well offsite.
- Cloud backups are an option, but they come with risks. They're a big temptation for hackers, and the services may not be available forever. Sometimes tech companies go out of business with little or no warning.
- Keep a physical backup of really important stuff on non-volatile storage like a DVD. Remember: Flash memory can fail catastrophically and optical discs can be scratched. There's no perfect solution, so multiple layers of backups are best.
- Understand that bit rot and physical degradation can erode primary storage as well as backups. That's why you need multiple layers of protection.
- Backup your phone pictures and videos, too. The smartphone and cameraphone make it possible to take pictures and videos everywhere, but they're also at the highest risk of getting broken or lost. Backup your portable devices frequently so you don't lose the good stuff.
Photos and videos
- Backup to non-volatile memory (like DVDs).
- Print the greats. Photo albums are cheap and easy to print from digital photographs.
- Use a logical file-naming scheme. Build your directories by year, month, and date (eg.: /2014/09/03) and save your files by location and subject (eg.: ia-desmoines-playground-1.jpg). This makes things searchable by a logical process (just remember when an event took place and find the directory location) as well as by searching (within the filename structure).
- Know your rights. Before you share on Instagram, Facebook, Twitter, Flickr, Google, or anywhere else, know what rights you retain and what rights they claim to your work. In general, most of the sites permit you to retain copyright, but also take it for themselves with no recourse or remuneration to you.
- Install and activate a paid antivirus program on every smartphone and tablet computer.
- Add a screen lock to every mobile device.
- Always consider any camera on a mobile device to be "hot". Never point it at anything that shouldn't be recorded.
- Don't sell or give away your used phones. It may well be impossible to delete everything stored on an old phone, and thought it may be enticing to get paid for your phone, the personal information you may be putting at risk -- even if you've carefully formatted the phone and run a factory reset -- is probably not worth the cash payment.