You’ve installed antivirus, VPN, and other security software on your PCs, phones, and tablets, but how do you know if it’s doing its job of keeping you safe? We’ve got a dozen tips to help you do your own security check
If you haven’t created it, your PC almost certainly came with a trial installation of an antivirus or security suite product. Did you update when it expired or install some other security? Let us believe so. Once you get past that trial period, you don’t need to think about it in theory until your security software tells you it’s hit some malware. However, for best results, shine the light on it from time to time to make sure everything hums the way it should.
Here are a dozen simple steps you can take to ensure you get the most out of your security systems.
1.Keep your Security Software up to date
Antivirus programs in the early days of computer viruses would only scan files for known dangers’ signature patterns. These days, most malware encoders make their code polymorphic, undetectable by simple pattern-matching. And modern antivirus applications use behavior-based detection systems so they can stop malware they’ve never seen before. This means that both simple malware signatures and behavioral detection methods require frequent updates to keep up with the evolution of malware. Is your antivirus up to date? Open it and check it out. Are you seeing a message asking to update databases? Even if you don’t, look around to find and trigger a command that will run an on-demand check for updates. It couldn’t hurt!
Also check if an update is available for the program. In fact, look for upgrades for all of your security products. Typically, you’ll find the option to check for updates in the File or Help menu, Alternatively, you may access the menu by right-clicking the product’s icon in the notification area. By doing this, you may discover that the subscription has expired—renew immediately!
Consider signing up for automatic renewals when you renew. You’ll receive a notification email before the update happens, so you can still change your mind. Automatic updates from some companies like Norton, McAfee and SonAlarm get you the promise of virus protection. When you update automatically, the company promises to detect and stop malware that gets past basic antivirus protection.
2.Utilize the Best Security Software
Look at each of your security products and consider how you chose them. Have you seen the ad on TV? Recommended by a friend? Did it come with the computer as a trial and did you log in after the trial?
To make sure you’re getting the best, visit PCMag and read our review of the product. In addition to antivirus, we have reviews of security suites, password managers, parental control software, VPNs, and more. If a product has flaws in its safety or doesn’t give it a top rating, check out our Editors’ Choice products for the category. You may want to move on to something better
3.Sanity-Check Your Virus Software
If you want to check whether your image-recognition app can tell apples from oranges, See if it responds correctly if you place an apple (or an orange) in front of it. If you want to know if your antivirus can tell good software from malware, things are not so simple. Most people don’t keep virus on hand for that kind of sanity check (and shouldn’t, either).
The EICAR test file is used in this situation. EICAR, developed in 1991, was used by the European Institute for Computer Antivirus Research, but after a while the group abandoned the acronym in favor of just EICAR. A test file is a small program that antivirus vendors around the world agree to detect, even if it is not malicious. Go to the EICAR website and try to download the file. Your antivirus should block the download and identify the “threat” as an EICAR test file.
4.Consult with the professionals
The Anti-Malware Testing Standards Organization (AMTSO) is an international group dedicated to improving cybersecurity testing. At a higher level, that means creating standards and encouraging discussions between the companies that develop antivirus tools and the companies that test those tools. However, AMTSO also maintains a bank of feature tests that anyone can use to ensure their own security is working. I am a member of the advisory board for this organization, full disclosure.
From the Security Features Check page, you can launch various tests. Some of them use different components to find the EICAR file, for example, manual download, driver download, or compressed format. And AMTSO has created a standard (benign) file for less virulent but potentially annoying unwanted applications. You can verify that your antivirus scans within ten different types of compressed files.
Remember that all files in these tests are harmless. Many security companies have agreed to act as a deterrent, creating a safer way to conduct such tests. If your antivirus passes one of these tests, it’s working. If it does not pass, the publisher may not choose to participate.
5.Check your VPN
Every time you visit a website, your browser sends your IP address with a request for information. This is necessary because the site needs an address to send the requested data back to. Your IP address can also identify you physically, although not with great accuracy. You can check it out now by visiting whatismyipaddress.com, whatismyip.com or any of dozens of similar sites. Do it now, without the VPN active. You’ll probably see that it gets the correct city, but not much detail.
When you route your communications through a virtual private network or VPN, the website doesn’t see your IP address. Instead, it looks up the IP address of the VPN server. So, connect your VPN to a remote server and run that geolocation test again. Does it show that you are in Paris now? Then it works!
Every time your browser tries to visit a domain like pcmag.com, it must send a DNS (Domain Name System) request to translate it into an IP address that machines and applications can use. If your VPN isn’t configured properly, it can expose this DNS request data, meaning a spy or hacker can see what sites you’re visiting. At dnsleaktest.com you can run a simple or advanced test to make sure your VPN isn’t leaking DNS data.
6.Examine the security of the router.
Every wireless router is configured with a default username and password, credentials you want to change important settings at any time. Particularly with older routers, basic settings like “admin” for both username and password, and you can be sure that hackers will know all of those defaults.
You may also see the default username and password appear on a sticker on the bottom or side of your router. It’s safer than using dumb nature credentials, but anyone who walks into your den or office can take a picture of those credentials. If your router is known in the background, you can provide those credentials in your video meetings.
