SUDDENLY IT'S ALL ABOUT SECURITY! PART FOUR
We have come to the end of this four part security series. My personal feeling is that I want to be informed about what is and isn't a risk and as always our goal is to teach our clients how to do the same. I am so pleased at the positive response to this rather in-depth look at an important topic and I do hope you are all feeling confident and more empowered in keeping your computers and mobile devices safe. In the coming months I will also address privacy- the next big issue facing us as our world becomes more connected.
PART 4: MOBILE DEVICES & PASSWORDS
Staying safe in our mobile world - even just out and about everyday - has become much more of a concern now that many of us carry and rely on iPhones, iPads or laptops. So what is the best way to protect yourself?
iPhone/iPad Security is something that is often overlooked but any smart phone or tablet is a target for thieves or simply getting lost. Many think it is not a big deal if their device is lost or stolen. Wrong!!!! If you have any information stored on your device at all such as names, addresses andphone numbers in your contacts or you receive/send emails, that information can easily be stolen if your device isn't locked. Truly, unless you ONLY play games that require no log in and you have no identifying information on your device, it needs to be locked - ideally with a custom Alpha Numeric Passcode and your fingerprint. I also recommend enabling the "Erase Data" after 10 failed passcode attempts under Settings > Touch ID & Passcode and turning on "Find My iPhone" in your iCloud settings.
Laptop Security is often overlooked but it truly, like iOS devices, is not optional. Apple has made it so easy to secure your laptop that there is no excuse. Once again it starts with a strong log in password that you use every time you start up your laptop and ideally that is required a short time after your laptop is inactive (i.e., the screensaver starts or it goes to sleep). You can customize this behavior in System Preferences > Security > General.
There is an additional security feature that Apple has made highly functional especially on newer computers (desktops, too) called FileVault. CAUTION!!! FileVault encrypts your entire hard drive on the fly and keeps your data safe when used correctly but it is also not forgiving - IF you should forget your password and lose the recovery key, you can never get your data back!!!!! This article from Apple explains FileVault in depth.
With all the attention given to the recent breach of Yahoo's secure servers it should be easily apparent that weak passwords or using the same passwords over and over is one of the most dangerous things we can do in our modern Internet connected world. I have long preached about using secure, different passwords for all your logins. But with all of us having so many passwords, needing to remember them and different websites having different requirements, it can be overwhelming!!
My best recommendation is to use a password manager that also lets you create secure random passwords and then memorizes them for you. My favorite is 1Password which I use and recommend but there are others out there. This is a very good article on different methods to create secure passwords should you prefer to mange this on your own.
The latest method of adding extra security to an account is called "Two-Factor Authentication". Typically this means that whenever you log into any existing account from a new location or device you will be sent a code that you will need to enter on the website or device before you can sign in OR you may have to enter a pin number you created or answer a question. Most large services such as Apple, Google and Dropbox have offered two-factor authentication for a long time as have many banks and financial institutions. We are now beginning to see more and more websites that require logging in offering this method. This is how Apple implements two-factor authentication.