With holiday gift exchanges in full swing, many people are receiving and setting up the latest devices in their homes and offices. But no one wants their new gadget to open them or their work environment up to a security or privacy problem, Christopher Budd, senior threat communications manager at Palo Alto Networks, wrote in a recent blog post.
"Nothing spoils the fun and excitement of unboxing and playing with an exciting new device than trying to figure out what you need to do to use it with reasonable safety and privacy," Budd wrote in the post.
Here are 12 basic but critical steps that you should take to ensure the security and privacy of your new devices, according to Palo Alto Networks.
SEE: Password Policy (Tech Pro Research)
1. Use a password manager
PCs, Macs, smartphones, and tablets increasingly support use of these managers for generating and storing strong passwords. Though not all devices can use password managers directly, these are still beneficial to set up, particularly those that offer two-factor authentication, Budd wrote in the post.
2. Protect your routers and Wi-Fi
The common point for all devices in a home or office are routers and Wi-Fi networks. While many people set these up once and forget about them, you need to make sure they are secure, Budd wrote. Take the time to create a strong password, and consider configuring them not to broadcast the SSID—this might make it a bit harder to add devices to the network, but makes it more difficult to breach, he added.
3. Set up more secure accounts on your PCs and Macs
Make sure every user for PC and Mac laptops and desktops has their own regular user account with a username and password, with one separate administrative account for maintenance.
4. Prevent lost tablets and smartphones from turning into something worse
As more people use their portable devices for banking and other sensitive transactions, they must ensure that pass codes are enabled, information is encrypted, lost device location settings are turned on, and data can be wiped if too many bad passwords are tried, Budd wrote.
SEE: Security awareness and training policy (Tech Pro Research)
5. Protect your data on smartwatches and personal fitness devices
Much like smartphones and tablets, these devices often contain sensitive personal data. Along with enabling passwords and other security features, you should also take time to understand what information is being used and that the cloud accounts these devices are connected to have strong protections in place as well, Budd wrote.
6. Be smart with your smart home
Internet of Things (IoT) devices all have their own security and privacy settings, and a best practice is to research and understand those before you install them in your home, Budd wrote. "Across the board, though, making sure your home router and Wi-Fi have good security and that you're using good, strong unique passwords when pairing devices with apps (where possible) are easy things you can do for all these devices," he added.
7. Don't forget about home entertainment apps, TVs, and DVRs
Users of these apps and devices need to ensure the device itself as well as the router and Wi-Fi are secure, Budd wrote. However, home entertainment also involves apps, not just devices. Apps from providers like Netflix, Amazon, and Hulu should all have individual strong passwords.
SEE: Encryption policy (Tech Pro Research)
8. Protect your gaming consoles too
Like home entertainment devices, gaming consoles involve both the security of the actual device and the security of the cloud-based accounts that need to be dealt with, Budd said. Many gaming platforms now include two-factor authentication, which should be enabled when possible, he added.
9. Configure user profiles for voice assistants
Voice assistants are still relatively new technologies, and come with a number of security risks, including voice command hijacking by outside sources, Budd wrote. "For these devices, take time to configure individual user profiles as much as possible," he added. "And many of these devices feature mute buttons that can functionally turn them off when you don't need them. If you haven't been using it, consider using that feature."
10. Use smart speakers smartly
Smart speakers are essentially a subset of voice assistants in that they are voice-activated devices in your home or office that often have digital assistants built in, so they require the same security measures, Budd wrote. If you are looking for a device solely to play music, you may want to consider one that isn't connected to the internet for more security, he added.
11. Drive safely and securely with smart cars
Strong smart car security involves building on the good security around devices and good physical security, Budd wrote. "Ensure that any connected smart devices have good security, especially to protect against loss or theft," he added. "And ensure that any cloud-connected accounts have good passwords and use a second authentication method, if possible."
12. Patch, patch, and patch some more
Patching is the most important thing you can do to stay cybersecure, Budd wrote.
"Few people like getting into the guts of devices to manage updates and the apps on them but the reality right now is that this is not only critical for security and privacy, it's also sometimes a process that can only be done manually," Budd wrote. For every device or system, you should learn to do updates for the firmware, the operating system, and the apps on it, he added.
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Phishing attacks: A guide for IT pros (TechRepublic download)
- Information security policy template download (Tech Pro Research)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2018 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Senior Editor for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.