Keeping your Devices Safe in A Digital World
by Chris Asmus, October 2016
There is no denying that today we live in a digital world where news, information, shopping, and banking can be accessed 24-7-365. It is easier than ever to stay in touch with friends and family, and to collaborate and conduct business on a global scale. Some interesting U.S. statistics (compiled by the Pew Research Center) show just how completely reliant our lives have become on technology:
- 84% of households have at least 1 computer; 45% have a tablet
- 73% have a broadband (high speed) internet connection
- 92% of adults have a cell phone; 68% are smart phones (up from 35% in 2011)
- 80% of adults use some kind of social media, and 34% check or use it while at work
- 85% of customers find businesses today on the internet
- 70% of consumers buy products (even groceries) online, with over 50% buying more online than in physical stores
While technology has made life easier in many ways, the downside is that our most important personal information and devices can be vulnerable to hackers, viruses, phishing scams, malware, and spyware. Worldwide, there are an estimated 1.5 million cyber attacks every year (that’s three every minute) at a staggering annual cost of $400 billion. While there is no way to prevent becoming the victim of a cyber crime, by using common sense and taking some basic but effective precautions to protect your devices, you can reduce the risk of being an easy target.
Computers & Notebooks:
- Operating System (OS) and programs: check for and install updates for your OS and programs installed on your computer regularly. Updates contain important patches to fix new security threats or technical issues with the OS or program.
- Firewall: make sure you have a firewall installed and turned on to block unauthorized access to your computer or network. Connecting directly to the internet without a firewall leaves your devices exposed to potential threats.
- Security Software: make sure you have an antivirus, malware, and spyware program installed and running on all of your computers at all times. Keep the program and virus definition files updated and run frequent scans to detect and remove threats. Some programs also offer increased protection with phishing, spam, website, and email monitoring.
- Suspicious Programs, Links, Downloads, Emails, Attachments, Websites, etc.: As AndriodCentral puts it, “Look before you click!” Don’t click on links, download or install programs, open emails or attachments, or visit websites of unknown source or origin. Malicious content is one of the biggest threats to your devices. Always run a security scan on attachments (from memory sticks too) before opening, and only install or download programs from trusted sources.
- Backup Your Data: Keep important data, files, photos, etc. backed up on an external hard drive or storage device or through a cloud storage solution. Keep a list of programs that are installed on your computer and keep installation discs, drivers, software and registration keys in a safe and convenient place so that you will be able to restore your important programs and files if your computer becomes incapacitated.
- Password Protect your Computer: Set your computer to enter to screensaver or sleep mode that logs you out when it has been inactive for a few minutes, or manually log off or shut it down when not in use. Require a password login at startup or to resume activity so that your computer is protected; this is especially important for laptops or tablets.
- Operating System (OS) and Applications (apps): Like computers, it is extremely important to keep your OS and all apps updated to protect your mobile devices with the most recent security patches.
- Auto-Lock and Passcode Protect: Always enable auto-lock and passcode protection on your mobile device so that it cannot be accessed when not in use. This can also help prevent accidentally “pocket dialing” your Mom, boss or the last number you called!
- Turn off SMS Previews: Do not allow text message previews when your device is locked. By disabling previews, potentially sensitive messages can’t be viewed or accessed. This is also important when using two-step authentication (see passwords below).
- Applications (apps): Only install apps from trusted sources, and check the privacy settings and permissions carefully. According to the Pew Research Center, “People are now public by default and private by effort.” Turn off or disable any unnecessary permissions to protect your privacy. Use the Google Play or Apple App stores to buy or download apps as both have stringent core quality guidelines and program policies that must be met before an app is approved for access in the stores.
- Email and Web Browsing: Use the same precautions on your mobile device as you do on your computer when opening emails, opening programs or attachments, clicking on links, or browsing websites. Don’t be fooled by potentially malicious popup ads, sensationalized “clickbait” headlines, offers too good to be true, or other links or attachments from unknown sources.
- Bluetooth and WiFi: To prevent an unknown or unsecure connection, turn off Bluetooth and do not allow automatic WiFi connections when not in use.
- Lost or Stolen Device: Strongly consider activating or installing a “find my phone” app that can help you track your device if it is lost or stolen. Otherwise contact your device manufacturer’s technical support for assistance in locating your device and/or locking and wiping it if it has been stolen.
- Replacement or Transfer of Ownership: If you send in your device for an upgrade, replacement, or repair, follow the manufacturer’s instructions carefully to make sure you clear all cache and browsing data, and reset or wipe the phone. If you are selling or transferring ownership of your device, consider contacting your device manufacturer or service provider’s technical support to ensure you have taken the necessary steps to remove all of your personal data. As a precaution, consider changing your passwords for email, banking, or other accounts you may have accessed on your mobile device.
Other General Security Precautions
Passwords and Two Step Verification: One of the easiest ways for hackers to access your personal information, email, or other accounts is by figuring out your passwords. Keep a list of all of your accounts and passwords written down in a secure location (not online). Change them frequently and don’t use the same passwords or patterns for all of your accounts. Use strong passwords: at least 8-12 characters with a combination of mixed case letters, numbers and symbols, and definitely don’t use easy to find personal information such as your favorite pet, birthday, address, mascot or sports team, or phone number.
Whenever possible, in addition to a strong password, use multi-layer authentication (that asks for additional verification information) or 2 step verification (that sends a unique access code or PIN via email or mobile device that you need to enter to log in). Don’t allow programs or apps to automatically save your password, and always logout when you are done.
WiFi Connections and Hotspots: Use extreme caution when tapping into public and non-secure WiFi connections. Just because a connection requires a password does not mean it is a private or protected network (think hotels, businesses, or coffee shops). Do NOT access personal information or sensitive information such as checking or sending email, conducting online banking or shopping, or even logging onto cable or Netflix to watch a movie. Just don’t take the risk!
Additional Email, Link and Attachment Precautions: One of the most common ways devices get compromised is by taking action in a malicious email. It is estimated that as much as 56% of all email sent or received in the United States is malicious or contains spam. Hackers have gotten quite creative in making emails appear to come from a legitimate business. For example, you may receive an email appearing to be from UPS about a package that you need to confirm your delivery address to receive, or from your bank notifying you of a suspicious transaction that you can click on the link to your account to log on and verify. Look for telltale signs of scam emails like grammar or spelling errors, “Dear Valued Customer,” or a “From” email address that doesn’t match the company’s website address. Also be wary of strange emails from people you know (their account may have been hacked) and any business that may or may not be familiar to you asking for personal information including Amazon, Paypal, postal services, and financial institutions. If you receive a suspicious email from a company, contact them directly to confirm if they sent it, and report it if they didn’t.
The same precautions should be taken for suspicious links, downloads or attachments on websites or in apps: don’t click on a link (which may be disguised as a button or image), download a program or open an attachment from an unfamiliar source. Just as hackers have gotten creative with emails, advertisers have also become masterful at creating “clickbait” sensationalized headlines with the intent to get you to go to the article that is really just about the advertising content or is created to generate traffic to the page. Beware of words like “ad content” near a link or confusing navigation that instead of leading you to the next slide in the series, takes you to an advertisement. Look for the “https://” and confirm the website address is valid before you enter your login information or banking information, especially when making an online purchase. Clicking on unknown links or attachments can be especially dangerous because they can install spyware, malware or a virus that infects your device or compromises personal information without your knowledge. Always click with caution!
Although there is no foolproof way to definitively protect your devices, putting security precautions in place and using safe practices when using your devices online will help you stay one step ahead of the hackers. As they say, you don’t need to run faster than the bear, just faster than the other guy.