There are a number of things you can do in the privacy of your home, before you head out to the local coffee house or depart on your trip, to keep you safe when later connecting to and using the Internet.
Note that phones are constructed and secured much differently than laptops. Apple’s iOS (iPhone, iPad) and Google’s Android operating systems are buttoned up a little better than Windows or Mac laptops. Apple, based on reviews and articles that I’ve read, are much tighter security-wise than their Android counterparts. Apple, also, puts security updates in place quicker than Google does. Phones and tablets mostly rely on apps to connect to the Internet. The Apple App Store and the Google Play Store already provide that initial security check before even allowing the app to be sold on their platform.
When you’re thinking about security for your devices, keep in mind that the differences between phones/tablets and laptops means there might be different solutions for the same risk. For each security recommendation below, I’ve noted how to implement it for both phones/tablets (Android and iOS) and laptops (Windows and Mac). Use this as a guide. Regarding Internet security, there are sometimes different points of view especially when it comes to phones and tablets.
Security programs for your device
First and foremost, there are a number of security programs that are important to have on your device that will keep potential threats from getting access to your devices. Here are the primary ones that you should consider.
Built in protections
Most devices have built-in security protections. Make sure to keep your device up to date with the latest operating system updates. Some updates unfortunately have various types of issues. Waiting a few weeks until these issues are ironed out is not a bad idea.
Utilize a firewall
Utilize a firewall to control connections made to and/or from your device. According to Microsoft – a firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings.
Firewalls serve slightly different purposes for computers vs phones. Whereas, a computer firewall restricts access to incoming traffic based on your settings, a phone is configured differently. A firewall for a phone or tablet primarily monitors access to/from the Internet for all of the apps located on the device. It can tell you the information that each app is passing to the Internet – a good thing because some apps might be sending info about you and your browsing habits that you might not want going back to the app’s owner.
- For Android devices – there is a lot of discussion whether an Android device needs a firewall. Some of the discussion centers on a few popular firewall apps, which I noted below. Based on your settings, they control which apps can access the Internet and which ones can’t.
- For iOS devices (iPhone and iPad), the iOS 8 operating system handles the duties that a firewall would. Apple does not allow 3rd party firewall apps to be downloaded onto an iPhone.
- For Windows computers, Windows 7 includes a firewall that is on by default.
- For a Mac (OS X), the firewall should already be included on your system. Go to System Preferences – Security & Privacy – Firewall – then turn it on
Install a well-known antivirus and anti-malware program – even if it’s a Mac
- For Android devices see AV-Test’s for The Best Antivirus Software for Android
- For the iPhone, there is much discussion whether an antivirus program is needed. Apple has not made any comment; however, they recently removed all iOS antivirus apps from The App Store – a move that many believe indicates Apple’s belief that the iOS device can guard against virus attacks
- For Windows computers, see AV–Test’s – The Best Antivirus Software for Windows Home User
- For a Mac, see AV-Test’s – Mac OS X Under Attack – 10 Security Packages Put to the Test
Make sure that your operating system and all of your security programs are up to date. Set all of these programs to auto-update.
Configure the Internet browser on your laptop
Secure your browser by setting the security at the level you want. You can customize the security levels for those sites you feel are safe and restrict browsing at sites you’re not familiar with. See the Ultimate Guide to Secure Your Online Browsing for specifics about configuring three of the most popular browsers.
Update your internet browser to the latest version.
Install browser extensions (available for some of the most popular internet browsers) to improve security and privacy. See Lifehacker’s Browser Extensions that Protect Your Privacy
- Install AdBlock Plus (Firefox, Chrome) – blocks banner ads, pop-up ads, rollover ads, and more. It stops you from visiting known malware-hosting domains, and also disables third-party tracking cookies and scripts.
- Install Disconnect (Firefox, Chrome, IE, Safari) – to stop websites from tracking you.
Secure access to your device
Use a passcode to restrict access to your device. Most devices come with the ability to set a passcode (sometimes just a four-digit code) or a more complex password phrase. A strong password phrase is recommended to provide better security.
- For Android devices
- For iOS devices
- For Windows computers
- For a Mac – go to System Preferences – Security & Privacy – General – then set-up your password
Enable auto-screen lock on your device. After so many minutes of inactivity, the device will lock and the passcode/password will be required to access it. Set the threshold low such as immediate but no higher than a couple of minutes.
Encrypt the information and data on your device
Even with a passcode, someone can potentially gain access to your data through your USB port. Encrypting the data on your device is easy to do and will provide another layer of security.
- For Android devices
- For iOS devices – by enabling the passcode on your iPhone, your data is encrypted
- For a Windows 7 computer – Windows 7 comes with its own built-in encryptions tools
- For a Mac – OS X (the Mac operating system) comes with a built-in encryption tool called FileVault. Go to System Preferences – Security & Privacy – FileVault – and then turn on FileVault
For your laptop, set-up administrator and user accounts if others are going to use your device. Require the administrator account to have a password or passcode.
For Windows computers only, set your network location to “public network”. This setting provides better scrutiny and security against other devices trying to access your device than the setting you would normally use on your home network.
Turn off (disable) file sharing (and any other sharing that’s available such as printer, screen, etc.) for your laptop. When sharing is turned on, nearby hackers have a better opportunity to gain access to your device.
- For Windows laptops – see the notes section about turning this off when on a public network such as an airport.
- For Macs – go to System Preferences – Sharing – turn off sharing by unchecking all of the boxes in the large box on the left side of the screen.
Protecting your accounts
The main protection you have for most of your accounts (e.g. Facebook) is a username and password. If these become compromised, an unscrupulous person could gain access to your personal information that’s contained on the account. To improve the security and make it harder for someone to get at this privileged information, many companies offer a login process called “two-factor authentication” or login approvals.
A little background here…………there are three generally recognized factors for authentication:
- Something you know (such as a password)
- Something you have (such as a hardware token or cell phone)
- Something you are (such as your fingerprint).
Two-factor means the system is using two of these options during the login process, and the most common combination is the password and a one-time code sent to a cell phone. The code is then entered during the login process. Most times, the code is needed only during the first login from a specific device. If someone gains access to your account info (username/password) and tries to login into your account from their device, they would be asked to enter the code that was sent to YOUR phone. They wouldn’t have the code (unless they have access to your phone) so they could not login to your account. Plus, you would know, when you see the text on your phone that someone was trying to log into your account. Time to change your password.
Since most companies send a text message to your phone with the code on it, be careful when you are out of the country if you do not have your phone or do not have access to it. Ensure you have international roaming activated for your phone in order to receive the text message.
Most security experts suggest using two-factor authentication whenever it is available. Turn on two-factor authentication for the accounts you want added security for. Here are links to the most popular accounts you might use.
Be sure to read the next article How to Browse the Web Safely, which is Part 4 of our weeklong series Using the Internet More Securely.