How to Avoid Common Security Pitfalls While Staying Constantly ConnectedBy: Jeff Multz
The benefits of mobile devices and public computers are endless, but that constant connectivity doesn’t come without risks. If you don’t take security precautions, your device could become infected. If that infected device then connects to your company’s network, then that too could become infected. Whether owned by you or your company, there are precautions you should take to protect your mobile device.
One of the main ways people get infections on their mobile devices is via downloading applications. Applications downloaded from the Google or Apple store are more likely to have been vetted for security than anything found freely on the Web. Still, both stores have discovered applications there that contain malware, so think twice before downloading any application. Of course virtually all applications have vulnerabilities in them and may be able to be exploited, but at least they aren’t normally laced with malware like many of the free apps on the Web. If an application you are downloading ever prompts you to allow it to access administrative credentials, never answer “yes.”
Assume No Online Privacy When in Public
If you are on a public network like one at a coffee shop, know that anyone in the vicinity with the right tools could be spying on everything you do on your device. The interloper could see every website you visit and could capture every password you type into your computer, including the passwords to your email and banking accounts.
General Rule: Never log onto your banking account while using a public Wi-Fi.
You may have to use a public machine if your device suddenly dies or if you are on vacation and need to use a hotel’s computer. There could be malware on the machine so try to avoid logging into your bank account or other sensitive sites where an attacker could capture your login credentials. If you check your email or log into any page on the public computer, change your passwords as soon as you return home. Clear cookies and your browser history before and after you use the computer.
Safeguard Your Security Tactics
Regularly update your software and devices with patches as soon as they are available. If you don’t get automatic notices about the updates, check online monthly to see if any new patches have been released.
Activate the mobile device’s available firewalls and use antivirus (AV) software. Run only one at a time, but use two AV products to have a system of checks and balance. Have one product always running, and then run another one weekly, just to make certain your main AV is working properly. Don’t run both products simultaneously as the two products could confuse the other as a virus which could cause file corruption and eat up system resources.
Think Before You Click
I’ve said it before and will continue to say it because it bears repeating. Don’t click on links or attachments within emails without first verifying with the sender what the link or attachment is. If you don’t personally know the sender, see if they can send the information in the attachment inside the body of the email or get a phone number of the sender to do some due diligence before clicking on anything. Also, do not click on ads on websites. Ads can be laced with malware. If you see an ad for something that looks interesting to you, do a Web search for the item.
Connect with Caution
Be mindful of whom you allow to connect with you on social media sites and be sure you’re updating your account privacy settings. People can easily create fake profiles to make them look like legitimate people who work in your industry or are friends with your friends. Once people connect with you, they can browse your social network page for information on you and the company you work for. Later, they can use that information to break into your company network, break into your personal device or obtain information on your other connections. Don’t share personal information like your contact information or birth date on social media sites.
If your organization has not offered you a security awareness training course, take it upon yourself to take one or watch free training videos online. Preventive medicine tastes far better than the cure.