Why You Should Secure Your Devices
Human error is the weakest link in cybersecurity. Individuals want to cut corners on devices they use for efficiency, especially ones that are used hundreds of times a day. Although it’s nice to open a phone by clicking one button, or not having to log into a social media account every time, these practices create security risks. Individually, these shortcuts aren’t extremely harmful to a person’s security, but when multiple are used, they can create bigger gaps and allow for attackers to gain sensitive information or unauthorized access more easily. In a perfect world, none of these gaps would exist, however because evolutions in technology, it is important to implement the strategies listed in this article based on individual risk tolerance.
Tip #1-Utilize Multifactor Authentication to Secure Your Device
The first line of defense on any device, is usually a password. Everyone has heard of best practices for passwords, use more than 8 characters, use an upper-case letter, use a special character, etc. These are great and used to be all someone needed for frontline security. However, with the advent of computers that can crack more complex passwords, and the widespread usage of social engineering, securing devices and accounts requires more than it used to.
Created in the mid 90’s, multifactor authentication has been around for almost thirty years and is becoming the new standard for frontline security. Multifactor authentication utilizes two or more forms of authentication for access to an account or device. An example of this is usage of a strong password combined with a randomized SMS pin for every login. Although this technology isn’t new, it’s very secure and provides extra steps that an attacker needs to take to compromise a device or account.
Creating these extra measures means that an attacker can no longer try to brute force or phish a password through an email to access an account. They must also have access to a phone, or other device that is used for authentication. Another thing to remember is that attackers tend to target the most vulnerable devices or people. This means that if a possible intruder sees that multifactor authentication is in place, they might be deterred.
Tip #2-Plan for Your Device to Be Lost or Stolen
Planning for a worst-case scenario is always a good idea. If a device becomes lost or is stolen, it’s important to have options to handle the situation. Being able to recover, prevent the stealing of, or destroy sensitive information on a device not in your possession is critical to the security of that information. In addition, implementing a redundancy strategy for sensitive data increases the chances that the integrity and availability of the data will stay intact.
One option is encryption. Encryption must be implemented prior to the device being stolen or lost; it will increase the chance for the data’s integrity staying intact. An encrypted device, even if stolen can provide challenges for an attacker, considering the tools and computers required to break most encryptions. Regardless of if a device might be stolen or lost, it should be encrypted while in use to prepare for a worst-case scenario.
If a device is lost, the first technology an individual will want to use is location tracking. Making sure that location services are enabled, and a location tracking app is installed will give insight into what the next steps are in recovering the device and/or data. If the device responds with its location, physically checking were its reporting its location is a good option. If it isn’t reporting its location, it could be disabled by an attacker, in which case other options should be considered.
A remote wipe should be used as a last resort method if recovering the device isn’t possible. You should make sure that a remote wipe function is setup when configuring a device in the event a device is stolen or attacked. In addition to a remote wipe function, implementing regularly scheduled backups will preserve the availability, rather than just the confidentiality of the data. Ultimately, having a plan for when a device is lost or stolen will determine if your data will be breached or will stay secure.
Tip #3-Be Mindful of When Connecting to and Using Networks
Networks are everywhere, at the local coffee shop, at home, at work, but not every network is built the same. Some networks don’t have the security features that others do or are run by malicious attackers to trick users. This means being mindful about what networks you connect to, and how you connect to them can help prevent your devices from being compromised. A good rule of thumb is to only trust known networks, like a personal network or work network, and not unknown networks unless you’re very sure. Even if they might seem secure, it’s hard to know with absolute certainty.
A feature that is built into most modern devices is automatically connecting to known or open Wi-Fi. This can be extremely helpful for efficiency purposes, however just like taking shortcuts on login security, automatically connecting to these networks is dangerous. By connecting to an open network automatically, a user might be exposing their device to an unsecured network, or a network that has bad actors connected to it as well. Comparing this to connecting to a secure password protected network manually, the security benefits outweigh the efficiency drawbacks. So, if device security is a necessity, be sure to only connect to secure networks that are trusted, and password protected.
Most networks are connected to the internet, which holds even more potential for threat actors to spy on potential victims. A safe solution that most people use to keep their online identity safe and anonymous is a Virtual Private Network (VPN). A VPN utilizes the ability to jump between multiple servers before connecting to a website. This hides your IP address, which can hold a lot of information, and makes it harder for threat actors to track where you are on the internet. VPNs are a simple way to secure your online browsing, and personal devices.
In addition to securing online browsing and personal devices VPNs are also a great way to secure business devices when working remotely. However, managing a VPN for a whole organization can be difficult. NuHarbor’s first choice for businesses that need an easy to integrate security package for remote work is Okta. Their lifecycle management for example, doesn’t just save you time, but it saves you money too when integrating a VPN or other security application in an organization. Talk with a NuHarbor expert today to learn more about Okta and how they’re services can help secure your organization.
Tip #4-Prevent and Mitigate the Spread of Malware on Your Devices
Malware is everywhere, and is constantly evolving, luckily for the average consumer, so is security. Keeping your software and firmware up to date is a key component in keeping up with this infinite cat and mouse chase. Developers will periodically release updates for their devices, and as a user, it’s important to download and install these updates to protect against the new malware and exploits. If a piece of malware or exploit is known to be very dangerous, a developer may push out a patch in response to the exploit. These are arguably the most important to download and install due to the severity of the exploit that warranted a swift response from a developer.
Often, developers won’t be able to catch every exploit instantly, this means to protect against malware, users should employ counter measures on their devices. An Anti-Virus is a great example of a counter measure and how it can be effective. Windows Defender, a built-in anti-virus on Windows OS’s protects users automatically from malicious looking files. Comparatively, Windows Defender is a basic anti-virus, and with the right knowledge can be bypassed without any alerts. Therefore, researching an anti-virus that fits the risk tolerance of a user is an effective way to prevent and mitigate the spread of malware.
Human error is a device’s biggest security risk, therefore mitigating the actions that cause this error can lead to substantial results. Researching applications before you download them is a prime example of how this error can be mitigated. If an application seems too good to be true, or looks potentially malicious, you should do research to confirm that what you are downloading is what you intend to download initially. Email is another place where users should utilize a cautious attitude. Being wary of suspicious emails and only downloading only trusted files will help any user lock down their device security.
Tip #5-Prepare for Your Device to Be Compromised
Ultimately, preparing for a device to be compromised can result in preservation of critical data integrity and confidentiality. Therefore, use devices and manage the data on them, as if they were going to be compromised within the hour. Credentials for example should never be stored in clear text on notepad-like applications. This makes it easier for an attacker to gain information once in the system, which is never beneficial for the victim.
Similarly to how you would lock your house if you left for work, you should be sure that you lock your devices when not in use. Leaving a device with personal data, or credentials unlocked, especially in a public setting can have major consequences. Once again, don’t make a threat actors job easier than it could be.
Protecting User Devices
Integrating the techniques and habits above will increase your cybersecurity maturity and give any user peace of mind that their data is safe. This isn’t to say breaches still can’t occur, especially in higher risk environments such as businesses where the attack surface is much greater, but these tips will help to prevent hackers from easily accessing your devices. Are you’re looking for a cybersecurity provider that can protect your organization’s devices? Contact one of NuHarbor Security’s experts for more information.