Final Recommendations3:36 with Greg Stromire
In this final video, we’ll revisit some of our common themes and strategies. We’ll also touch on additional tools and tips that can help you stay secure.
- Open Source -- The program code is available for inspection.
- Security Audit -- A formal review of the implementation of a tool performed by a third party.
- Maintained -- A tool receives regular updates.
In this final video, we'll revisit some of our common themes and strategies, and 0:00 look at them in additional contexts. 0:04 We'll also touch on other tools and tips to help you stay secure. 0:07 But first, let's take a quick step back and start with some guidelines on 0:11 how to determine if a program or tool is right for you. 0:15 Guidelines for Selecting Quality Tools [SOUND] Open Source. 0:18 Is the full source code available for inspection? 0:23 This may seem counter-intuitive at first. 0:26 You may think, 0:28 if the implementation is exposed, isn't it easier to find the vulnerabilities? 0:29 But this actually works in our favor, as the more eyes there are on a project, 0:34 the better chance of those vulnerabilities being corrected. 0:38 [SOUND] Audited. 0:41 Has a security audit been performed on this program? 0:43 [SOUND] An audit is really a formalization of the first bullet point here. 0:46 It's a professional review with security in mind. 0:50 This could be performed on a closed source tool as well. 0:53 [SOUND] Maintained. 0:57 Has it been updated recently? 0:58 Have there been fixes to bargain to bugs or other security vulnerabilities? 1:00 [SOUND] This is a natural result of the first two results bullets, and 1:04 it should be a minimum for any tool selection. 1:07 No program is perfect on the first release, so 1:10 regular maintenance is necessary. 1:12 This are some great qualities to have, but 1:15 you don't have to have all three to still be a good tool. 1:17 If you do come across a program where all three apply, 1:21 chances are it's a pretty solid program. 1:24 If you find one that has none of these properties, 1:26 take extra care to ensure it doesn't open you up to a additional risks. 1:28 Most of the topics from this course apply to internet traffic of any kind. 1:33 In this increasingly mobile world where we carry around a computer in our pocket or 1:37 even on our wrists, it's important to consider some mobile-specific concepts 1:42 when trying to stay secure. 1:46 Mobile Security. 1:48 [SOUND] Think about the information stored on the phone. 1:50 [SOUND] Lock with passphrase. 1:53 Disable fingerprint, [SOUND] voice, and face authentication. 1:55 [SOUND] Back up the data often. 1:58 [SOUND] Put in airplane mode when appropriate. 2:00 [SOUND] Try taking pictures or video without unlocking. 2:03 [SOUND] Consider a dumb phone, or a burner with no identity info attached. 2:06 I'd like to finish up with some final tips and 2:11 recommendations that are just as important as some of our other topics, but 2:13 just did not fit under a particular category. 2:17 These may be obvious, but I still think it's worth calling them out specifically. 2:21 First try to always keep your devices and apps updated to the latest versions. 2:26 I know it can get annoying with the amount of alerts, but it's worth it. 2:31 Often these updates will include bug fixes and 2:35 patches that correct security vulnerabilities. 2:37 Another thing to be mindful about are your cloud accounts. 2:40 You might set up your devices to backup or share data automatically 2:44 when you first get set up, and then forget about that setting. 2:48 In some ways this is really convenient. 2:52 You don't have to do any manual backups and you're still covered if you need them. 2:54 But sometimes that data is shared or 2:59 accessible, even when you didn't intend it to be. 3:01 It's worth doing your own audit of exactly what is being uploaded 3:04 to your cloud storage. 3:07 This can also be extended to the info you share on social media. 3:08 Whether it's personally identifiable information or photos, or 3:14 even photos of personally identifiable information. 3:17 Bottom line, be mindful of the data you choose to share. 3:21 That concludes this course on security literacy. 3:24 I hope you learned a lot about how to stay private and secure online. 3:27 Remember, one course does not make anyone a security expert, but it's a great start. 3:31
You need to sign up for Treehouse in order to download course files.Sign up