A: Antivirus is only a very small piece of the security and privacy puzzle – it doesn’t specifically protect against hackers. It protects against malware. Some of that malware may be under the control of hackers, some not. With or without antivirus, you still have work to do to protect your data.
If you are going to run without antivirus, perhaps the most important step is to enable application whitelisting. With this, only approved applications can launch (malware would not be on the approved list). With macOS, this is enabled once a user account is changed to a Parental Control account. With Windows on a domain, you can use the Group Policy Editor. Windows systems not on a domain can use the Security Policy Editor. To make life a bit easier, you may want to try VoodooShield.
Next, you must enable full disk encryption to help prevent brute force attacks from accessing your storage device when you aren’t logged in. In macOS, this means enabling FileVault 2. In Windows, this would be BitLocker.
Now that your drive is encrypted, make it even more difficult to crack your login password by using a strong password. Bare minimum of 15 characters.
And of course, NOBODY else will ever know your login password.
To ensure your email isn’t intercepted and read, you will need to have end-to-end encrypted email. The easiest way to do this is by getting a ProtonMail account.
As most of us communicate primarily by instant messaging and voice nowadays, it’s important to ensure these are also end-to-end encrypted. My favorite for this is Wire.
One area few give thought to is their social media presence. Far too much personal and sensitive information can be harvested from a social media account. Facebook, Google, LinkedIn, Apple, and most others now give subscribers good control over who can see what. But it’s even more important not to put the data there in the first place. And if it is there, remove it. Schools, employers, governments, and criminals all are interested in what you have in place.
The last step for the DIY user is to get a VPN account and use it 100% of the time that you are online. This will prevent your data from being harvested off of your local network, as well as off the internet.
Following the above gives you a good handle on your security and privacy.
Next… secure your mobile devices. But that is for another blog.
