securing_your_devices
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
securing_your_devices [2019/08/08 17:09] – neil | securing_your_devices [2021/07/06 09:26] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 2: | Line 2: | ||
====Key points: ==== | ====Key points: ==== | ||
- | * [[#Use a privacy screen / shield on your devices|Use a privacy screen / shield on your devices]]Â | + | * [[securing_your_devices# |
- | * [[#Replace sensitive identifiers with pseudonyms|Replace sensitive identifiers with pseudonyms]]Â | + | * [[securing_your_devices#Use a privacy screen / shield on your devices|Use a privacy screen / shield on your devices]]Â |
- | * [[# | + | * [[securing_your_devices# |
- | * [[#Cover your webcam when you are not using it|Cover your webcam when you are not using it]]Â | + | * [[securing_your_devices# |
- | * [[# | + | * [[securing_your_devices#Replace sensitive identifiers with pseudonyms|Replace sensitive identifiers with pseudonyms]]Â |
- | * [[#Only install software / apps from trusted sources|Only install software / apps from trusted sources]]Â | + | * [[securing_your_devices#Don't charge from public USB ports|Don' |
- | * [[#Enable remote wipe functionality|Enable remote wipe functionality]]Â | + | * [[securing_your_devices# |
- | * [[#Check your privacy and location settings|Check your privacy and location settings]]Â | + | * [[securing_your_devices#Cover your webcam when you are not using it|Cover your webcam when you are not using it]]Â |
- | * [[#Install software updates promptly|Install software updates promptly]]Â | + | * [[securing_your_devices#Disconnect your microphone or at least try to get a notification when it turns on|Disconnect your microphone or at least try to get a notification when it turns on]]Â |
- | * [[#Keep a log of your key software, and alternative options|Keep a log of your key software, and alternative options]] | + | * [[securing_your_devices#Only install software / apps from trusted sources|Only install software / apps from trusted sources]]Â |
+ | * [[securing_your_devices#Check what permissions your software is requesting|Check what permissions your software is requesting]]Â | ||
+ | * [[securing_your_devices#Enable remote wipe functionality|Enable remote wipe functionality]]Â | ||
+ | * [[securing_your_devices#Install software updates promptly|Install software updates promptly]]Â | ||
+ | * [[securing_your_devices#Keep a log of your key software, and alternative options|Keep a log of your key software, and alternative options]]Â | ||
+ | Â | ||
+ | ====Use strong passwords ===Â | ||
+ | Â | ||
+ | Whether you have a computer with a traditional password, or a mobile device with a PIN, make sure the password or PIN you use to login to your device is [[passwords|strong]]. Same applies for all passwords for your online services. | ||
====Use a privacy screen / shield on your devices==== | ====Use a privacy screen / shield on your devices==== | ||
Line 30: | Line 38: | ||
Most computer privacy screens come with sticky tabs, so you can drop them into place easily. | Most computer privacy screens come with sticky tabs, so you can drop them into place easily. | ||
+ | |||
+ | ====Put contact details on your device' | ||
+ | |||
+ | {{:: | ||
+ | |||
+ | If you lose your device, you can increase the chances of getting it back by putting your contact details on your device' | ||
+ | |||
+ | You could also state that it contains legally privileged information, | ||
+ | |||
+ | ===iOS === | ||
+ | * Create a custom wallpaper of the right size for your device, containing the information you want (perhaps an email address or phone number (but not a phone number which only rings the device in question!)) | ||
+ | * Transfer it to your device (e.g. AirDrop, or email, or iTunes file transfer) | ||
+ | * Make it your device' | ||
+ | |||
+ | ===macOS === | ||
+ | |||
+ | * System Preferences / Security & Privacy | ||
+ | |||
+ | ====Limit what is shown on your lock screen ==== | ||
+ | |||
+ | Many applications will let you preview messages when your device is locked — for example, the content of a text message, or the first line or two of an email. | ||
+ | |||
+ | If you lose your device, someone can still see information about you or your clients. | ||
+ | |||
+ | In particular, if you use your phone for [[two-factor_authentication|two-factor authentication]] via a message, if that message pops up on the lock screen, someone who has stolen or found your phone would see that code. | ||
+ | |||
+ | ====Enable auto-wipe ==== | ||
+ | |||
+ | If your device offers it, set it up to wipe automatically after sufficient incorrect password entries. However, make sure you take regular backups, as an annoyed child or curious toddler could, if left alone with your phone, wipe your device. | ||
+ | |||
+ | ===iOS === | ||
+ | |||
+ | * Settings / Face ID & Passcode / Erase Data | ||
====Replace sensitive identifiers with pseudonyms==== | ====Replace sensitive identifiers with pseudonyms==== | ||
Line 54: | Line 95: | ||
===Device-based protection === | ===Device-based protection === | ||
+ | |||
+ | {{:: | ||
Recent versions of the iOS software require you to put in your passcode before " | Recent versions of the iOS software require you to put in your passcode before " | ||
+ | ====Only use your own cables==== | ||
+ | Although a cable may seem harmless, some cables are small computers in their own right, and some contain enough space in the housing (the plastic bits covering the connectors) to contain a malicious computer, which attempts to access your computer or phone when you connect it. (For example, see [[https:// | ||
+ | Some even contain tiny microphones, | ||
+ | |||
+ | Only use your own cables — do not borrow cables to charge your device — and, if you need a replacement cable, get it from a trusted source. | ||
==== Cover your webcam when you are not using it ==== | ==== Cover your webcam when you are not using it ==== | ||
Line 75: | Line 123: | ||
