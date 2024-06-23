Maintaining practical cybersecurity measures at home is as important as ever, as the consequences of a breach can be devastating. Unfortunately, even vigilant cybersecurity doesn't always offer total security. However, you can reduce your risk substantially by not appearing to be an easy target.

Here are some simple steps you can take across your PC, phone, and tablet to improve your security posture and reduce your risk of being a victim of cyber crime.

Improve the security of your phone or tablet

Protect your phone above all

Your phone is arguably the most important of your devices to protect. Once unlocked, it typically contains the digital keys to your online life. These may be things like password managers, easy login-free access to emails, authenticator apps, SMS verification, plus things like banking apps. Having your phone fully compromised can wreak havoc, so it's important to protect it. Most of the time, a phone is secured at baseline with biometric or passcode security, but you can still take additional steps to mitigate your risk, and help you recover if your phone is attacked. Most of these steps also apply to tablets, as Android and iPad/iOS are largely similar in this regard.

Set a strong password or pin

This one seems silly, but is essential. You truly need to set a strong pin - not a common pattern or easy to guess date like your year of birth. In some parts of the world, it's common for criminals to observe a phone's pin being entered before attempting to steal it. If this applies to where you live, or you've got other concerns about someone observing your pin and using it to access your phone, we'd recommend a full password instead of a few obvious number pad entries. Pick something strong, since you're unlikely to need to type it more than once a day. Also, don't use something that's already in use online or in other locations.

Monitor your app permissions

Privacy permissions in phone operating systems have improved significantly in the last decade, and now both iOS and Android support hard permission barriers for specific apps. We'd encourage you to use these wisely, and only sparingly grant things like access to Contacts, photos, or your location to apps you trust. If possible, limit this access to a short period of time, or only while you're using the app.

Setup Find My Device

Another essential step to take when setting up your device is to set up remote management through iCloud or Find My Device. This will enable you to remotely track and lock your device, as well as remotely wipe it if necessary. This is essential, because while your device is theoretically secure, when someone has physical access to a lost device for an unlimited amount of time, there could potentially be a breach.

Only install apps from a recognized source

A final essential step for security on your phone or tablet is to only install apps from official sources. Both Apple and Google have extensive procedures for validating new apps uploaded to their respective app stores, and protections in place to ensure that these applications are not malicious. With the upcoming implementation of side loading and third party app stores on iOS, and the ability to easily install APKs on Android devices, it's essential that you do not install any app from a source that you don't fully trust.

While it might occasionally be necessary to install an app from an off-platform source, you should ensure you trust the website you're downloading it from. Binaries of apps can be easily modified to insert all kinds of malicious software, and downloading them directly from the internet removes any protection you might have compared to utilizing an App Store download.

Improve the security of your Mac or PC

A computer is vulnerable in a different way than a phone

Your PC or Mac has a different set of challenges when it comes to cybersecurity. The software on your PC or Mac is a less strictly controlled environment, and is more vulnerable to attacks remotely, without physical access.

Install an antivirus

Let's clear one thing up. Yes, Macs can get a virus. Also, you probably do need an antivirus in 2024. On Windows, this is normally in the form of Windows Defender (or Windows Security, as it is now rebranded). Ensure this is active on your device, and scanning for incoming threats on a regular basis. On macOS, we'd also recommend having an antivirus, and there are plenty of great options. While their effectiveness isn't guaranteed, it's unlikely to harm performance, and adds an extra layer of security against common malware.

In a similar vein, it's also important to ensure that your operating system firewall is enabled. NAT is not a security feature, and it is important to ensure that your PC is in control of any incoming connections. This is enabled by default on Windows and macOS, so if you haven't explicitly disabled it, then you shouldn't need to change anything, but it's worth double-checking this.

This is another one that may seem like a no-brainer, but is extremely important on your PC or laptop. As we've mentioned, your laptop or PC is far more vulnerable to traditional malware than your phone or tablet, predominantly due to the differences in the operating system environment that make it easier for malicious code to run, as well as the greater number of potential ingress sources for malicious code. This makes it all the more important to run OS updates (with patches) regularly. It's also essential to ensure you're not using an unsupported operating system - so no more Windows 7. This has practical consequences, too. Just this week, Microsoft patched a vulnerability in Windows' Wi-Fi driver that may have allowed a zero-click remote takeover of the driver.

Ensure your disk is encrypted

This one is enabled by default on macOS, but BitLocker needs to be enabled on Windows 11. There are plenty of guides on how to enable BitLocker for Windows, but it does require a supported device. Enabling disk encryption prevents someone from physically taking the hard drive out of your machine, mounting it as a disk elsewhere, and downloading your data.

Enable 2FA for your accounts

This one might not seem directly tied to your PC, but if the worst were to happen, it might end up being your last line of defense. A compromised PC or laptop can easily leak passwords and logins to a malicious actor, which could then be used directly or put up for sale as part of credential dumps online. By having a second authentication factor enabled, you can help prevent one compromised device or login from allowing easy access to all of your online accounts.

Unfortunately, this is no guarantee that you'll be protected in the case of a compromised device, but at least you will be prompted for a 2FA, notifying you that something strange is going on.

Security is a game of risk management

There's no silver bullet for improving your security and privacy at home, but there are plenty of low-effort things you can do to mitigate the risks. By taking simple steps, keeping your devices well configured and up to date, you significantly increase the effort required by an attacker. This can make the difference between being the easiest target or not even being a target.