Cybersecurity Checklist to Keep Your Devices Secure
Cybersecurity Checklist to Keep Your Devices Secure
October is National Cybersecurity Awareness Month and it’s a great time of year to take an overall look at your digital security. Recently there’s been a lot of information coming forward about massive cybersecurity hacks and information loss by some pretty large companies. With each of these attacks, the chances of your information being compromised grow. Today we’ll be focusing on checking up on three areas of your digital life that can help keep your data secure and out of the wrong hands.
Operating System Updates
It’s a common joke online that our device’s operating system is constantly wanting to update, often at the worst times. While it might seem relentless to constantly update your computer, phone or tablet, these updates provide security patches that keep your device safe from intruders.
Updating your phone’s software is probably the most critical thing you can do, as it’s the device that most likely contains severely personal information about you. Not to mention it’s probably the most portable of your devices and therefore the most susceptible to loss.
While we’re on the subject of mobile phones, ensure that your phone has an updated passcode and if possible, use the longest passcode you can. We’ve discussed password strength before on ITS, but as a short recap, longer passwords are more secure. Additionally, if your phone utilizes biometric security like Apple’s Face ID, ensure that you know how to lock that feature out so a passcode is required to unlock the phone, in case of an emergency.
Getting back on track with operating system updates, ensure that your devices are set up to receive notifications of the latest updates.
You can enable automatic updates through most manufacturers, however we prefer to receive a notification of a new update and then manually install it on our end. This allows you to delay the update a bit to ensure that other users aren’t experiencing any issues.
Periodic Password Changes
When an online account is compromised, chances are the hacker accessed it by phishing the user’s password from them. This usually involves creating a fake login page for a larger company or bank and then contacting a user through email or other methods. The user will follow the phony link and find themselves on what looks like a legitimate login page. After providing their credentials, they can then be directed to the actual company’s site or to another page that looks like an error occurred. However, no matter where the page sends you, the attacker now has your username and password for that account.
This is why it’s absolutely critical that you use separate passwords for each online account. If you utilize the same username/email and password combination across the web, one simple slip up could expose your entire online life. Don’t assume you’ll be smart and avoid phishing attacks either; they’re getting more sophisticated every day.
A good principle to follow is a semi-annual or annual update of passwords. While it might seem like a chore, you can utilize a password manager to make changing and logging all your passwords super easy. These password managers help you not keep all your information simply in your head and allow you to create much more complicated (and secure) passwords for each account.
While you’re changing up all your passwords, consider enabling Two Factor Authentication, if the service allows it. This feature requires both a password and a secondary combination to unlock an account. These secondary combinations can come through an authentication app, device notification or SMS text message. They help ensure that a third party can’t access your account from a long distance location. If at all possible, utilize an authenticator service like Google Authenticator or device notifications. SMS Two Factor might seem convenient, but the service isn’t secure and is susceptible to man in the middle attacks.
Now that you’ve updated your operating system and changed all your passwords, you’re probably feeling pretty secure. Don’t be lured into a false sense though and get a solid data backup plan in place. Data loss is something that doesn’t seem as severe of an issue until it happens to you. When it comes to backing up data, one copy is never enough. We like to recommend a triple threat when it comes to backups and that includes a local copy, an offsite copy and a cloud copy.
Local backups should be to an external storage device like a hard drive or flash drive. For Apple devices, consider utilizing Time Machine backups to a local drive. This service backs up your OS, as well as your data and can be recovered fairly quickly. While local backups are great, physical security of the data is a concern. Fire, theft, floods and other natural disasters can destroy both your device and its local backup. This is why we recommend an offsite copy of your backups. This could be an external hard drive that you take from work to home, or store somewhere like a safe deposit box.
Cloud backups have exploded in popularity in the last few years, with the size and speed of the services growing by the day. Most services offer the same features, namely uploading and downloading from a hard drive that’s stored far away, deep in a data center. We’ve had good luck with Apple’s iCloud, Dropbox and even Google Drive.
One of the biggest benefits we’ve found from cloud backups is that your data is accessible from almost any device. So if you need to share a file with a co-worker while you’re out and about, you can simply hop on the cloud and shoot over that file.
One thing to keep in mind with cloud backups is that the data is still stored somewhere on a physical device and it’s just as susceptible to disasters as your drives are. This is why it’s still important to keep your own local files and not completely put your trust in the cloud. It’s also paramount that you keep these cloud accounts extremely protected with large passwords and Two Factor Authentication.
Wrapping Up Your Cybersecurity Checkup
Cybersecurity isn’t just something you should consider once a year. Keep yourself up to date on the latest happenings in the cybersecurity industry to be aware of vulnerabilities, as well as attacks. Digital security is a cat and mouse game that’s constantly evolving and it’s up to you to remain one step ahead of it.
Do you have suggestions on other cybersecurity tips or methods? Let us know in the comments below!