We are buying new computers, smartphones, tablets and other internet connected gadgets more than ever before. Technology is developing fast and new products and product lines are published all the time. We connect our new devices to the internet without really thinking about the possible consequences this could have. Here are some quick steps to take when connecting a new device to the internet.
Step 1 – Secure your router
As a first step, you should be sure your home network is secure. If your home router and network is safe to use, it is safe to connect a device to it. I don’t recommend connecting a new device to the internet for the first time from a public WiFi and actually I recommend to avoid public WiFi’s in any case.
I have wrote a whole blog post about how to secure your router and home network. Check it out if you still haven’t as I won’t go to this in more detail here. Guide to Home Network Security.
Step 2 – Enable and configure your firewall
For normal home users, the firewall in the router and in the Windows or OS X operating system can be used with the default settings, as long as they are enabled.
It is a good thing to understand what is a firewall, as you have it on your computer already and probably in your router as well. The user can modify the settings if there ever is a need to. I suggest that if you are not familiar with firewalls, it is better to leave the default settings as they are as firewalls can be complex to understand at first. Take your time, research the type of firewall you have and then do the changes you need to your firewall rules.
If you are not familiar with what firewalls are, what they do and the types of firewalls there are, I suggest you to read my blog on firewalls. The post explains the basics of firewalls to help you get started.
Step 3 – Install and use antivirus software
Antivirus programs are a very good addition to your cyber defence. However, many of them can be as irritating as some adware as the free versions are commonly trying to make the user purchase the full version.
If you use common sense and don’t click every link and be smart on what sites you visit, you are doing pretty well. However, we can all be tricked at some point and everyone does mistakes. When this happens, it is good to have an antivirus software as a back-up plan.
Windows 10, for example, has built-in antivirus which is called Windows Defender. It has been developed a lot lately and even some companies don’t use any other antivirus in addition to Windows Defender. It still might be a good idea to invest into a full version of some antivirus or find one that doesn’t advertise too much. Be smart, don’t trust everything that is said to be an antivirus software, do some research before downloading.
Learn more about antivirus software, read my blog about the basics.
Step 4 – Remove unnecessary software
The more software and applications you have installed, the more attack surface you have. This means that any of the installations can give a route in your system for a hacker. Delete software and applications you are not using anymore or at all to reduce your attack surface.
Look for your installed applications and delete the ones you don’t need. If some applications are not familiar for you, research them and you will find out easily if the operating system or some other important application needs them to work properly.
It is also a good idea to have an up-to date backup before you remove anything just in case something breaks after deletion.
Step 5 – Follow the principle of least privilege
The principle of least privilege means that the user has only the amount of rights as they actually need. It is not a good idea to give normal user administrator permissions.
There are a couple of reasons for this, first of all, the user can now install and delete anything and even make changes to firewall rules or other important security-related settings. The other thing is that if the system gets infected with malware, the malware has usually the permissions as the user that was infected. If all users have all permissions, it is more likely that so does the malware.
Create user accounts for all users and don’t give them all permissions. Only use the administrator account when you need to install, delete or make changes to settings.
Step 6 – Disable unnecessary default features
Operating systems usually come packed with some features that you might not want or never use. This is basically the same as removing unnecessary software but just with built-in features.
Research the purpose of a feature, determine if you need or will use it and disable it in case you decide it is not useful for you. Most features are disabled from the settings.
Step 7 – Secure your web browser
When you install your favorite web browser to your new device, it is important to go through the browser’s security settings. The default settings should be adjusted to more secure ones.
Step 8 – Apply updates and enable automatic updates
One simple thing to help you out with keeping up with all the updates is to enable automatic updates. These can be enabled for your operating system and different software, depending on the vendor. Updates should be applied as soon as possible and automatic updates can be enabled from the settings.
Updates usually contains security updates, this means that the updates are fixes and patches to some now commonly known vulnerabilities. By installing the update, attackers are not able to use these vulnerabilities to gain access to your system. However, if you keep pressing the postpone update button, your system stays vulnerable and can be exploited by attackers.
Step 9 – Use strong passwords
Strong passwords are key to staying safe online and even physically. Always password
Use a password that is long, and contains uppercase letters, lowercase letters, symbols and numbers. I personally use passwords that are at least 16 characters long and follow the complexity described above. I use a different password for every service I have signed on. I store my passwords in a password manager as it is not possible to remember tens of long and complex passwords.
I have written a blog post that goes into more detail on how to create, manage and use passwords securely. Be sure to check it out.
Additional steps for secure internet usage
Now that we have made sure that our home network is safe to use and we understand and use the best cyber security practices in our every day life, we can start looking for some ways to stay more secure while using the internet.
The amount of different threats while surfing on the net is huge and therefore it is very important to understand them so we can avoid and help others to avoid them as well.
Continue learning about cyber security on my post about website security. That post covers the basics of how to stay safe on the internet.