Basic IT Security

By Muhammed Adheeb

Today, we live in an online world. Everything is connected to everything else. Communication is not just limited to living things. Today, most of the communication seems to happen among devices! With concepts like IOT, the Cloud and mushrooming of smart devices, the amount of data exchanged among devices is incredible!

Each day, we hear of a new ‘smart’ device coming up. From smart phones to smart clothes to smart toilets to smart fridges to smart homes, whatever we come into contact seem to be smart!

Well, now we need to ask ourselves a question. Do we actually know what a ‘smart device’ is? Its implications? In most cases, we will not have the correct answers to these questions.

In very simple terms, a smart device is a device with an operating system or OS, and the ability to connect to a network such as the internet. This ability opens up a world of possibilities and unfortunately, some of it to hackers as well!

When a device is able to communicate over a network, we need to know that the device is reachable via the network as well. In other words, hackers will be able to communicate with your device, and exploit its smart features and get access to information you did not want to share.

Although hackers have exploited many vulnerabilities in the devices themselves to get hold of information, in most cases the main culprit is not the device itself, but rather the users of these smart devices. Most of the time, we compromise the security of these devices by not following simple security guidelines and a lack of common sense.

Following are a few tips to make us smarter when using smart devices!

  1. Protect your password

    • Never share your password/s with anyone – passwords should not be shared even with those who are close to you. If the person you shared your password with is careless with it, you end up paying the price. In the even you really need to share a password, make sure to change it to a random password (you can generate one from the internet), and then change it back again once the requirement is over.

    • Never have the default password.

    • Never use the same password for everything.

    • Change your password every 3 months.

    • Do not use your phone number, names. Names of loved ones, names you are associated with, as your password.

  2. Don’t let em fish you!

    • Never use your credentials to login to a site that is not secure.

    • Always be aware of the URL that you are using your credentials. Use your credentials only on the official site.

    • Never provide your credentials in order to get free data, access to free stuff etc. Most of the times, these are traps by phishers to steal your passwords.

    • If you accidently enter your credentials in a suspicious site, make sure to immediately change your passwords and report the site.

    • Educate yourself about what phishing is and how to protect yourself from it.

  3. Mind that cam and mic!

    • Often smart devices come with cameras and microphones. If such device are hacked, hackers will be able to eavesdrop on your conversations and spy on you without you even knowing it! Creepy stuff right? So make sure your camera and microphone is blocked when not in use. You can do this simply by using duct tape and covering the camera and microphone with it.

    • Even when you need to use these, make sure that you are aware of what information you are sending. You don’t want to accidently send our images or information that might compromise your privacy. As much as possible, try to point them away from giving too much information about your whereabouts.

  4. Wipe it clean!

    • Data can be retrieved from memory even after it is deleted. The memory needs to wiped to avoid this.

    • If you are giving your device for repairs, make sure to remove the memory.

    • If the memory cannot be removed, make sure to wipe it. This can be done simply by creating a dummy file and then deleting it, or simply download a tool from the internet.

  5. Don’t get logged

    • Key loggers are a very easy trap to walk in to. Avoid using public computers to browse your personnel accounts as much as possible.

    • If you really need to use a public computer, use a temporary password.

    • If this too is not possible, change your password as soon as you can after using a public computer.

  6. Use 2-step verification

    • This is a good way to protect yourself, even in the event your password is compromised.

    • Activate 2-step login/ verification wherever possible.

  7. Keep your systems up to date

    • Make sure to install the latest updates to your OS and security patches.
  8. Don’t dig your own grave!

    • Never install anything from suspicious sources.

    • Only install software or apps from sources you trust.

    • Make sure to be aware of what permissions the app requires before installing.

    • Be aware of abnormal data usage after you install a new app or software.

  9. Prevention is better than cure!

    • Last but definitely not the least, one of the most important things, install a good antivirus software.

    • This is almost a requirement now a days to keep your data safe.