In a blog by Gerhard Eschelbeck, VP, Security and Privacy, Google has listed five simple steps to improving ones security on the internet in recognition of Safer Internet Day. In recent weeks there have been several reports from security companies announcing that this year will be the worst yet for Trojans, malware, phishing attacks and various other assaults on our security. For example Deutsche Telekom recently revealed that 48% of Germans had been a victim of internet crime.
While the Google security suggestions focus on Google technology they can be applicable to other systems where the mechanisms are supported. If they are not, then consider whether its is the right solution for yourself or your business.
Step 1: Security Settings
For anyone completing the Security Check-up on their Google account by February 11, Google has committed to giving them 2GB of extra Google Drive storage across their Google solutions. This involves setting up a mobile number for security purposes. It is also possible to do this on several other sites including Microsoft, Dropbox and Kickstarter to name a few. It is worth taking a few minutes to check ones cloud systems and make sure that all the security is appropriately enabled, reducing the risk of your data, or worse being compromised.
Step 2: If you get Spam report it.
While emails between Google users are encrypted and authenticated, it is possible to check whether emails from some other users are safe. Where there is a broken lock icon against the sender name it means that the senders account may not be encrypted, and might not be legitimate. How do you report spam on Google? This help article provided the answer.
Most mail services also have email addresses to which spam emails can be sent as well. Notifying Microsoft or Google of spam emails means that they may be blocked in future, this not only saves cluttering up your inbox but might also stop someone less savvy from being a victim.
Step 3: Don’t download and play everything
Slightly frustratingly Google use Step 3 to tell us how good they are about stopping bad apps from reaching you with their Play policies. The fact that 0.13% of Android devices were infected by bad apps during 2015 from the Google Play area shows that bad apps still exist there despite the safety policies in place. Before agreeing to install anything on your device consider whether it is the app you were expecting to deploy, if you really need it and whether it comes from a trusted source.
According to IDC more than 282 million Android devices were shipped in Q2 2015 alone capturing 82.8% of the market share. In other words more than 360,000 of those devices was infected by apps downloaded from Google Play! This applies not just to Google Play. Apple has also suffered though less frequently with bad apps and if you can find an app you want in the Windows store then it’s still worth checking.
The issue over where the app comes from is equally relevant. A lot of users are willing to jailbreak their devices in order to install apps that they know have been pirated. An increasing number of these apps are infected with malware which relies on the device being jailbroken to circumvent security.
Step 4 Beware adverts
Enterprise Times has previously called out Google over its claims on blocking bad advertising. In the article ‘Google positioning itself as “Ad Fair”’ Google waxed lyrical about its successes on combating bad advertising. They are currently reducing the access that known botnets can have to adverts shown on Android devices. As we pointed out in the article however the bad ads often come second hand through aggregators. Google are making positive steps though and others should also consider ways of stopping or restricting the bad ads. If you have ads on your Websites consider their source and whether they really are legitimate.
Google are continuing to fight the battles and the Doubleclick blog provides the latest update on the war against bad ads. No matter how tempting some of those advertisements are, it’s sometimes not worth clicking on them unless you know exactly who the company is that you are dealing with. It can often be easier and safer to use search engines to find the sites you want rather than clicking on what may not be a legitimate ad.
Step 5 Don’t fall asleep!
Security is important. Every day is a new story about something happening such as Edward Snowden’s disclosures or Sony Hack. It’s possible to follow the latest security tales from Taylor Swift on @SwiftOnSecurity but Google are trying to get more people to listen and act. They have set up a round table on online security, moderated by journalist and security researcher Kevin Poulsen and they are hoping that people listen in. People don’t walk about with easy access to their wallets or handbags and your devices now have as much, if not more access to bank accounts than the contents of your wallet ever did.
Most security is common sense such as setting complex passwords and using different passwords for each account. It is also important to reset them frequently and make sure that the security settings are set so that even if someone manages to obtain your password, they cannot access your accounts or information without the two factor authentication.
While these security steps are Google Centric and at times were steps that Google had taken rather than suggestions to follow, security has to be an individual responsibility.