In so many areas of life, the best way to determine if you're headed in the right direction is to have good questions, answer them to the best of your knowledge, and revisit them frequently as the circumstances change. The same holds true when it comes to computer security. Knowing for certain if your computer is secure can seem a bit daunting and complicated, so we'll give you a hand with this and break it down in simple terms. As a home user, your task is a bit simpler than the security folks at work, but the basic idea is the same.
Without further ado, here are 5 important questions that can help you determine whether your approach to security is taking you down the right path:
1. What devices do you have that need protecting?
In order to know what you need to protect yourself, you must determine what you have that needs protecting. The first thing you can do in that regard is to assess what Internet-enabled devices you have. Do you have a computer? A laptop? A tablet? A smartphone? Those should have at least some basic security tools on them, including an anti-malware file scanner, password or passcode protection to get into the device itself, and encryption on important data. Contrarily, your "dumbphone" that can still access the Internet, the BluRay player or car that can access certain content over the network...there's not a whole lot you can do there, so you might as well not fret too much.
2. What data do you have that is important to you?
This question is both simple and more complicated than it appears. It can sometimes be hard to know what apps and websites store data in cookies, caches and temporary files. It can be helpful to use something like Mac Washing Machine and Identity Scrubber that can help you clean up those things, so you can get a better sense of what data lives where. Once you've done that, you can figure out what information you wouldn't want getting out. Be sure to include anything private or personal, information about your finances, your personally identifiable information, and anything you would be very upset or inconvenienced to lose.
3. What data do you have that is valuable to others?
There will likely be some overlap here with the answer from the previous question, but there are some things that might not seem so important to you that would be valuable to an attacker. All those social media accounts, even the ones you never use anymore, could bring in some cash to an identity thief. Ditto with old email accounts, or other account information that could be used to contact other people you know, who might be more inclined to trust a message coming from you. An identity thief could make use of documents that include things like your address, kids' names, or your family members' birth dates.
4. What level of inconvenience is equal to the value of your data?
Let's face it, locking your door when you leave the house and then unlocking it when you get home is sort of a pain. Not a huge one, but it would save some time if you didn't have to bother. But most people generally consider this to be sufficiently worth the effort to protect our stuff, even if this isn't a foolproof way to protect our homes. Likewise, security on your computer makes things take a little longer sometimes, but it can definitely be worth it to protect the stuff you keep there.
Some people put bars on their windows, or install elaborate home security systems, when they feel like they're in greater danger or their stuff is worth a measure of extra protection. So, when it comes to all your devices, how valuable is the data you keep there? If you just use your phone for some basic phone and web-surfing capabilities and don't keep meaningful data on it, maybe you don't need to go nuts encrypting all the things. But if you keep tax documents on your home computer or laptop, you might want that extra level of protection.
5. Is what you're doing enough to protect you?
Are you just using the security that your operating systems provide you, and updating eventually? You're a low-hanging fruit, and cyber criminals will happily target you as easy-pickings. Avoiding malware in the long-term would be simply a matter of luck. If you take more steps to protect your devices and the data on them, you're doing better than the majority of the population and will be safer against attacks. If you get attacked or affected by malware at some point, you have definitive proof that you need to be doing more, and need to go back over these questions again.
The answer to these questions will naturally change over time, as the number and type of devices you have changes, and as the data on your devices change. So be sure to periodically revisit these questions, especially as you get new devices or store your data in different ways. It's not quite as festive as coming up with yearly resolutions about losing weight or saving money (or is it...), but perhaps this should be a similar, regular occurrence for all of us.