Or, actually, a lot less. These tasks are not going to take 24 hours. It might take eight hours, maximum, but most of the time you’ll be waiting for your devices to update, so you can sit back and drink coffee safe in the knowledge that you are “working”.
9am: review your passwords
Good morning. Let’s get the most annoying task out of the way first: reviewing your passwords. This is also one of the most critical tasks since most of the most common cyberattacks are based on cracking your passwords.
At your own pace, log into all of your online accounts, and make sure that each has a unique, strong password. If an account already has a strong, unique password, you need not change this. But if you’ve used the same password for more than one site, or got a little lazy and used a weak password because you were in a rush, change it.
Or, even better, use a password manager, which will automatically generate strong, unique passwords for every account you have, and then remember them for you.
10am: two-factor authentication
Two-factor authentication is a system in which you need to have a second device (sometimes your phone, sometimes a special dongle) to log into your accounts. It is far more secure than using just a password, and most banks (and some other sites) provide it. So go ahead and request that.
Ok, so this step won’t technically be completed today if they need to send you a dongle, but you’ve done the hard bit.
11am: protect your other devices
Now your accounts are far more secure on your desktop or laptop, it’s time to think about your other devices. There are also risks involved with using smartphones and tablets, and so you should secure them as well.
You can do that by installing anti-virus software on your phone and tablet, and also by installing a VPN (see below for details).
12pm: patch everything
This is going to be the longest step, so get ready to wait around for a while. You should ensure that all software on all of your devices is up to date with the latest security patches. That might sound like an obvious step, but it’s amazing how few people download these updates: Business Insider has found that only 38% of computer users regularly update their software security, and in 2016, only half of Android devices were kept up to date with security software.
Downloading and installing these patches might take a while, especially on slower connections, and especially if (like most people) you haven't done it for a while. The good news is that if you do this every month (or, better, every week) the process is much faster. So put it in your diary for next month as well
1pm: autorun OFF
This is a super easy step to make Windows machines a lot more secure. Autorun is a system within Windows that automatically runs files from a storage device as soon as it is plugged in. That might sound like a huge security hole, and it is. A pen drive can easily be used to deliver malware, and if autorun is not turned off your computer automatically loads it.
Windows 8 and later versions allow you to disable autorun. Just search for “Autorun”, and turn it off. Simple.
2pm: limited user
Another really easy “trick” to making your systems more secure is to change how you are logged into Windows. By default, you are logged into Windows as an “Administrator” and have pretty wide-ranging abilities to modify the way your system works. Most of the time, you don’t need this functionality, but if your system is compromised a hacker can use it to cause havoc.
Given that 93% of Windows 10 vulnerabilities could have been prevented by changing to limited user status, it’s amazing that more people don’t do this. So set up a Limited User account for you and any other family members using the network. You can always log in as an Administrator when you need deeper access to your system.
3pm: get a VPN
Now, here’s a more sophisticated way of protecting your computer, but not one that is complicated to set up. A virtual private network (VPN) is software that hides your IP address and encrypts your online connection, both of which make it harder for a hacker to find and access your data.
You should be aware, though, that not all VPNs are equal. Because a VPN owner can see your data, you should only use one that you trust and that charges money for the service, typically in the $5-10 a month range. In other words, avoid free VPNs, which are typically of low quality or lax security. A good starting point is to read plenty of comparison reviews before deciding which VPN to use.
Once you’ve found the VPN that is right for you, it will be easy to install, and cover all of your devices. For the ultimate in security, you can even install a VPN on your router, which means every device using your home network, for example, is protected by encryption by default.
4pm: secure your website
Finally, don’t forget about your website. If you run a business from home, it’s likely that you are storing plenty of sensitive information in the cloud. Data – particularly medical, financial, and social media data – is a real target for hackers, so make sure you take your website security as seriously as your home security.
Website security is, admittedly, a little more complex than the basic steps we’ve been through so far, but there are plenty of great resources online that shows you how to secure your website in just a few minutes.
5pm: plan ahead
And that’s it: you are done for now. If you’ve followed these basic steps, your home computer setup will be significantly more secure than it was at the beginning of the day. You are not quite done, though.
Most of the steps above are only needed once. But some – like updating your security software – should be part of your monthly schedule. So whilst you are thinking about cybersecurity anyway, write this in your diary. In addition, do some quick research on the signs of a malware infection, so you know what to look out for the next time you do a check of your system.
If you can integrate these good security practices into your everyday habits it ensures that you are protected not just today, but long into the future.
Sam Bocetta is a freelance journalist specialising in US diplomacy and national security, with emphases on technology trends in cyberwarfare, cyberdefence, and cryptography