Protect Your Mobile Phone & Tablet
USB Sticks, Thumb Drives & Flash Drives Risks
Protect Your Laptop
If you wish to spend any time on the Internet, it’s important to learn about common online threats. A public/private U.S. partnership called STOP.THINK.CONNECT. provides a good foundation to learn about the basics of Internet security.
Protect Your PC: It’s important to always follow best practices to effectively protect your device and data.
- Web surfing: To avoid the threat of malicious software downloads, visit only reputable websites. For the easiest protection, use free tools such as McAfee Site Advisor that alerts you to malicious websites before you click.
- Instant messaging and email: Always avoid correspondence with strangers or with those purporting to be your friend or family, but who otherwise behave suspiciously. They may be criminals who have hijacked your friend’s or family’s account and are using it to send you malicious links.
- Short URLs: Avoid clicking on short URLs, the abbreviated versions of website addresses. Many hide malicious websites and can create dangers for your laptop and therefore to your data.
- Social media: Read our tips for using social media to avoid dangers to your devices through this vector.
- Operating system and applications: Keep all of your applications, especially browsers and Microsoft and Adobe Acrobat applications, updated. Ensure all patches for your operating system are current.
- Anti-virus/anti-malware protection: Always keep your definitions updated as your protection is only as good as the last update against the criminals’ latest iterations of malicious software (malware). Never click on a pop-up purporting to be a virus that has been found by some software other than your current anti-virus solution. There are numerous fake anti-virus scams which scare you into believing you have been infected, and then charge you for their software or take you to a malicious website when you think you are actually downloading the software.
- USB devices: Use caution when plugging these devices into your laptop or PC.
- Wi-Fi networks: Secure your home Wi-Fi network and take precautions when using public Wi-Fi networks. Follow the Wi-Fi Alliance’s tips.
Today’s smartphones and tablets have surpassed the volume of PCs and give us almost ubiquitous, real-time access to information, regardless of our location. We can check in for flights, make purchases, access our bank accounts, connect to social media, and so much more thanks to mobile-enhanced websites and dedicated applications. Unfortunately, mobile devices share many of the same, and even more, security risks, so it’s important to understand the threats and protect the device — guarding personal information stored on and sent by the phone or tablet.
Mobile Phone & Tablet Risks
- Malware: Today’s malware is targeting mobile devices just as much as PCs. Given the complexity of the additional operating systems customized for mobile devices, delivering anti-virus and anti-malware solutions as quickly as new devices enter the market has been challenging for the security community. You can be exposed to malware through many different vectors into your phone, including email, instant messaging attachments, Internet downloads, SMS and MMS messaging, Wi-Fi, and even Bluetooth connections. This malware can also spread to the contacts on your phone through text messages and email attachments.
- Theft or accidental loss: Since mobile devices are small and portable, they are easily lost and stolen. Without appropriate protection, your credentials and other personal information can be stolen, as well as intellectual property belonging to your employer.
- Application insecurity: Because mobile applications are developed rapidly for faster time-to-market, they often lack the security and security assessments necessary to ensure your device and information is protected.
- Personal information gathering: Mobile devices store more personal information than ever before, including financial account information and other data lucrative to cybercriminals.
- Children’s access to inappropriate material: It can be difficult for parents to track their children’s use of the web and texting on these mobile devices. Parental controls are needed on these devices, just as they are on the home PC.
Protect Your Mobile Phone & Tablet
- Information storage: If it’s your personal device, consider protecting your data with encryption and a strong password. Think about how much of your personal information should be stored on the phone. If it is your business phone, your employer can consider remote device wipe in the event of device loss or theft, encrypt all contents on the device, and ensure strong password use.
- Anti-malware: Use solutions which protect all of the communications on your phone, including email, IM, Internet, SMS and MMS, Wi-Fi, and Bluetooth communications.
- Remote device wipe: You can opt for this type of service as a protective measure in case your device is lost or stolen. These solutions, which remotely remove data from your device, are available through your employer or via subscription-based consumer applications.
- Follow best practices: Adhere to the same anti-phishing best practices that you follow when using your PC. Exercise caution with email attachments, links in suspicious instant messages, and other communications.
- Application caution: Be sure to use applications only from trustworthy and reputable sources. Do not presume that the provider has done a thorough security evaluation before the app is available for download. Consider waiting before you download the latest app to allow security researchers time to vet the application. This is particularly important for financial-related mobile apps and websites.
- Know what information is being gathered: Be certain that you know what information new mobile apps are gathering about you, before you download and use the app.
USB Stick, Thumb Drive & Flash Drive RisksThe enormous flexibility of moving data on small USB sticks, or thumb drives, has caused a tremendous spike in their demand. USB sticks are available with increasingly larger storage sizes at lower prices. Unfortunately, criminals are also taking advantage of the benefits, convenience, and popularity of these devices, by sharing malware with USB users. These devices are an easy way to proliferate malware — just as floppy discs did years ago. Thanks to something called AutoRun malware, these devices can be preloaded with malware, so when you plug it into your computer, it runs without further interaction. In addition, these devices, like mobile phones, can be easily lost or stolen, placing your employer’s intellectual property and your personal information at risk, if the device is not protected or encrypted.
The good news is that you can protect your data and your computer when using these devices:
- Purchase and use only encrypted thumb drives when storing any sensitive information, or purchase software for encrypting this information. Encrypted hard drives may also have other additional desirable security features such as strong authentication (your thumb scan), and the option to wipe the contents after unsuccessful authentication attempts.
- Companies can control what is loaded and downloaded from these devices with corporate data protection tools.
- There are ways to disable your computer’s ability to automatically run what is on the thumb drive when you plug it in, but given that the procedures require some knowledge of operating system features, it is best to consult a known expert for your computer’s operating system before proceeding.
There are many potential dangers to your laptop and the data on it, so it’s important to always follow best practices to effectively protect the device and data.
Protect Your Laptop: In addition to some of the best practices noted above for PCs, there are additional precautions to take for your laptops:
- Encrypt valuable personal information.
- Consider anti-theft services which help you to recover your lost or stolen laptop.
- Your employer may invest in remote wipe services to remove all data and prevent data breaches if your laptop is company-owned or storing corporate information.
- Never leave your laptop in your car and certainly not in an easily discovered location.
- When staying at a hotel, always lock your laptop in a safe in the room or at the front desk.
Gaming Console Risks
Since gaming consoles do not have Windows or other targeted operating systems, many users believe that they cannot be infected by malware. However, several types of malware for gaming devices have been identified, and can impact your device performance or steal your information. Additionally, these devices can also act as another threat vector into your home network.
Gaming Console Protections
While few anti-malware solutions for gaming consoles are available, you can do several things to protect your device and your network. Disable game consoles’ Internet access to remove the probability of downloading a virus and opt for local game use only. If you or your family member insists on using the game console online, protect your network from these devices by ensuring that all other hosts and routers in your home network or business network have appropriate security solutions, including anti-virus and firewalls.
Smart Meter Risks
Electric utility customers around the world are now opting for, or are being forced to choose, smart meters in order to get their electric service. A smart meter can be used as an attack vector into your home network if it is connected on your local home network or into your utility’s network where attackers can access your personal data and usage information.
Smart Meter Protections
Some smart meter vendors are integrating security protections into their meters and many utilities are applying security controls for the addition of the smart grid and its metering infrastructure. Request appropriate security from your utility and ask that they keep you informed of advancements in smart meter security. If you are considering connecting the meter to your home network, take the same precautions you already take with your home network.