Computers are weak, you are strong. Since it's inception, the computer has been susceptible to viruses and other malicious software, but it's not the computer's fault -- we made them that way!
Now, there are fans of this operating system or that who will tell you their OS is different, but it is not. Any OS that gains enough market share/usage will be a target, and no matter how robust its security measures - so long as a human can click "yes", or a machine can say "yes" automatically, there will be malicious software.
That's not to say certain OS's are not more susceptible than others by default, and if that's the case, we all know that we should take steps to "harden" our security by keeping our programs up to date. We all know we should install a firewall, antimalware, and antivirus software.
But what else can we do?
1. Use multiple passwords
Yes, this has been said to death. Yes, you really need to do this! Here's something you may not know, though: The old password method, and the one still REQUIRED by many places, isn't as effective as we think it is. The old "UPPERCASElowercase$ymb0|s#numb3r5" eesh, what a mess! Here's a common version of that method: Passw0rd!
Gimmie a break.
This xkcd comic (warning, nerd comic!) explains it best.
Instead, come up with a few passwords that are illogical four word groupings, but that you can easily remember. It doesn't even have to be upper/lower/numerical/symbol, but it can be! Here's an example: sillybiscutthundercar -- toss in capitals, numbers, and symbols as required.
2. Write down your passwords
Wait, WHAT!? Yes I knew that one would throw you for a loop. This is also advice you would be hard-pressed to find elsewhere on the net. But here's the thing, we need to work with our own behaviors, it's the only way any personal system can be successful.
So think about it. How often do you forget passwords and need to reset them? When you reset them, how often do you just end up using the one you can easily remember (aka the one you use for everything!).
Now, I'm not suggesting you write these on a sticky note and "hide" them under your keyboard or that desk drawer you're thinking about. No, instead, write them all down on a piece of paper and store them in your fireproof safe, or otherwise in a TRULY secure area. Next time you forget that password, you know right were to go to find it, and you wont end up in the vicious cycle of forgetting and resetting, which devolves quickly into Password123.
3. Browse thoughtfully
While traveling the internet we can end up in some pretty seedy areas. Sometimes we go there on purpose, sometimes we just take a wrong turn. Either way, we should come prepared! Many browsers have a "safety" features we find annoying and turn off. Turn those puppies back on if you expect trouble. Maybe turn on an ad-blocker (like Firefox's adblockplus), and turn off popups. But basically, if you're going to travel through hostile territory, bring protection, and tread carefully.
4. Don't be a pirate
Software, Movies, Music, you name it, it's out there in bootleg and pirated form. Those who frequent these back alleys are aware of the dangers they face (from malicious software or people), and they travel appropriately (if tip #3 is to lock your doors and pack pepper spray, then these guys are rolling through in an armored column with automatic weapons). Unless that sounds like your cyber persona, stay clear. Or stay clear anyway, it's illegal and it's traceable!
5. Watch out for "Free"
The best things in life are free, and you'll get to spend a lot of time offline enjoying life if you're in the habit of downloading free software! That's not to say that everything free on the internet is bad. Most open source software is fantastic -- I use many free applications in my daily work -- but these days, even major players like Oracle (specifically Java) try to insert software you had no intention of installing. See below:
It's not just Oracle. Skype does it, so does Adobe. It is specifically this sort of thing that is taking advantage of a persons proclivity to click "next". Did you intend to install an Ask toolbar when you come to java.com? No. Oracle just socially engineered you to accept something you don't want, without your knowledge! This may be a bit hyperbolic, but Oracle just hacked your brain!
Don't get hacked, beware of freeware.
6. Back up to the cloud
If the worst happens, and you get an infection, the last thing you want is to lose all of your data. Having any type of backup is a good decision, but cloud back ups, in particular, have a couple of key advantages.
- Cloud backups typically scan files for viruses as you upload them. This does not protect your PC directly, but it does mean that any of your files on Google Drive, for example, will be clean if you need to re-download them.
- Cloud backups are off-site, so you can reach them from many devices connected to the internet, extra handy if your main PC is down.
7. Have a way to restore your system
If you've got an IT Guy/Gal, make sure they are creating "images" of your machines. System images are used to quickly install operating systems, typically an image would have many of your company's common settings pre-configured, allowing for fast recovery. This is also a great way to quickly bring a new device in to your organization. If you don't have an IT Guy/Gal, make sure to set a System Restore if you use a PC, or an "OSX recovery" if on mac.
8. Be careful with email attachments
For the past few years, this has been the source of most virus infections I have cleaned for people. Most of us live and die by our inbox, so this can be especially scary. Anti-virus can help you here, but quite frankly, we're all still pretty vulnerable to "human hacking" with this one. A famous case that was making the rounds last year and early this year was CryptoLocker.
Most IT advice is "don't click on any email links or open any attachments!" and "scan all your attachments before you open them, even from trusted sources", but this clearly doesn't work in day-to-day worklife. So be careful!
9. Don't get brain-hacked
I've mentioned it a few times already, but social engineering is and will be the last great frontier of computer security. Get some savvy, and protect yourself from brain hacks!