The issue of security in the digital world is one that affects everyone with a connected device. This means smartphones, PCs, tablets (like the Microsoft Surface Pro 4) and other devices for small businesses could be affected too.
In order to secure your device, you need to have a proactive approach to ensure it is as secure as it can be with the available products and services.
Here are some methods of securing your computers, mobile devices and software. These are by no means the only thing you can do, but if properly implemented, they will be another barrier hackers will have to overcome.
Many people are already aware that it’s critically important to scan your computer with malware and antivirus software; the question they often don’t have the answer for is how often you should do it. Malware and antivirus solutions like Windows Defender that are in the marketplace today have real-time protection, which means that they do the work for you without you having to think about it.
However, even with this type of protection you should scan your devices regularly. The more you are online, the more you should scan your computer. You can schedule your security software to perform a full scan of your computer daily when you are not using it. This ensures your device has the latest virus and malware definitions, and your entire system is clean.
Quick partial or essential scans are useful and they take less time, but they are not as thorough as a full scan to secure your computer.
Whether it is a smartphone, tablet or a laptop, the information within can yield a treasure-trove of information – and if that device is stolen it can mean catastrophe for your business. You can now use tools like Microsoft’s account management dashboard that will allow you to lock your device remotely so the data can’t be accessed if you know it has fallen into the wrong hands. This has become an invaluable tool for mobile security.
In addition to being able to lock your device, you can also wipe it clean, which further guarantees the safety of the data.
For location tracking or remote wipe to work, the device has to be powered on and have an Internet connection. Again, Windows devices have applications to lock, track and wipe your device.
This reiterates the importance also of backing up your data so that it can be restored should a wiping of all devices be necessary.
Backups, Especially Cloud Backup
If you want to properly secure your device and have a robust mobile security solution in place, you have to back the data up consistently. And cloud options like Microsoft OneDrive may help here.
With the right cloud-based backup and sync service, your smartphone, tablet, laptop or PC can be protected from data related catastrophes.
A password is like the key to the front door of your house. Once someone has it, the person with the key can have unfettered access to what is inside. And if your password is compromised, they will have access to your device and the information within it, which can include access to various accounts.
According to Microsoft, “The use of strong passwords can slow or often defeat the various attack methods of compromising a terminal’s security.”
Various techniques can be used to discover passwords. One way is simply to try to guess your password (that’s why you should never use “password” or “12345” or your name as your password). Or in a dictionary attack, a hacker uses special software to cycle through a variety of common dictionary words in fast sequence until reaching a match. Another technique is a brute force attack, which uses software to check all possible combinations of numbers, letters and characters until reaching a match.
Obviously, a long complex password would be harder to crack using one of these methods, compared with a “guessable” password.
Microsoft recommends using lower and uppercase letters, numbers and symbols. And remember to make your password long and routinely change it.
A password manager is a great tool you can use to create strong passwords. It not only helps you in the creation of the passwords, but it also keeps them safe.
Password Alternatives Including Biometric, Hello, PIN
Hackers may eventually figure out your password, but with biometric, PIN and Hello, it has become that much easier to secure your device through other methods.
Biometric security uses your fingerprints, retinal scan or your face to unlock your device. Hello is Windows 10’s answer to this approach, allowing users to enter Hello-enabled devices using fingerprint and facial scanning.
A PIN might seem just like another password, but when used in combination with Hello, it is tied to a specific device. A PIN is especially useful for phones, tablets and laptops, which are prone to being left behind in airports, restaurants or other public places. For example, if someone recovers your device they will need the PIN code or your biometric scan in the Hello app to get past the welcome screen, making it harder to gain access to the data and accounts on your device. This is particularly helpful if you haven’t yet discovered the loss of your device, and haven’t had a chance to remotely lock it.
Another level of mobile security is the Trusted Platform Module (TPM) chip, a secure crypto-processor that is designed to carry out cryptographic operations currently in many modern laptops and all Windows 10 Mobile phones.
Two Factor Authentication
Two factor authentication (2FA) is an added level of security that requires a physical token only the user has. With 2FA, a hacker needs more than just the user name and password.
If, for example, you set a 2FA for your email account linked to your mobile phone (called a tokenless authentication), anytime you access the account a text message with a PIN will be sent to your phone.
Only when you enter the number will you be able to open your email account. And because the hacker doesn’t have your phone, he or she can’t see the PIN and therefore will not be able access your account.
Administrative Control and Employee Access Levels
It doesn’t matter if your small business has two or 20 employees; having policies and procedures with strict governance regarding administrative control and employee access levels is essential to maintaining control and overall safety.
Personal controls, supervisory structure, security awareness training and testing are all fundamentals when developing such policies.
Always take advantage of assigning permissions in cloud applications. Good cloud applications, such as Office 365, allow the administrator to assign roles and permissions. That way employees or outside contractors won’t have access to all account settings for the entire company or to other users’ files without permission.
Likewise, Windows 10 has Standard and Administrator Users. Only Administrators have full access over the entire computer or system.
There are many reasons a user’s choice of browser is important, but increasingly security is playing a big role. According to data gathered by NSS Labs in September of 2016, Microsoft Edge blocked 99 percent of socially engineered malware. That’s a larger amount than any of its competitors.
A look at the news in the recent past reveals even the most secure organizations in the world have been compromised. This immediately begs the question, if they can’t keep away the bad actors, how can an individual or a small business be able to do it?
However, for the vast majority of individuals and small businesses, if you put enough obstacles in the way of hackers, the resources needed to defeat the security protocols will not be worth the prize.