Whatever you use, if you have an LED near the camera, which turns on when the camera is enabled (or, at least, should turn on when the camera is enabled), make sure that your sticker does not cover it, so you can see if the LED is on or not. | Whatever you use, if you have an LED near the camera, which turns on when the camera is enabled (or, at least, should turn on when the camera is enabled), make sure that your sticker does not cover it, so you can see if the LED is on or not. | ||
- | === Disconnect your microphone or at least try to get a notification when it turns on ==== | + | ==== Disconnect your microphone or at least try to get a notification when it turns on ==== |
While it's easy to do something about a camera, it's much trickier to do something about a microphone. And, realistically, | While it's easy to do something about a camera, it's much trickier to do something about a microphone. And, realistically, | ||
+ | |||
+ | ===Hardware-based approaches === | ||
If you do not use the microphone at all, you could open your laptop and physically remove or disconnect it. Alternatively, | If you do not use the microphone at all, you could open your laptop and physically remove or disconnect it. Alternatively, | ||
+ | |||
+ | ===Software-based approaches === | ||
+ | |||
+ | {{:: | ||
If you are not able to remove or disconnect your microphone, consider software which attempts to detect if your microphone is switched on and warn you. | If you are not able to remove or disconnect your microphone, consider software which attempts to detect if your microphone is switched on and warn you. | ||
Line 86: | Line 140: | ||
==== Only install software / apps from trusted sources==== | ==== Only install software / apps from trusted sources==== | ||
- | What apps do you have? Are they uploading your contact details or calendar? Read the privacy policy — although even that may not be enough. | ||
- | Getting your apps from a trusted place, such as the App Store. It does require that you are placing | + | Part of cybersecurity is protecting yourself |
- | Not perfect. | + | Although it is not a guarantee that your apps or software are not doing something malicious, getting them from trusted vendors which offer a meaningful review can reduce your risk. |
- | ====Check app permissions==== | + | For example, for macOS or iOS, this is Apple' |
- | Check what permissions an app is using, and consider | + | If you do want to install software from outside a trusted source — and there is lots of great software which is not available through app stores — consider testing it on a spare machine first, and consider |
+ | ====Check what permissions your software is requesting==== | ||
- | Does a calculator app really need your location? | + | When you install software, it may request your permission to access certain data or functionality of your device. For example, it might ask to access your address book, or to use your location. |
- | Do you use contacts integration with your office | + | Think about what the software |
- | ====Enable remote wipe functionality====Â | + | On macOS, |
- | If the facility is available to you, set it up. Learn how to use it. Ideally, set up a test device | + | |
- | Routinely check it is up to date. | + | {{:: |
- | Probably have a monthly compliance checklist, of things you do each month to check your firm is running in a healthy manner: add this to the list. | + | On iOS, it is Settings / Privacy: |
- | You’re hoping that you’ll never have to use it, of course, but the last thing you want to be doing is panicking about how you do that remote wipe thing if you lose a device: follow a tested procedure, with which you are familiar. | + | {{:: |
- | ==== Check your privacy and location settings====Â | + | ====Enable remote wipe functionality==== |
- | Which applications have access to location data. | + | |
- | Often very granular, precise location data. | + | If remote wipe functionality is available to you, set it up and learn how to use it. |
- | For example, you may have your iPhone set to include location in all images | + | Ideally, set up a test device and run through the process of wiping it. Write down what you did, and keep copies of that somewhere accessible. |
+ | Â | ||
+ | Remote wipe requires communication to or from your lost device | ||
+ | Â | ||
+ | Because of this, make sure you have a [[securing_your_computer# | ||
- | Take a look in Settings / Privacy / Location Services — you might be surprised just how many apps to which you’ve given permission to access your location information. | ||
====Install software updates promptly==== | ====Install software updates promptly==== | ||
- | Balance between security and usability | ||
- | Software | + | Responsible developers fix security problems in their software promptly. Not all developers are responsible, |
+ | Â | ||
+ | There is a balance between security and usability, and software | ||
+ | Â | ||
+ | Before you install a major update to your computer' | ||
+ | Â | ||
+ | ===Enable auto-update if there is a low risk of incompatibility ===Â | ||
+ | Â | ||
+ | For devices where an update is unlikely to break your workflow — perhaps your mobile device — consider enabling auto-update. That way, you never need to think about installing software updates yourself. | ||
+ | Â | ||
- | So I tend to wait and see what other users experience when Apple releases a new software update before applying it to my machine. | ||
====Keep a log of your key software, and alternative options ==== | ====Keep a log of your key software, and alternative options ==== | ||
- | Worth keeping a log of what software you rely on, and identifying an alternative so that, if your chosen software suddenly became unavailable, | ||
- | May make you shy away from file types which can only be opened | + | From a business continuity perspective, |
+ | Â | ||
+ | Your fallback may not be perfect, but it should keep you working rather than panicking. | ||
+ | Â | ||
+ | By the same token, be aware of locking yourself |
securing_your_devices.1565284140.txt.gz · Last modified: 2021/07/06 09:26 (external edit)