Blog


← Back to BLOG

19
Jun
2019
Device Hygiene 101

Device Hygiene 101

The Keys to Device Hygiene

As with automobiles, buildings and our own bodies, devices require a bit of maintenance. Failing to take basic proactive steps, such as updating apps and deleting and organizing files, can lead not only to degraded performance but also adds security risks. At your workplace, it is your responsibility to follow policies your company has put into place which are aimed at proper device maintenance. If you’re unsure of those policies, ask!   A small commitment to device hygiene yields reliable functionality and reduced security risks.

Keeping your machine clean and running properly doesn’t require a ton of work. Here are a few great tools that can help you live a healthy cyber life. As always, never install third-party apps on work-issued devices unless policy allows. Here are some apps to consider:

  • -Password Manager- Having trouble remembering all the logins for all of your accounts? Get a password manager! It creates, stores, and syncs your usernames and passwords across multiple devices.
  • -VPN- Short for virtual private network, a VPN encrypts your internet traffic to prevent cybercriminals from intercepting and stealing your data on public WiFi networks.
  • -Antivirus- One of the most inexpensive and basic options, software that prevents viruses or malware should be utilized on desktops and devices alike.
  • -Find My Phone- Most smartphones offer a service that allows you to locate your phone from a different device and ping it to ring or completely reset it to default, which erases all sensitive data.
  • -Authenticator- Two-factor authentication, or 2FA, requires something you know (your password) plus something you have (your phone) in order to log into an account. Authenticator apps improve on traditional, less secure 2FA methods such as sending codes to your phone number or email address.

Here’s a small Smartphone Security Checklist to keep in mind:

  • -Remove unused apps (Digital cleaning)
  • -App permissions reviewed (not everything needs access to your location)
  • -Antivirus software installed (it is a computer, after all)
  • -Password protected and lock screen after a short period of no use (it is simply common sense)
  • -VPN installed (never connect to public WiFi without one)
  • -Auto update enabled (updates often patch security flaws and glitches)
  • -Backed up (either to the cloud, a computer, or both)

The CIA of Device Hygiene

Confidentiality: Keeping secrets secret

Secrets require strong passwords! Every device should be protected with a strong passcode, and lock screens should automatically initiate after a short period of non-use. That way, if it ends up in a stranger’s hands, they won’t easily gain access to all your sensitive info.

Integrity: preventing flaws

One of the easiest security incidents you can avoid is the exploitation of outdated software and firmware. Most devices and apps allow you to enable auto-update, which keeps them functional and upgraded with the latest security patches. Cybercriminals can sometimes use outdated software as a backdoor to gain unauthorized access to devices and computers.

Availability: ensuring secure access

Data is useless if it can’t be accessed or located. Since devices can’t last forever, we should always view them as temporary and keeps them backed up. And don’t underestimate the benefits of proper file management! If you can’t find it, you can’t secure it.

Mouse Over on Mobile

Hovering your pointer over a link to display the full URL helps keeps systems safe. But how is it done on mobile? Unfortunately, with so many different manufacturers and app developers, no standard exists for mouse-overs on mobile. A long-press displays the URL on some devices and some apps. Others require a third-party app to achieve that same function. But regardless of whether your device or the app allows you to long-press a URL, it’s best to avoid doing so unless you’re 100% confident the URL is safe! A long-press could lead to an accidental click, which in turn, could lead to a security incident.

Policy = Security

Every airline enforces a policy that requires cockpits to remain locked during flight. Most businesses are required to provide evacuation routes in the event of an emergency. And our organization develops policies designed to keep data secure and systems safe. It’s your responsibility to know and always follow our policies. If you need more info, please don’t hesitate to ask!

Proper device maintenance includes respecting and securing access to that device!

Respecting Privileged Access in 4 Easy Steps

  1. Never share your credentials, digital or physical, with anyone for any reason.
  2. Strong passwords aren’t enough. Create a unique password for each account.
  3. Avoid assumptions. If something seems unusual, report it immediately.
  4. Always follow policy. Circumventing organizational policy places everyone at risk.

What is credential stuffing?

Remember how every security expert ever warned against reusing the same password for multiple accounts? Credential stuffing is why. When a data breach spills hundreds of thousands of account credentials (usernames and passwords), cybercriminals use that data to “stuff” websites with automated login requests. Any reused credentials will give criminals additional access to other accounts. Don’t let this happen to you! Create unique passwords for every single account and enable two-factor authentication wherever possible.

Bad USB

Compromising an organization doesn’t always require phishing emails or sophisticated technology; sometimes, all you need is a simple USB device and a curious human who plugs it in. Flash drives, keyboards, even USB cables, are all capable of delivering malicious payloads on behalf of social engineers. Protect your systems by never plugging in unknown USB devices. Make sure you know our policy about plugging in USB devices, and if you ever find a random USB device, report it ASAP!


If you want more security tips, check out the navitend blog site, or if you have any questions feel free to call Patrice at 973-448-0070 ext 312. 

Testimonials

  • "I look forward to working with you again in the future. Once again, thanks to your organization for your prompt response."

    Luke Wolters / Luke Wolters Tax Consultants
  • "navitend has been a great IT partner for our company.  Their helpdesk response time is the best I have experienced in my 30 year career.  navitend has helped me to have great IT services without the need to have a full time, in house, technician at significant savings to our company."

    Bob Bradley, President, Bradley Graphics
  • “Navitend’s expertise helped our firm over the past year to effectively elevate our I.T. game, powering our website into a highly interactive tool. Well done to Frank and his team!”  

    Chuck Steege, CFP®, CEP, President, SFG Wealth Planning Services, Inc.
  • "Thanks so much!  You are a class act!  
    You and your team have really done an excellent job on this!"

    Steve Van Ooteghem, The C12 Group in Houston, Texas
  • "Thanks so much again for taking care of everything in such an expedient manner. It's a pleasure to work with navitend and its staff as always!"

    Lawrence Wolfin / Textol Systems, Inc.
  • "I am writing this to tell you how pleased the Township of Andover is with the services provided by navitend. It has been a wonderful working relationship, I am so impressed and they come with my most highest recommendation."

    Jayme Alfano / Andover Township
  • "I appreciate that they didn’t just build the application. They made it better by bringing ideas to the table that not only made for a better user experience, but also kept the development costs down."

    Andy Lynch / North Star Marketing
  • "Our company is more efficient and has grown as a result of navitend’s work. navitend helped us get to the next level."

    Greg Niccolai / Madison Insurance
  • "You guys are OUTSTANDING! Thanks for all you’ve done to make this transition seamless."

    John Bryant, CEO, Christ's Home
  • "We've dedicated our lives to growing our retail and ecommerce business and it's a relief to have found a company like navitend who treats our business likes it's their own. navitend's personal approach to project management and problem solving are top-notch."

    Stamatis, Co-owner Twisted Lily, Fragrance Boutique and Apothecary