You have a password and you know how important it is to lock your computer or smartphone. But is it enough? Are you really savvy to the variety of threats that can impact your data security and privacy, or are you just going through the motions just in case you get caught out by scammers?
It isn’t enough to just want to be secure; you have to actively ensure your digital security, day in, day out. Beyond setting passwords and locking devices, you need to ensure that security becomes as instinctive as preparing a meal, driving a car, or even breathing.
The following five security tips will help you to focus on your digital security.
Don’t Lock: Turn it Off!
It’s convenient to lock your computer, isn’t it? Windows users can just tap WINDOWS+L to lock their workstation (one of many useful keyboard shortcuts) and go and fix a cup of tea, or even let the device go to sleep if the power management settings are configured appropriately.
However, while your computer remains connected to the Internet, it remains a target from online attackers. While operating systems have protections against unauthorized file installations, browsers that have been compromised through dodgy extensions do not.
One way to avoid problems is to ensure you shut down your computer when you’re done with it. If you’re concerned about the length of time it takes to restart, don’t be. Windows 8 and later has a faster boot than previous Windows operating systems. (Issues booting can typically be traced to hardware faults or the presence of malware.)
Remember the Principle of Least Privilege
Are you using the administrator account on your computer as your day-to-day login?
Many people do this, and as you might have guessed it isn’t a very good idea at all. Doing so leaves your machine vulnerable to risks and exploits; should you miss something obvious (a fake pop-up informing you of viruses on your PC and insisting you download a removal tool, for instance) or visit a non-secure website, there is scope for remote scripts on that site to cause problems.
Files might be deleted, and drives can be reformatted. A new secret administrative account might even be created without your knowledge, and used by an attacker to monitor your activity, record keystrokes (anti-keylogging tools are available), steal your data and even your identity. The ultimate malware attack.
Unless you require administrator rights for a particular task (such as installing hardware or software) make sure you’re logging into your computer with a standard user account. Don’t worry about losing the Administrator password through under-use – it can often be recovered.
Passwords vs. Passphrases
Over the years you will have been using a password, typically a single dictionary word with one or more numbers or punctuation characters incorporated.
Words, however, are not all you have. Instead, consider phrases and short sentences, song titles and lyrics, favourite quotes or even something a child might have said to you. Once you’ve done this, take the first letter (or pair of letters in some cases) from each word in the passphrase and add in numbers where relevant to create your passphrase. This is passwords evolved.
Better still, using this tactic to create your passwords means an end to writing them down – which is a terrible habit to get into.
We’ve given a great deal of advice on the creation of passwords and passphrases over the years. Ryan’s look at creating secure and memorable passphrases is a great place to look into this topic in further detail.
Out of Sight, Out of Mind
Where do you keep your hardware when it is not in use?
If you’re based in an office where hot-desking is employed, then your employer or the workspace owner should provide a secure cabinet for your hardware to be stored in. If this isn’t possible, then you’ll need to keep your laptop or tablet in a bag that you keep with you at all times. Secure bags for mobile devices are available – consider them.
Storing hardware in your car should be a last resort. If left in view of anyone looking through the window, it won’t take long for a thief to break the glass and make off with your notebook, smartphone or tablet. Worse still, if you leave it in a parked car for too long on a hot day there is a potential for your portable device to break due to extreme heat.
Avoid leaving your portable hardware unattended anywhere.
Easy Data Encryption
Everyone should use data encryption, and everyone can. From setting up a PIN for your smartphone’s SIM card to creating an encrypted partition on your computer’s HDD the use of encryption will ensure that your data will remains utterly secure.
Ten years ago, data encryption was niche, available only to those with the technical skills to set it up and implement. Recently, this has changed, with encryption available in the shape of native operating features on phones and desktop computers.
Android, iPhone, Mac OS X, Windows, Windows Phone and Linux users can all encrypt their device storage, either completely or in part (USB drives can also be encrypted). Should these devices be lost or stolen, they will not divulge any data stored on an encrypted partition.
Use these basic but oft-forgotten tips to maintain the security of your hardware and data. If you have any you would like to add to the list, tell me about it in the comments.