–Run a modern operating system. Modern operating systems, like Windows 10, MacOS 10, or Ubuntu Linux 18, include protections against modern cyberattacks and are regularly updated with patches for vulnerabilities. Operating system vulnerabilities are found regularly, so you need to be on an operating system that is receiving regular patches against known vulnerabilities. If you have an older computer that can not run a current operating system, it is time to upgrade.

–Patch your operating system. The most modern, most secure operating system will not last long on the internet if it is not regularly patched. Back in 2004, a researcher connected an unpatched Windows XP machine to the internet and found that it was infected with malware 20 minutes later. Today, it would probably be infected faster. You must patch your operating system. Most modern operating systems include auto-update functions that automatically install the latest patches and reboot the computer when you are not using it. Make sure this feature is turned on.

–Maintain your drivers. Another component of your operating system’s security is the software drivers that allow it to support peripherals like graphics cards, cameras, printers, mice, or keyboards. Most of this software is built-in to the operating system or comes from the peripheral manufacturers. Because the software drivers interact directly with the hardware, they can be exploited to compromise a computer’s operating system. Make sure you are running current drivers from the manufacturer’s website. Watch out for third-party drivers and software that claim that they will update all of your drivers to the current versions—many of these tools are malware.

–Watch out for zero-day vulnerabilities. Just because you are running a fully-patched and hardened modern operating system does not make you invulnerable. Attacks called zero-days will succeed against a fully-patched system, along with attacks that exploit an application vulnerability or trick the user in some way. Your computer can still get infected or compromised, even if you have done everything else correctly.

–Run current versions of applications. Applications, like operating systems, become obsolete. Applications that regularly interact with the internet, like web browsers, are highly vulnerable to attack if they are not current and up-to-date. Older applications may be exploited by cyberattackers to compromise your computer. If you need to run an obsolete application, do not use it to connect to the internet, and retire it as soon as possible.

–Update and patch your applications. Applications frequently get patches and updates. For some applications like Microsoft Office, application patches may be handled automatically for you. For other applications, you need to periodically go to the application vendor’s website to check for updates and patches. Some applications have a built-in “check for updates” function. When an application update is available, make sure you install it and restart your computer afterward, if you are prompted to restart. Your work computer may be set up already to download patches. However, if you are getting messages telling you to update, check with your systems administrator to make sure your patches are working and if there is some action required of you.

–Remove old or unused applications. Every application installed on your computer is a potential vulnerability. The more applications you have installed, the greater the chance one of them is malicious or vulnerable and jeopardizes the security of the rest of your computer. Periodically check your computer for applications you do not use any more—remember that tool you installed last year and only used once—go ahead and remove it. If you have a work computer, make sure you check with your systems administrator before removing software that came with your computer.

–Keep track of your license keys. While a lot of the software we may install from the internet is free, many of our most important software tools, as well as our favorite games, are purchased and licensed to us. Those licenses are usually secured with license keys that may come in the software box or get e-mailed to us if we purchase the software online. Create a file—either physical or virtual—to store your license keys and keep track of them. You do not want to have to repurchase your software just because the original license key got lost.

–Secure your computer configuration.

–Recognize known virus, spyware, and malware programs.

–Detect software behavior that may be malicious.

–Increase security for web browsing and e-mail.

–Firewall to filter inbound and outbound connections.

–Protect your passwords, privacy, and payment information.

–Protect your family members using the internet.

–Protect your computer and data against ransomware attack.

–Help backup and restore your computer.

–Install current antimalware protection. Like with applications, you want to make sure you are running current antimalware software. The five-year-old antimalware software that came with your computer is not going to protect you, if it has not been maintained and updated.

–Ensure antimalware protection is turned on. It is easy to have antimalware protection installed, and then to accidentally disable it. Many malicious software programs disable antimalware protection as well. Periodically check your antimalware protection to ensure it is active and operating.

–Ensure antimalware protection auto-update is enabled. For antimalware software to be effective, it needs to be updated with current malware software signatures (i.e., identifiers) and the latest attack patterns. Oftentimes, antimalware software updates come out daily, due to the rapid emergence of new threats. If your computer has been turned off for a while, let the antimalware software update before you read e-mail or surf the web to unfamiliar websites.

–Enable inbound and outbound firewall, if available. Most personal security products include a firewall as well as antimalware protection. A firewall controls the network traffic in and out of your computer, and limits what programs can communicate with the network. For example, your web browser communicates with the internet, while a word processing program usually does not need such communication to work on locally stored documents. A host firewall also limits the internet’s ability to connect to your computer, which may protect your computer even if its operating system has vulnerabilities.

–Watch out for free “security” products. Many malicious software packages masquerade as free products to “enhance” your security or otherwise protect your system. If it were free, how would they develop good security? This software is usually malicious, or at least not as effective as it purports to be.

–Configure non-administrator accounts. Modern operating systems can support multiple users of a computer. Most of those users—particularly children—do not need administrator privileges and should not be allowed to install software or reconfigure the computer on their own.

–Use systems administrator protection. Even if you are the owner of the computer, you do not need to be a system administrator all of the time. On Windows, this is called User Account Control (UAC); on MacOS and Linux it is the “root” user. Administrator accounts should not be used for normal day-to-day use of your computer.

–Watch out for administrative prompts. When systems administration protection is enabled, you should be prompted when software tries to install itself or otherwise configure your system. You will see this prompt when you choose to install a program, or make certain configuration changes to your operating system. If you see this prompt when you do not expect it, pay attention! Click “no” or “cancel” and look at whatever you were doing. If you were at a website or opening an e-mail or document, most likely that website, e-mail, or attachment is malicious. Stop and do not proceed!

–Assess the risk of being recorded. Your computer or device camera can be on and recording at any time. While many cameras have lights to indicate when they are recording, those lights are controlled by software and can be disabled by malicious software to deceive you. Turn on your camera and look at what it can see. What room is it in? What is in the background? What is visible in the camera if you are not sitting in front of it? Are you okay if all of this information gets recorded and broadcast to the world?

–Beware of what you record. If you post video to the internet, consider carefully what you are recording. Is there a family picture on the wall behind you that shows your spouse and kids? Is there a diploma on the wall that shows what school you went to? Do not hold up a bill or a prescription bottle in front of the camera, as they may contain your name, address, and phone number. With high definition, all the above items may be visible on your recording using freeze frame capabilities, video enhancement, etc. Internet “trolls” look for just this type of information online and use it to harass people, even if the victims have not done anything wrong.

–Cover up your camera. While we can never be sure if our camera is truly “off,” covering up the lens means that even if it is on it can not see anything. When you are not using it, cover your camera lens with an opaque cover to be completely sure it is not being used without your knowledge.

–Keep track of your software keys. Sometimes doing a system restore may cause software to need to be re-enabled, especially if your hardware has changed. Keep track of your software keys, so you can reactivate your software if necessary.

–Buy an external hard drive. While there are advantages to online backups that make copies of your files every day and are immediately available for restoration, these services do not protect you from ransomware or malware corruption that destroy all of your connected data. Buy one or two inexpensive external drives to keep your backups away from your machine. Better—keep one of them in a safe deposit box.

–Back up your entire computer. Make a backup of your entire computer including the operating system, programs, and files. Sometimes this is called a “bare metal” or “system restore” backup.

–Make a second backup of just your files. In addition to a bare metal system restore backup, periodically make a backup copy of just your files, so they are available to you separately. This file backup can be easier to work with if you just need to recover a single file or folder that was lost off your primary system. This file backup is also helpful for archive files like old photographs.

–Protect your backups. Password protect your backups so if they are stolen or fall into someone else’s hands they will not be usable. Make sure you know the password well and can remember it years later, should you need it.

–Use online backups. In addition to isolated offline storage that is protected from corruption or malicious attack, you can also use cloud-based subscription services like Google Drive, Dropbox, or Microsoft OneDrive. These services store your data “in the cloud” and can protect you from natural disasters such as a house fire or flood.

