User Tools

Site Tools


securing_your_computer

Securing your computer

A barrister was given a (very small) monetary penalty notice by the Information Commissioner’s Office, because of the way in which she handled client personal data on her computer.

She stored personal data, on her shared home computer, with no encryption, on a generic account, and it was accidentally uploaded to a cloud server.

Key points:

Don't share user accounts on your computer

If you share a computer with someone, have your own, unique user account: you log in with this, and they log in with theirs.

This should hopefully make your life easier, in terms of having things set up the way you like them automatically when you log in, but it should also keep your documents and files separate from any other users: other users should not be able to access or edit or upload your data.

There’s a note of caution with this, and that’s if another user has an administrator account, they may well still be able to do so — so be very careful who has an administrative account on your machine.

If the option is open to you financially, it is safer to have physically separate machines.

Don't use an administrator account

Make your everyday user account one without administrator privileges.

This may mean you need to jump through some extra hoops to install software, but it mitigates the risk of malware.

Increase your privileges only when you need them (for example, to install software).

Use a strong password for your computer account

Create a strong, but memorable, password for your account.

Here's some guidance on passwords.

Enable the firmware password

Some computers will let you set a separate password for their firmware, which is the initial piece of software which runs when you boot your computer.

Some systems require you to enter this password before every boot, while others only require it if you try to boot from a different device (such as from as USB stick).

Use a different password to your user account, and make it a strong password.

Apple's instructions for macOS

Turn on disk encryption

If your computer offers disk encryption, turn it on.

Depending on the software you are using, you may only get the benefit of this when your device is powered off, so turn off your devices (rather than just putting them to sleep) when you are not using them.

FileVault for macOS

For macOS, this is FileVault. You can turn it on through System Preferences / Security & Privacy / FileVault.

Make a note of the recovery key which it shows you. Keep this securely in your password manager, or on a piece of paper in a safe. Someone who has access to this password can decrypt your drive, and access the files and other content on it.

Windows

BitLocker?

Take backups regularly and automatically

Here.

Enable your computer's firewall

If your computer has a firewall, switch it on, and only allow access from sources you trust.

You could also restrict outbound traffic, but this is more likely to cause you problems.

securing_your_computer.txt · Last modified: 2019/08/24 07:09 by neil