Welcome to the Covve Security Series, our new blog series on how to protect yourself and your business online. Good cybersecurity hygiene is critical in the age of data breaches, ransomware, and other digital threats. Over the next few months, we will share some quick and easy steps you can take to effectively enhance your digital security and safeguard your data.
Work devices, from mobile phones to laptops, contain a treasure trove of sensitive information – everything a hacker would need to steal your identity or client data. Smartphones are now a prime target for hackers, who have grown increasingly sophisticated.
There are many techniques that hackers use to steal data and get access to your devices: SIM-swapping attacks, malware infection, and exploiting new security bugs in operating systems. SIM-swapping, where an attacker hijacks your phone number in order to gain access to your accounts, can be devastating and take months to recover from. And if you lose or have your phone or laptop stolen, without the proper security all of your personal information could be at risk.
Luckily, there are steps you can take to safeguard your devices. Knowing what types of attacks are common will help you avoid common mistakes that put your devices at risk. Let’s get started.
1. Encrypt Your Devices
It may seem like common sense, but the first thing you need to do is encrypt all of your devices. Encryption will protect you in the event one of your devices is lost or stolen. For iPhones, this is as simple as setting a password or biometric authentication, such as your fingerprint or face. If you are using an Android phone, you may need to set encryption from the Security settings screen. An additional benefit is that your contacts will be encrypted too. Here is our blog post on How to Encrypt Contacts on Android.
For the best protection, use the strongest authentication method available on your phone. A complex alphanumeric passcode is stronger than both a numeric passcode or biometric authentication.
Most likely, you already have a passcode set on your phone, but is your laptop encrypted? For most computers, disk encryption isn’t enabled by default, so you’ll need to set it up yourself. To protect your laptop, you should enable full-disk encryption.
On Mac, use FileVault from System Preferences to encrypt your drive. On Windows, you can encrypt your drive from System Settings. This will prevent anyone from accessing the contents of your hard drive should it fall into the wrong hands.
2. Set a Mobile PIN
Ever wonder how hackers are able to gain access to accounts that are even protected by two-factor authentication? SIM-swapping. Hackers often target people, including high-profile entrepreneurs and celebrities Jack Dorsey and Selena Gomez, who have 2FA set up on their accounts with SIM-swapping attacks. Horror stories abound, from checking accounts being drained to thousands of dollars of fraudulent Bitcoin purchases.
Many online services also use a simple passcode sent by text to reset passwords. So if your phone number is hijacked, attackers can use this method to easily gain access to your accounts. Usually, you don’t know you’ve become a victim until it’s too late, all of a sudden your phone service drops out and before you know it you can’t access your most important accounts.
There is no fail-safe way of preventing a SIM-swap attack from being successful, as support representatives at mobile carriers are prone to social engineering scams, but setting a PIN on your phone account is a must. Once you’ve set a PIN, no one can transfer your number without it. You can set an account PIN with most major carriers. Follow the online instructions from these major carriers to set a PIN:
Once you’ve set a PIN, make sure you are also using a dedicated authentication app for 2FA for the best protection. Here is how to Secure Your Accounts with Two-Factor Authentication.
3. Turn On Automatic Updates
Outdated software can be full of bugs and vulnerable to attack. So one of the easiest steps you can take to safeguard your devices is set them to auto-update. Software updates keep your operating system (OS) safe with regular security fixes.
This goes for both your phone and computer. Here’s how to set auto-updates:
- MacOS: From System Preferences, tap on Software Update and then toggle on the option to Automatically keep my Mac up to date.
- Windows: From System Settings, click on Update & Security and then Advanced. Make sure automatic updates are on.
- iOS: Open the Settings app, then tap General > Software Update > Automatic Updates. Toggle Automatic Updates on.
- Android: Swipe down for Quick settings, then tap the gear icon > Software Update > Download updates automatically.
You’re all set! Automatic updates will keep your devices up to date with the latest security fixes.
Keeping your devices safe and secure has never been more important. Hackers are always developing new ways to get access to your data. But by following these simple steps, it’ll go a long way to keeping your information out of the hands of would-be thieves and will help you rest easy knowing that digital security is on the up-and-up.
Written on 18 Nov 2020.