–Have multiple copies. Remember, if your data is precious, there should be more than one copy. If it is important, have at least two copies. If it is really important have at least three copies. If it is sensitive, encrypt all the copies. Do not let a mishap or mistake destroy your digital life.

–Be aware of system restore. Modern operating systems like Windows or MacOS include the ability to “system restore” or restore the operating system back to a known good state. Some of these features can reset the operating system while preserving your files, while others may delete your files or, more likely, your programs. Be aware of these features and understand how they can help you if there is a problem with your system.

–Unexpected pop-up messages. A normal operating system should almost never pop up a window telling you to do something. For the most part, legitimate operating system notification windows are designed to stay in the background and only bother you if there is an emergency. Pop-up messages for ransomware, antivirus software, or telling you to purchase something are all signs that your computer has been infected, or has opened a malicious website or page. If a phone number pops up on your screen, do not call the number.

–Changes to your web browser. Malware frequently changes your web browser. Changes might include changing your default web browser, installing plug-ins or toolbars to your web browser, or changing your search settings. If your browser has been changed or re-configured, you may have malware.

–Programs you did not install. Malware packages frequently include additional software packages above and beyond the original program. For example, you install a piece of freeware and then it installs a half-dozen other programs at the same time. Sometimes these programs are legitimate support code, but frequently they are malicious.

–E-mails you did not send. Malware packages may attempt to send e-mails to your friends and contacts purporting to be you. Worse, these e-mails frequently contain advertising links, links to malicious websites, or malware attachments. If your friends bring to your attention that you have been sending them unsolicited e-mails, your computer or e-mail account may have been hacked.

–Your online passwords are changed. If you find that you can not get into online accounts even though you are sure you have the passwords right, it is a sign that your computer or accounts may have been hacked. Attackers who have access to your e-mail accounts may use password reset features to take control of your online accounts. They may also cover their tracks by going into your e-mail account and deleting messages intended to notify you of the changes.

–Online protections are disabled. Malware packages frequently disable online protections like antimalware software. If you find that your antimalware software has been inexplicably turned off or is turned back off after you have turned it on, that is a sign your computer has been infected.

–System programs stop working. Similarly, malware packages frequently disable software tools like the Task Manager or Registry Editor (in Windows), or similar tools in MacOS or Linux. Disabling these software tools makes it harder for you to troubleshoot your system, or to disable the malware and manually remove it.

–Unexpected startup programs. When you first start your computer, there will be a flurry of activity as everything turns on, and then your computer should be relatively idle, waiting for you to do something. Open the Task Manager (Windows), Activity Monitor (MacOS), or System Monitor (Linux) to see what applications are currently active or running. There are related tools that tell you what programs are configured to automatically start every time you reboot your computer. Look over the list to see if there are unusual programs running, or programs using lots of system resources. If there are, research them to make sure they are legitimate.

–High central processing unit (CPU) or disk usage. Similarly, if your computer is working hard when you are not actively doing anything, such activity is a sign that unwanted software may be running. For example, malicious “cryptoware” uses your computer resources (e.g., storage and computing capabilities) without your permission to perform cryptomining calculations. Such unauthorized activity may be obvious due to its high resource usage, which slows down your computer.

–Fraudulent posts or transactions. If you find fraudulent posts on your social media accounts, or fraudulent transactions in your banking or e-commerce accounts, such activities are signs your computer or accounts may have been hacked.

–Enjoy the fact that you are “less” vulnerable. While you are hardly invulnerable, you are at least somewhat less vulnerable as the majority of malware is written to specifically target Windows. Only the more advanced malware packages typically target your less-common computer platforms.

–Be cautious and vigilant. Make sure you are running a modern, supported operating system and programs, and patch them promptly. You still need to be cautious surfing the web, opening attachments, and installing programs. Websites you visit, e-mails you open, and programs you install can all potentially be malicious.

–Bad things can still happen. All the cyber protection in the world does not protect you from coffee spilled on a laptop computer, or a failed hard drive on a desktop computer. Backup your system and be prepared in case a disaster occurs.