Protecting Personal Devices

By James Robinson ·

The holiday season has come and gone, and 2015 is officially upon us. Many of us are back at work toting a shiny new tablet, phone or laptop we were fortunate enough to receive as a gift. But before you start surfing the Internet or installing applications (apps), an important first step to take is to enhance your security by “hardening” your device. And even if you have been using your new device non-stop since you tore it from the wrapping paper, implementing the below tips is still recommended to secure your tablet, phone or laptop. 

Apple Users:

  • Install all iOS updates available.
  • Enable passcode lock to enable data encryption and use an eight digit passcode rather than the simple passcode option of four digits.
  • Set a maximum number of passcode attempts should your device be lost or stolen. Keep in mind that should you forget your passcode and reach the maximum number of login tries, you may lose your data.
  • Turn off “Ask to Join Networks” to keep your device from joining an unsavory network.
  • Turn off Bluetooth to reduce the chance of a remote attack.
  • Disable the control center from the lock screen, as well as Siri, to prevent an unauthorized user from potentially changing your settings.
  • Disable AutoFill for Safari to prevent previously used passwords and login information.
  • Turn on “Find my iDevice” to locate, lock or erase data remotely.
  • Back-up your device using the cloud or iTunes regularly.
  • Turn on “Limit Ad Tracking” if you want privacy from advertisers.

Windows 8 Users:

  • Do not access the Internet before applying service packs and antivirus.
  • Be sure all service packs and updates have been installed. 
  • Install an antivirus product of your choice.
  • Check out EMET and Security Essentials from Microsoft.
  • Disable features that you don’t need or use.
  • Create a standard account and use that when you use the Internet or for everyday activities. If you are using the administrator account and are attacked, the system may be fully available to the attacker in admin mode rather than a standard user account.
  • Turn off network protocols that you are not using (for example, IPv6 and file and printer sharing).
  • Turn on outbound blocking and logging on Windows Advanced Firewall to prevent malware from being able to access their master servers, should you be infected.
  • Turn off SkyDrive.
  • Disallow Remote Assistance.

Android Users:

  • Where possible, apply the tips mentioned for Apple devices to your Android device.
  • Update your device to the latest operating system version.
  • Consider using an antivirus program to provide extra protection. 
  • Do not install applications from third party app stores as they may contain malware.
  • Enable device encryption.
  • Create a PIN and set the device to lock when it sleeps.
  • Disable “make passwords visible”.
  • Turn off location services or limit which apps can use your location.
  • Disallow cookies and disable JavaScript in Chrome browser.
  • Do not save passwords.
  • Use a free app to lock your applications that may contain sensitive information.
  • Make sure the proper permissions are set when installing an app For example, does your app really need access to email or text messaging?
  • If you share your device with others, create separate user accounts to protect privacy.
  • Back-up your device regularly.
  • Install a tracking app and remote wipe app, should your phone be lost or stolen.

While the above tips are not all encompassing, implementing these sooner rather than later will help protect your new holiday gift. Taking the time to harden or secure your device before you begin to use it will help you protect your personal data and information and reduce your vulnerability of being attacked. 

James Robinson

Vice President, Third-Party Risk Management

As vice president, third-party risk management, Robinson oversees Optiv’s Third-Party Risk Management practice which includes the development and operations of TPRM-as-a-Service and Evantix. During his tenure at Optiv, he has worked as a core contributor around strategic internal initiatives including threat management, risk management, third-party risk management, vulnerability management and data program protection. He also develops and delivers a comprehensive suite of strategic services and solutions that help chief experience officer (CXO) executives evolve their security strategies through innovation.