Differences

This shows you the differences between two versions of the page.

--- securing_your_computer [2019/08/09 12:08] – neil
+++ securing_your_computer [2019/08/24 06:07] – neil
@@ Line 1: / Line 1: @@
 =====Securing your computer =====
+A barrister was given a (very small) [[https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2017/03/fine-for-lawyer-who-stored-client-files-on-home-computer/#|monetary penalty notice by the Information Commissioner’s Office]], because of the way in which she handled client personal data on her computer.
+She stored personal data, on her shared home computer, with no encryption, on a generic account, and it was accidentally uploaded to a cloud server.
 ====Key points: ====
@@ Line 6: / Line 10: @@
   *[[#Enable the firmware password|Enable the firmware password]]
   *[[#Turn on disk encryption|Turn on disk encryption]]
+  *[[#Don't use an administrator account|Don't use an administrator account]]
   *[[#Take backups regularly and automatically|Take backups regularly and automatically]]
   * [[#Encrypt USB drives before storing data on them|Encrypt USB drives before storing data on them]]
+  * [[#Don’t put your USB stick in someone else’s computer|Don’t put your USB stick in someone else’s computer]]
   *[[#Don't trust anyone else's USB sticks|Don't trust anyone else's USB sticks]]
     *[[#Do not take free USB sticks from conferences|Do not take free USB sticks from conferences]]
@@ Line 14: / Line 20: @@
   *[[#Enable your computer's firewall|Enable your computer's firewall]]
-A barrister was given a (very small) [[https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2017/03/fine-for-lawyer-who-stored-client-files-on-home-computer/#|monetary penalty notice by the Information Commissioner’s Office]], because of the way in which she handled client personal data on her computer.
-She stored personal data, on her shared home computer, with no encryption, on a generic account, and it was accidentally uploaded to a cloud server.
 ====Don't share user accounts on your computer====
@@ Line 26: / Line 30: @@
 If the option is open to you financially, it is safer to have physically separate machines.
+====Don't use an administrator account====
+Make your everyday user account one without administrator privileges.
+This may mean you need to jump through some extra hoops to install software, but it mitigates the risk of malware.
+Increase your privileges only when you need them (for example, to install software).
 ====Use a strong password for your computer account====
@@ Line 65: / Line 77: @@
 That way, if you lose the drive, or it is stolen, the finder or thief cannot access the information on it.
+====Don’t put your USB stick in someone else’s computer====
+No, this is not a euphemism.
+You have no idea what security might (or might not) be in place on the other computer, whether it is infected by a virus or dormant ransomware, and so on.
+Use an alternative whenever you can, such as a [[email_alternatives#ways_of_sharing_large_or_sensitive_files|file transfer platform]].
+If you absolutely have to transfer something to someone else’s computer via USB:
+  * wipe your memory stick first, using your computer’s disk formatting tools
+  * put on it only the file you need to transfer
+  * transfer it to the other computer
+  * use the other computer’s disk formatting utility to wipe the USB stick
+  * take the stick back and destroy it
+It’s not kind to the environment, but the price of small USB sticks makes them disposable.
 ====Don't trust anyone else's USB sticks====