Being online is by itself a vulnerability. By following these simple yet effective security practices, you can significantly reduce the risk of falling victim to common cyberattacks, safeguard your sensitive data, and navigate the digital landscape with confidence.
Hardware
| Category | Recommendations |
|---|---|
| Router | - Close all unnecessary ports - Change admin credentials - Change name of the network and use strong access password - Segregate the network (config Guest Wifi) for lot, home visitors… - Smart devices (IoTs) only on Guest Wifi |
| MFA | - Security key for MFA (e.g. Yubikey) - Use 2 phone numbers (one not shared - for bank and other sensitive MFA authentications) to avoid SIM swapping - Charge/plug your phone only to your cables/adapters (avoid public or unknown) |
| Crypto | - Hardware wallet (Cold Storage for crypto - e.g. Ledger) - Exchanges (bad) and hot wallets are less secure - Backup your keys on paper and store in 2 different places |
| Information storage | - Use a NAS (e.g. Synology or RaspberryPi NAS project?!) - Run VMs - Storage/Backup - Photo management… |
Software
| Category | Recommendations |
|---|---|
| - Most email services have GOOD security but BAD privacy (e.g. Gmail, Outlook). Choose services with GOOD privacy and GOOD Security (e.g. ProtonMail, Tutanota) | |
| Passwords | - Use a Password Manager (e.g. 1Password, Bitwarden - open source) |
| Cloud storage | - Prefer local backup, if not, use encryption (e.g. Cryptomator) |
| Privacy | - Use NextDNS for more fine-tuning (alternatives: RadioSignal, Little Snitch) - Use VPN (e.g. NordVPN, ProtonVPN) - Use DuckDuckGo instead of Google - Use Yubikey authenticator instead of Google, Microsoft… |
| Others | - Avoid FREE software (if it is free, you are the product) - Use open-source software when available - Utilize Docker to run several LLM locally, no wifi needed (e.g. Llama) |
More
| Recommendations |
|---|
| - Prioritize Security AND Privacy first - Be suspicious - don’t trust, verify. If it looks like, smells like, and tastes like something malicious, it probably is - Avoid using cloud storage for sensitive information - Remember “Cloud” = someone else’s computer - Practice email compartmentalization (Professional, Family, Spam, Banks…) - Remove metadata (EXIF, IPTC, XMP) from photos before posting online - Avoid publicly announcing travel plans until after returning - Avoid connecting to public wifi without using a VPN - Regularly check for leaks on personal emails (e.g. Intelx) - Conduct regular OSINT lookups on yourself to assess public exposure - Harden mobile security configurations - Maintain regular backups of personal files on two separate drives in different locations (e.g. CarbonCopyCloner, TimeMachine…) - Share and educate friends and family about security best practices |
Please share these tips with your friends and family, specially the young ones :)