Quick security recommendations for your devices
پست شده2023.10.17
Quick security recommendations for your devices
We are often asked where can one start, what are minimum steps should one consider taking in an effort to better protect their devices. Below we are sharing what we are recommending as the first, often most effective and most important items.
General
- Use unique and strong passwords for each account, using a password manager to safely store them.
- Use Two-Factor Authentication (2FA) on supported accounts. First consider using hardware tockens (see below), then using time-based one-time password (TOTP) apps/programs. Avoid using SMS for 2FA if you can.
- Avoid using biometrics (face ID, fingerprint scan) as an authentication method.
- Delete old files, documents, pictures, screenshots and chat history that you do not need on your device. Securely backup as necessary before removal.
- If you can, avoid installing social media apps, you can use the website with your browser.
- Restart your device frequently, this ensures updates are applied properly and for cases of non persisten malware, that the risk can be reduced.
2FA hardware token recommendations:
2FA TOTP recommendations:
Further reading:
- Creating Strong Passwords
- Privacy Guides' Threat modeling article
- Security Planner recommendations
- Open Brienfing's Digital security guidance
- Surveillance Self-defense: Security plan
Android
- Check that your Android is up to date and your version of Android and the device are still supported (check Samsung, Pixel, Nokia mobiles).
- Automatically update your apps.
- Enable Play protect.
- Review the permissions your apps have access to.
- Review installed apps and uninstall any unneeded/unknown ones.
- Ensure apps can only be installed from trusted sources.
- Set a long password to protect access to your device.
Further reading:
iOS/iPhone
- Check that your iOS and device are still supported and up to date.
- Automatically update your apps.
- Review the permissions your apps have access to.
- Review installed apps and uninstall any unneeded ones.
- Switch on the lockdown mode, which increases the difficulty in compromising your device.
- Set a long password to protect access to your device.
Further reading:
Windows
- Ensure you are using a supported version of Windows with Auto-updates enabled and any software installed via the Microsoft store is set to auto update.
- Ensure Windows Defender is turned on or a 3rd party Anti-virus solution.
- Consider using hardentools to disable some often abused features.
- Consider using Simplewall to monitor where you computer is connecting to.
- Ensure Bitlocker or Device Encryption is turned on.
- Ensure your computer requires a strong password to log in.
- Review installed programs and remove any that are no longer needed.
Further reading:
MacOS
- Ensure MacOS Auto-updates are enabled and that you use a supported version of MacOS.
- Consider using LuLu to monitor where you computer is connecting to.
- Ensure Filevault is enabled.
- Ensure your computer requires a strong password to log in.
- Review installed programs and uninstall any that are not needed.
Further reading:
Ubuntu Linux
- Ensure that your version of Ubuntu is still supported and that you are keeping it and the installed software up to date.
- Enable the Firewall or consider using OpenSnitch to monitor where you computer is connecting to.
- Ensure LUKS encryption is enabled when you install the Operating System.
- Ensure automatic login is disabled and your account is set up with a strong password.
Further reading: