In previous articles, we've discussed physical network infrastructure security for business in detail, as well as securing data on online platforms such as the Cloud, Dropbox, Kubernetes, and others. When away from work, however, you still need to secure your device at home. Securing the information on your own personal computer is as important as securing the information on a work computer. Even if you don't connect to a centralised business network or use online storage solutions, if you're online, you're vulnerable, plain and simple. And if you're similar to the majority of people who use their own, personal computers at home to sign up for online services, do any of your banking online, or shop online, everything from your name, identification, address, bank details, and online activity can be tracked, stolen, or sold, or your computer can simply fall prey to a virus or malware that can mess with its functionality to such an extent that you can't repair it, possibly costing you dearly not only in terms of a new device but also in terms of the data you've lost.
Either way, whether it's data related to your work, or simply your delivery address and card details for online shopping there is bound to be information on your hard drive that you don't want in the hands of another, unknown party, whatever their intentions with your data may be. It can be anything from simply having data to sell to third parties, who can use it for malicious purposes or simply to pester you with unending promotional spam phone calls, or it can be as serious as stealing your credit card details—although many financial institutions are now implementing a two-stage authentication system which sends an alert to your cellphone to either approve a purchase or report it as fraud—if that system should fail somehow, once the charge goes through, the bank can do very little about it and will instruct you to take it up with the "vendor" to reverse the charge...a "vendor" you may not know at all.
Key Measures to Secure Your Device
Invest in an Anti-Virus Software Package for Multiple Personal Devices at Home
Make Sure Your OS and Anti-Virus Software is Up-to-Date
Make Sure Your Device has a Pre-Installed Firewall that is Turned On
Invest in an Anti-Spyware Package
Make Your Passwords as Difficult to Guess as Possible
Do a Thorough Check of Your Security Settings on Your Browser
Be Alert and Use Your Common Sense
Backup, Backup, Backup
Shut your Computer Down when Not in Use to Secure Your Device
Encryption and Two- or Three Factor Authentication
Exercise Caution when Accessing Public Wi-Fi Networks
Protecting Your Phone as Part of Your Computing Infrastructure
You may have only one personal computer at home for your personal use, such as online shopping, managing your personal email communications, chatting online with your friends, or gaming online. You could possibly have more than one device in your household that falls into the category of personal use, and as mentioned before, no matter if it is for work or personal use, if you use it to go online, you are vulnerable to a plethora of viruses, malware, adware, ransomware, or data theft.
Many producers of anti-virus software such as AVG, Symantec, or Norton sell packages that secure your device against a range of online threats and which can cover multiple devices in your home, both for Mac and for PC.
These packages generally offer the following:
Many anti-virus manufacturers also include additional add ons such as software to boost your battery life and prevent your battery from degrading over time, software that highlights and resolves privacy issues, and gives you options to clear your browser cache and get rid of obsolete or junk data that may be hogging sections of your computer's memory—a clean-up function of sorts.
Here the recommendations to invest in an anti-virus subscription package and an OS package such as offered by Microsoft at a monthly or annual fee are again highlighted. Because the methods of hackers and the viruses unleashed on the internet evolve so rapidly, anti-virus packages have to be constantly updated. Most, if not all of your OS and anti-virus subscriptions services will notify you if an update is available, what the update is or does, and allow you to download it at no extra charge to secure your device. Many of these subscription services will also update all your device and peripheral drivers as an added bonus.
Almost all computers available commercially come with a pre-installed firewall, but some of them don't. You can buy a firewall as a stand-alone product from companies like Cisco, Sophos, or Fortinet. Lastly, check your system settings to make sure your firewall is actually switched on!
Spyware is a particular kind of intrusive software that is very difficult to detect and collects information in the background. It even has the ability to record every keystroke you make. It doesn't necessarily damage your computer or corrupt your data, it is essentially manipulative in nature, allowing certain popup ads (which you can stop with an ad-blocker usually included in anti-virus software), or directing you to certain pages through your search engine—in other words, bypassing "real" search results in favour of other sites—essentially promoting websites that don't rank high on search engines; a service they sell to low ranking websites illegally.
If you're an average internet user, like most people you have signed up for certain pages of interest to you, subscription services to online publications, or invented a password to access your Gmail account. Being constantly asked for a password by legitimate sites can be frustrating and you'd be surprised how many people use passwords that are incredibly obvious or easy to guess. Many users simply use the term "my password", which is obviously as easy to crack as an eggshell.
