Security Checklist - at Work and at Home

Encryption encodes the data on your devices in a way that helps prevent unauthorized parties from accessing. Encryption is especially important if your device is lost or stolen; it helps prevent someone from getting in without your passcode.

  • Windows: Enable BitLocker.
  • macOS: Enable FileVault.
  • Linux: Use dm-crypt or similar.
  • Android: Enabled by default since Android 6. Don’t use an earlier version!
  • iOS: Enabled by default since iOS 8. Don’t use an earlier version!

Supported versions mean you get security patches, and that your software developers are actively working on making your software more secure.

  • Windows: Check this list every once in a while.
  • macOS: Apple tends to support the three most recent major named ( e.g. Catalina) versions.
  • Linux: Most active distributions are well supported.
  • Android: Security updates target the current and last 2 major versions. For instance, if the current version is Android 10, that means Android 8 and newer versions are supported. In Android’s case, you must also ensure that your manufacturer/carrier is seeding the periodic security patches to your device. You should be getting them at least every few months. If not, consider upgrading, or checking if LineageOS has official support for your device.
  • iOS: Apple tends to support the most recent major version and the 3 prior. For instance, if the current version is iOS 13, that means that iOS 10 and newer versions are supported.

 

One of the benefits of using supported software are software and security updates - so use them! You can usually schedule automatic updates on most modern devices for both operating system and applications. 

Automatic login is disabled by default on most modern devices - don't override this setting!




Enable automatic locking on your devices -- it is enabled by default on most modern devices, so don't override this setting!

  • Select a long, random, and memorable password 
  • Do not include your personal information such as birth date, phone number, etc.
  • Do not reuse your login and password combination for other applications or services
  • Consider biometrics when available

Using a unique login and password combination for each of your accounts can seem overwhelming - consider using a password manager to keep track of them.  Not sure where to start? We've got advice on how to choose one!

Whenever possible, use a second factor to protect your logins.

  • Especially for password managers, emails, online banking, and cloud assets
  • Opt for authenticator app, wherever possible
  • Avoid SMS
  • Windows: Enable in Settings > Update & Security > Find my device
  • macOS: Setup iCloud on your device. Enable via Settings > Your Name > iCloud > Find My Mac
  • Linux: third party application needed (some ideas)
  • Android: Set up a Google account on your device; it will be enabled by default
  • iOS: Setup iCloud on your device. Enable via Settings > Your Name > iCloud > Find My iPhone/iPad.

Not in the US?  Make sure that VPNs are legal in your country

  • Scrutinize every email
  • Don't open email attachments if you don't know or trust the sender
  • Do not execute downloaded files unless you are sure their source is trustworthy
  • When installing applications, use your vendor's official store (Windows Store, Apple Store, Google Play)
  • Avoid plugins unless you are sure their source is trustworthy
  • Do not click through browser or operating system warnings without reviewing them thoroughly
  •  Windows: Follow Microsoft guidelines. When asked, select Remove everything
  • macOS: Follow Apple’s guide
  • Linux: Follow Arch's guide, then reinstall your distro
  • Android: Settings > System > Reset iotions > Erase all data (factory reset)
  • iOS: Settings > General > Reset > Erase All Content and Settings