If you’re not sure whether your router uses default credentials, check with your Internet provider’s technical support. Once you’re logged in, change the router’s password and record it in your password manager. When you’re logged into the router, check what type of encryption your Wi-Fi connection is using. WEP and WPA are older, less secure encryption methods; not good! You need WPA2 with AES. Chances are good that you can choose a new encryption method from the drop-down list. A warning; Some older devices such as Nintendo DS and Sony PSP are not compatible with WPA2.
7.Examine your mobile equipment
Apple has made iOS airtight, but Android devices are not so secure. There are millions of malicious programs that aim to wreak havoc on Android devices in particular. If you don’t have a security plan on your Android, you are at risk.
A typical Android security tool offers malware protection and antitheft features. This is important because your Android is more likely to be lost than encountering serious malware in the wild.
You may already have Android security as part of your desktop security suite. Many modern packages include multiple platforms. Check out our round-up of the best Android security.
8.Explore IoT (Internet of Things)
Your computers and mobile devices aren’t the only things communicating on your home network. Chances are good that you have many other devices on that network, such as game consoles, video doorbells, baby monitors, and whatnot. The problem is that you can’t install security software on most of these devices, so you can’t be sure they’re safe.
Or can you? There is a growing category of free home security scanners, both standalone applications and suite components that do two useful things. First, they tell you which devices are on your network. You might be surprise at the length of the list. Second, they check for security issues with those devices.
Bitdefender Home Scanner goes a step beyond simply reporting on unsafe ports and other potential vulnerabilities. When a new device joins the network it will pop up a notification and scan it. It’s also a warning to you that someone, or something, has just joined the network. If that’s unexpected, some maneuvering is in order.pa
9.Review your passwords
You use a password manager, right? That’s good! But what does it manage? Getting all your passwords into a computer is just the first step. Step two replaces weak or duplicate passwords with strong ones.
A report on password strength is typically included with password managers. The better ones provide you with a list that may be sorted according to strength. If your report shows a lot of weak and duplicate passwords, start fixing them. Do the worst five or however much time you have. Fix some more tomorrow. Keep it until the password manager gives you a gold star.
Of course, all this effort is waste unless you protect those passwords behind a strong master password. Passwords stored by a password manager can be completely random, like GYDH31A^u6h1!udK, but the primary one is one you’ll remember. Check out our advice on creating a super-strong master password that no one can guess.
10.View Your Pwned Status
Data breaches happen every week, and personal information is always leaking onto the dark web. Yours may be expose, but how do you know?
Fortunately, the handy website Have I Been Point can help. Enter your email to find out if that information is in a known breach or a data dump on a site like Pastebin. You’re like “Damn – pwned!” Change the impacted passwords right away. Many password managers monitor the password change process and automatically update their data.
Your email address isn’t a big secret, unless you use a special system to hide it behind disposable email addresses. Sending an email address to have I Been Pwned is not a major security risk. The site also maintains a list of over half a billion passwords that have been breach, so you can check if your
passwords have been expose. Despite the site owner’s detailed explanation of how this is done without risking your privacy, I hesitate. If you really want to check Pwned passwords, your safest bet is to download the database and do a local search.
11.Examine your social media security.
Your social media accounts (except Twitter) should be set to private so only your friends can see your posts. But have you checked that yours is configure for better security? Log in, go to Settings and review anything related to security or privacy. For example, on Facebook, only friends can see your posts, and only friends of friends are allow to send new friend requests. You don’t want your profile to be linked by search engines.
Facebook allows you to review all devices logged into your account. Review the list and if any of them seem fishy, walk away.
You may not realize it, but even if your own settings are tight, friends and apps can still leak your data. On Facebook, You may stop that leak on Facebook by turning off the sharing API. Doing so means you won’t be able to play Farmville or other thrilling Facebook games, but the sacrifice is worth it. Additionally, you can examine and download data that Google and Facebook have preserved.
12.Examine Your Credit
How would you feel if you opened your credit card bill and found a charge for a fancy exercise regimen you didn’t order and shipped to an unfamiliar location? Yes, it would be worse. But you can get ahead of the game by checking your credit early.
We love Credit Karma, a free website and mobile app that tracks your credit score. Yes, you can get your credit reports from the three major agencies once a year at no charge, but Credit Karma works directly with TransUnion and Equifax to check your scores once a week. It automates the retrieval of full annual reports on a regular basis. If you notice a new account you didn’t open or a sudden change in your score, you can straighten things out before the thief starts taking your money.
How do I check security software?
Check if anti-virus software is installed on your Windows computer. The best way to find out if you have anti-virus software installed is to use the Security Center feature in your Microsoft operating system. When you select this option, you will be presented with a status: Anti-Virus Software
What Windows Security do?
Virus & threat protection in Windows Security helps you scan your device for threats. You can also run different types of scans, view the results of your previous virus and threat scans, and get the latest protection from Microsoft Defender Antivirus.
What is my Windows security password?
On the sign-in screen, type your Microsoft account name if it isn’t already displayed. If the computer has multiple accounts, select the one you want to reset. Below the Password text box, select I forgot my password. Follow the steps to reset your password.
Read more: Antivirus Stops Working? What’s Next Step