It is recommended that you use a combination of letters, numbers, and special characters to secure you device. To help you with remembering it, a word or phrase that is personal to you but which is very unlikely to have been recorded online, like the name of the street of the first house you lived in, your grandmother's maiden name...things which even people in your inner circle are unlikely to know are also good choices. What also works well is to replace letters in a word with numbers that resemble them, like a zero instead of an "o", a 5 instead of an "s", a 3 instead of an "e", or a 1 instead of an "i".
It may sound like a no-brainer, but many people don't know they can change security and privacy settings on their browser itself—to block certain websites, to allow certain websites, to enable or disable popup ads, to browse in "private mode", to automatically scan any removable storage devices when they are connected to your computer, or to save your passwords.
If an email from someone you know accidentally ends up in your spam folder then sure, open it up or mark it as "not spam". Otherwise, just don't open spam messages. Even if they are harmless they are a pointless waste of time preying on people willing to spend money on absolute nonsense. By all means, check your spam folder in case a legitimate email ended up there, but apart from that, just mark them all and hit "delete forever". The same goes for convoluted stories from unknown senders that by chance land in your inbox. It is of course probable that you will receive real emails from people you don't know, about a query you submitted, a job you applied for, or to confirm your address if you signed up for a newsletter of your choosing. Emails such as these would normally contain a reference to its contents in the subject line (that is, after all, what subject lines are for), and if the subject line refers to something you know absolutely nothing about or have never heard of, hit the "report spam" button to ensure you secure your device.
As mentioned at the beginning of this article, nowadays you can access practically limitless storage space on online platforms, with the added benefit of being able to access it from anywhere and on any machine. This is fantastic, but the official recommendation in this article is that you store your data in multiple places. Online storage sounds like the perfect solution, but it comes with its own set of security issues to navigate, and unless you are particularly savvy when it comes to virtual secure vaults, "packages", or "containers", it is probably a good idea to use other ways to "hide" your data, including the traditional ones!
Saving your entire C: drive on an external SSD or HDD—which are currently available with 1TB capacity and upwards—gives you a physical device with all your information, which you can carry with you or just park somewhere in your home for when tragedy strikes. It might happen that a virus damages your hardware so irreparably that you need to buy a whole new computer, and then it is comforting to know that there's a simple to use, if somewhat low-tech in the current parlance—physical device you can plug into your new machine and be back to where you were within minutes.
The old USB drives we are used to are coming out in bigger and bigger capacity sizes, and investing in one of these for your super important files and folders is really worth it. You can buy a USB flash drive with 128GB capacity and more, which is ample for a quick backup of the most crucial files on your computer. They of course have their drawbacks, are easily lost or misplaced, and can carry viruses from other computers to your own, but if you hang onto it as carefully as you hang onto your smartphone, enable an auto-scanner either via your browser settings or anti-virus package to scan any external device that's connected to your machine, and store it in a place where it's unlikely to be broken—although manufacturers do make them pretty tough and durable, then they are great little devices to secure your device that will cost you less than R1,000.
Lastly, open a Gmail account that's just for backups, and email your most important documents to your own Gmail backup inbox. Gmail is secured with your login and password, can be accessed from anywhere, has plenty of space allocated to each inbox, and it's free!
It's not exactly the same thing, but you wouldn't exit your car without taking the keys out of the ignition and locking the doors, would you? Despite the security features built into your computer (like the start-up screen automatically locking after a couple of minutes), you may have sensitive documents open on your computer that can be visible if someone manages to bypass your home screen lockout, or catches it before it kicks in. Especially if you work in a big office, work with sensitive information, and are online by default. If you get up for a minute, lock your screen manually, if you're done for the day, shut the computer down completely.
You may think that encrypting a document is not in the skills set of an average user, but luckily for us, most OS and their associated software packages can do it for you if you tell them to. You can even leave a standing instruction that it does it on all your documents automatically.
With Two-Factor authentication you simply give the program, document, or storage space you're using a couple of different ways to check in with you by either sending a verification email to another email address, sending a temporary password or OTP to your phone, or using an authenticator app that automatically generates a random set of numbers if paired up with your access details to a certain platform—especially Cloud platforms.
If you take the time to look at the options for security on your browser, authenticator app, or any online platform you use regularly, they are usually set to lock down completely if the wrong information is entered a certain number of times.
It is quite common now to have access to Wi-Fi in many public places, such as restaurants, coffee shops, hotels, and even malls. Keep in mind though that you have no control whatsoever over the security measures in place for those networks, and if it is a network that doesn't require a password for you to sign in, steer well clear. A secure network in a public place would require you to get the access details from a staff member, and even then, if you have the option to use your own 4G or 5G LTE capability on your computer, rather do that.
Your smartphone is essentially your mini-computer, capable of many of the functions a complete computer has. As such, pay a bit of attention to keep secure your device as well through the following tips: