How to ‘harden’ your devices to thwart attacks
by Ian Barwise | Special to the Courier
If you’re like most people, security and privacy are not of great concern to you. Most people fall victim to all kinds of scams and hacks. Let’s hope that’s not you, that you’re one of the few who goes out of your way to harden your computing devices to keep your information both private and secure. And you absolutely should in today’s world.
Here are 10 simple things to drastically improve your cybersecurity and privacy on laptops, desktops, smartphones, and tablets.
- Unless your device is running some flavor of the Linux operating system, I highly recommend restarting it weekly at a minimum. This keeps it running optimally and clears the volatile memory which is often where the bad guys like to store their malware in your device (e.g., zero-click attacks).
- Power down your devices when you’re not using them. For a desktop or laptop computers, just powering off at night not only saves money on your electric bill and increases the device’s longevity, it also prevents threat actors from being able to detect and compromise it. Anytime a device is connected to the internet, it is more vulnerable than when it’s not.-
- Enable automatic software updates. If you don’t update the software running on your devices, you will be vulnerable. With all the threats we face today, updating sooner rather than later can save you a lot of headaches.-
- Install anti-virus software and configure it to auto scan. I don’t recommend spending a lot of money, but there is truth to the adage that you get what you pay for. If something is free, it’s generally accepted that you’re the product. Bitdefender is a solid paid option.-
- Use two factor authentication whenever possible. Passwords and PINs are the weakest forms of account protection, and most people have poor cyber hygiene. So, do yourself a favor and make the bad guys’ jobs harder by enabling 2FA on all your accounts, preferably authentication apps like Google’s Authenticator, Duo, or Authy.-
- Use a password manager. Passwords are inherently vulnerable to all sorts of attacks and to make your passwords complex and random enough to thwart attackers, you really should be using a portable (web-based) password manager you can access from all of your devices to be able to create random, complex passwords. You only need to remember one master password to access your password vault, so make sure it’s a longer passphrase with symbols, numbers, caps, and lowercase letters. Avoid using a browser based password manager like Google Chrome as they are susceptible to various types of attacks. KeePass or Bitwarden are two good free options.-
- Enable full device encryption on every device. Encrypting your drives on the devices you own helps maintain the confidentiality and integrity of the data stored on those devices. This is kind of a no brainer security measure, but you’d be surprised at how many people don’t encrypt. If your device is ever stolen, you’ll be glad you did. Also, only visit websites that have “https” in the beginning part of the URL.-
- Lock your computer and phone before leaving the area. Manually lock and set automatic screen lock timers on your devices. If you step away from your Windows-based work computer to use the restroom or get another cup of coffee, Windows (start) key + L will lock your screen. On your smartphone or tablet, configuring the screen lock to activate after 30 seconds or one minute is a good idea. You want to minimize the potential for an attacker or thief to grab your device and have full access to all your unlocked apps, files, and device settings.-
- Avoid clicking on links from random text messages and emails. Every time you click on a web link, you’re performing a risky action whether it’s from a recognized sender or not. Familiar email addresses and phone numbers can be spoofed quite easily. Therefore it’s best to get in the habit of hovering over the hyperlink in the text to see what the URL (web address) is before clicking on it. On your phone, if it’s not from a recognized sender, then don’t open it. I also screen all my phone calls unless I recognize the caller.-
- Disable Bluetooth, Wi-Fi, Wi-Fi calling, and Near-Field Communication when not needed. Leaving those features enabled leaves your device vulnerable to attack from rogue connections and it only goes south from there.
Ian Barwise is a retired Marine, a cybersecurity engineer, the father of three school-aged children, and a seven year resident of Claremont.
0 Comments