COLUMN: Avoid these classic security blunders
* Missing updates: Software vendors routinely release updates and patches for their products. Some updates are purely functional and aren’t very important, but those released to correct security flaws or most certainly are. Ensure that updates are installed regularly (if not automatically) for your programs and operating system. If you run Windows 10, in most cases the Windows Update feature will handle the operating system updates for you, but you still need to ensure your applications (programs) are updated. This is usually done via a menu item in the program - such as “Help > Check for updates”.
If you would like to update popular software such as Adobe’s Reader or Google Chrome in one easy step, you can build a customised installer package for these using the free Ninite utility from https://ninite.com. This tool works as an updater or installer for any of the most popular system utilities and apps.
* Careless data storage: Look around your office - even if you don’t, how many of your colleagues are saving files or data, either personal information or for work, on a USB drive? USB drives are typically left in pockets and drawers or attached to key rings or lanyards. I’ve found them forgotten in shared PCs in cyber cafes, libraries and hotel lobbies. These drives are shared, carried and lost like pens.
There are multiple risks to consider. If the data is not being backed up elsewhere, there’s a risk if the drive fails or is broken. Even worse than this would be a data breach - if a drive containing private data such as names and addresses or financial information ended up in the wrong hands. The problem applies to any mobile storage device - a USB drive, external hard drive, CD or DVD media, laptops, iPads, backup tapes or memory cards.
Ensure your portable devices are secure by using encryption. To protect backups, DVDs or external drives, look for an encryption option in your backup software. To protect mobile devices such as USB drives or laptops, choose a disk encryption tool. The Professional and Enterprise editions of Windows include a built-in encryption tool called BitLocker which can encrypt the PC’s hard drives as well as removable drives (this is called BitLocker To Go). For Windows 10 Home users, there are several third-party encryption tools available. See the guide at https://tinyurl.com/encsw2019.
For tablets and smartphones, encryption can be centrally managed via MDM (Mobile Device Management) software, or configured on an individual device basis. For iPads and iPhones, the PIN used to unlock the device is important, as once this is configured the device’s data is automatically encrypted. Android devices support encryption too - look in the “Security & Location” menu.