Posts tagged with: security

Schedule Spring and Fall third-party social media app access clean-ups

LinkedIn Third-Party Apps

Some of the LinkedIn Third-Party Apps that have access to my LinkedIn profile info. This list on someone who doesn’t maintain a vigilant watch or at least semi-frequent cleaning could easily have more than 100 apps accessing their personal information.

Along with backing up my hard drive of photos/music/memories, one of the Spring and Fall (Thanksgiving weekend usually) digital cleaning efforts I always try to knock out for myself is reviewing what third-party apps I’ve given permission to my various social media network information.

Cleaning this up takes just minutes and can make a HUGE impact on not only your personal information and security, but also for your friends, family and other social media connections. (So also make sure they’re doing this frequently too and not giving away your personal info!)

I’ve often allowed access to one specific thing like mutual Facebook connections, or tried out a new app and never used it again, but with these persistent apps still having access, they can do a lot of not awesome things with your info. Especially if you granted access to one company, and then they were bought out by another, there’s all sorts of data danger, so it’s best to just go through and regularly clean them out. (And remind your friends/family to do the same, they’ll be surprised by what has access.)

It doesn’t take long at all — maybe a minute per social media account and will help secure your — and your friends and family’s data. Here’s some of the most popular social apps third party apps sections to revoke permissions:

Facebook: https://www.facebook.com/settings?tab=applications
Twitter: https://twitter.com/settings/applications
Google: https://security.google.com/settings/security/permissions?pli=1
Linkedin: https://www.linkedin.com/secure/settings?userAgree=&goback=%2Enas_*1_*1_nav*4account*4sub*4nav*4settings_*1_*1

(These links frequently change so if you’ve come to this post and they’re dead, look in the Settings of your accounts and seek out “Third Party” “Authorized External Applications” or anything related to “Apps” and “Privacy” for the ability to revoke third party permissions.)


Use a positive mantra for your password root to secure and inspire yourself

Iamfulfilled mantra

One security and life hack I’ve been doing for years is changing my passwords to be more secure with non-consecutive words by integrating a new mantra a few times a year. You can do this by using the first words of a memorable and meaningful mantra to say it out loud to yourself as you type it in frequently.

Mantras can seem kind of hokie and whatnot, but they definitely help, in my experience. Here’s a handful of ideas.

For instance, the mantra, “I am fulfilled. I am fearless.” becomes “IAFIAF” (then use some sort of mixed letter or number combination before or after or in between, depending on what works for you to keep it more secure and beyond 8 total characters).

 


For less than a flight change fee, get surprisingly easy expedited security and customs clearance when traveling by air

If you travel by air a several times a year, especially abroad from the U.S., you might want to consider signing up for one of the government’s expedited screening programs. After reading an article on Quartz, I took the plunge and was surprised by how easy it is. Now I regret not starting this process started earlier back when I was traveling more frequently for the BBG, but even now for personal trips and travel it will be a time and frustration saver for a fairly low fee.

For the price of less than some flight change fees, you can get Global Entry coverage for 5 years (for just $100) and if you are not in a rush to get things processed quickly, the Nexus program is an even better deal for $50 for 5 years with the same benefits. Here’s the description from Quartz:

Global Entry: It’s the most expensive program, at $100 for five years, but comes with the best benefits: You can skip the lines at passport control and customs when entering the United States and also enjoy TSA PreCheck, Nexus, and Sentri (explained below). The process of applying for Global Entry, which is administered by US Customs and Border Protection, also tends to be faster than the other programs.

Nexus: Choose this option if you want to save money and aren’t in a rush. It costs just $50 for five years and comes with all the same benefits as Global Entry and PreCheck. But the application process tends to take several months and can only be completed in a few cities near the US-Canada border. Nexus is designed to expedite crossing onto either side, with special lanes for cars and special kiosks at passport control in US and Canadian airports. (Note that Global Entry only gets you “Nexus” for crossing into the US; the full Nexus program also includes faster security screening in Canadian airports.)

While I tend to do the grandpa thing and show up hours before international flights and at least an hour before domestic flights, the Global Entry and Nexus passes can help you transfer customs and security faster, especially if you run late or miss a connection.


LastPass password manager & security tools — One of My Best Purchases of 2011

Lastpass

One of my best purchases of 2011 was buying a premium subscription to LastPass, a digital password management tool, and it has made my life much, much more secure, efficient and saved my sanity — especially with all the passwords I have to remember/save for personal life, work and all my side projects. I know there’s a lot of other options out there like the wildly popular 1Password, but I just dig the LastPass integration much better and haven’t looked back.

Here’s 5 reasons why LastPass rules:

  1. Their syncing across desktop and mobile devices is fantastic.
  2. The integration, granular control and auto-fillers for the desktop and Android are top notch and stay out of my way but enrich and speed up my experience.
  3. The thumb-print unlock feature on Apple is really excellent too — no more passwords ever! (Not really, but close.)
  4. Their security challenge is bad ass and incredibly helpful to assess if you have duplicates or unsecure passwords. And as we previously discussed, having rock solid passwords is one of the biggest ways to protect yourself from getting hacked.
  5. It’s a good deal — only $12 a year. ($1 a month!) I’m actually planning on buying and installing this for my mom as a gift to help protect her and make things more secure on her devices, and for only $12 a month it provides great piece of mind.

I almost want to call this a ‘Buy it for Life’ item, but the Internet decays so quickly who knows. :)


Cut your risk of cyber crime by 85% using these simple 5 best practices

This week I caught an excellent and thought-provoking interview on The Art of Charm (one of my top 10 must-listen podcasts) with Marc Goodman, a Resident Global Security Futurist for the FBI, author and adviser for the Singularity UniversityGoodman was promoting/discussing his new book, “Future Crimes” and it was fascinating to hear about how the future is definitely here and while not evenly distributed, but it can be disturbing. Like how the big Target credit card hack this past Winter happened from hackers accessing the Target air conditioning infrastructure to get to the financial systems. I remember first hearing about Goodman when he spoke on Tim Ferriss’ show in December (great episode to check out too) and it blew my mind some of the things he talked about. He also has a Ted Talk on the topic from a couple years ago that is excellent.

One of the great kaizen takeaways from the most recent podcast discussion was his “UPDATE” strategy for everyone to protect yourself from 85% of the risk of being a victim of cyber crime. These simple steps include:

  • U – Update software frequently — Almost all the time software updates are to patch bugs, vulnerabilities and provide improvements of some sort. Don’t let the time between updates go too long or you leave yourself open to trouble. This goes for both mobile and desktop devices. Even freaking Adobe’s stupid auto updater that alerts you every other day of a new patch. :(
  • P – Passwords — Use a different, complex password for every site and get a reliable, trusted and established password manager like LastPass (which I recommend) or 1Password.
  • D – Downloads – Always be careful of what you download and never click on something from an untrusted source.
  • A – Administrator rights — Don’t run your computer from the main, full-access “administrator” rights profile. Create a second one and use that as your primary to restrict and at least notify you when programs are asking to modify the system (they don’t usually do this on the admin rights account). Similarly, I recommend bloggers do the same. Create a secret account with the full admin rights — don’t use the default “Admin” username that blogs like WordPress provide with full access.
  • T – Turn off — This is a simple one and also a good one for just saving battery life — turn off your computer when you’re not using. Turn off your wifi, bluetooth, nfc and other phone communication protocols if you’re not using them and it’ll greatly reduce the potential of someone accessing your device.
  • E – Encrypt everything — He spoke about 2 types (encrypt the data on your computer hard drive and using a VPN to encrypt your connections). I think, soon, a third level of encrypting — your website publishing through https on almost all domains will soon become much more mainstream over the next 3 years to create a safer web. Google has already started to use this as an SEO value indicator and I know the browser developers working on projects to verify certain potential target websites are secure and using the https protocol.

I’m definitely going to pick up the book and you can too — it was just released this week in print, digital and audio.