Day 5

Setting Up Encryption, Lock Screens, FindMyDevice & Auto Updating

 
 

DAY 5: Setting Up Encryption, Lock Screens, FindMyDevice & Auto Updating

Welcome to Day 5 of my 30 day security challenge, the month long challenge I created to help you gain control of your privacy and security online. You can follow along with the security challenge via my blog at snubsie.com, where you can skip ahead or download a checklist of the challenge. Each video will also be curated into a playlist so it'll be easy to follow along from Day 1 all the way through 30 here on Youtube.

The last two days were tough to get through, I know. But now, your home network is by far, much more secure than most people you know. So pat yourself on the back! This was your first big accomplishment in the 30 day security challenge. Today we're moving onto our personal devices and making those just a bit more secure by simply using some free apps or built in settings. I've included links to more detailed information on each of these settings in the links below, and will discuss how to make devices secure specifically for newer Android phones, newer iPhones or iPads, Apple Mac computers, and Windows 10. If you have an older operating system or a different phone, you can look up these same techniques for those as well via the web. For all of these, we'll be working within the settings apps - and the settings app usually looks like a little gear icon on whichever operating system you're using.

First, take out your smartphone! This is the first device we're going to protect. We're first going to set up your lock screen! A lock screen is the first screen you see whenever you turn on your smartphone. It's usually locked down with a PIN code, a password, a pattern to unlock, a fingerprint, or now, a facial recognition unlock. You want to turn this on. A lock screen helps protect your physical device in case it is stolen or in the hands of someone it shouldn't be in. Some lock screens are more secure than others (hello fingerprints and warrants are a thing), but honestly I'm just happy if SOMETHING is there. I prefer a PIN code but you may want to use something else.

For Android phones, you can find the Screen Lock option under Settings - Security / Location - Screen Lock, then follow the on screen directions to set your screen lock. If an option for automatic unlocking when you're on your home network is available, I'd recommend not using that as it is less secure, even though it's more convenient. For Apple iPhones and iPads, launch the Settings from your Home Screen, click Touch ID and Passcode, then turn passcode ON. Now everytime you turn on your phone, it'll require you to put in that passcode or fingerprint or pattern to unlock the phone and access your data.

Let's move on to encryption! Encrypting your smartphones has gotten fairly easy in the past few years. Some phones even come encrypted by default, which is great. An encrypted phone works no different than a non-encrypted phone, and you won't notice anything weird after setting it up. Encrypting a phone means that if it falls into an attackers hands, they won't be able to read your data, even if somehow someone could bypass the lock screen (not legitimately unlock it). With an Apple device, simply setting up that passcode turns on the encryption. So you're already encrypted. Done. For Android phones, make sure its on a charger (it takes some time to encrypt), go into the Settings app, then Security, then Encrypt phone. Encryption requires your same lock code as the one used on your lock screen. Be sure to remember these passcodes or PINS.

Now turn on Find My Device. This is a feature from both Google and Apple that will locate your phone in the event that it is stolen or lost. It uses location data to triangulate your phones location, then shows you where it is on a map. It's useful because if your phone is stolen, you can remotely wipe all of it's contents so no one can access stuff. BUT on the other hand, location details can be a private matter, and you may be wary of turning on that setting. For Apple, Find My Device is built into iCloud, so if you have an iCloud account, you can use the app. To turn it on, on your smartphone go to Settings - Your username - iCloud, scroll to My iPhone, then turn on Find my iPhone and Send Last Location. Then you can log into iCloud from a computer and find your device if it ever goes missing. Android phones have Find My Device on by default, and it can be accessed via android.com/find. Now that you've got that turned on, test it out from a computer. Go to the iCloud or android website, and try to ring your device from the computer and check where it is on the map.

Now, just make sure your phone is up to date! Making sure you have the newest version of the operating system is important, because oftentimes, security updates are included that fix vulnerabilities found in older OSs. Check your iPhone by going to Settings, General, Software Update and follow on screen instructions to update it. For Android, go to Settings app, System, System Updates (or your option might be under About phone). If you see an option to check for updates, click on it. That'll check Google's or Apple's servers for a new update for your phone on demand.

Now let's move on to your computer! Computers have lock screens too, for the same reason. To turn on a Mac lock screen, go to your Apple Menu, System Preferences, Security and Privacy, then General. Choose Require Password after sleep or screen saver, and set your password. This'll also work whenever you turn on your computer. On Windows 10, click the Start button (the Window icon on your keyboard), then click the Settings icon. Choose accounts then Sign-in options. Here's where you can change or set a new password or PIN.

Encryption on computers is a little bit complicated. Apple has made this much easier with FileVault, which can be turned on via the Apple Menu, System Preferences, Security and Privacy, then click FileVault, then follow on screen instructions to set your encryption up. FileVault will give you a recovery key that is necessary if you lose your password for iCloud. Write down this recovery key in your notepad for the time being. In Windows, go to Start, Encryption, Change Device Encryption Settings, Manage Bitlock, and Turn on Bitlocker. Bitlocker, unfortunately, is only available for Windows Pro, Education or Enterprise editions. So if you're a home user, you can use a third party service instead. I have used VeraCrypt, which is an open source encryption for Windows that works quite well to keep data secure. VeraCrypt has been continually updating and is a work in progress, but other options are also available via the internets. Encryption takes a while to complete, so sit back and relax, and let your computer do it's thing.

Now to turn on Find My Device for your computer. Since you already turned this feature on for your Apple iPhone, it's also already turned on for your Mac. If you haven't turned it on yet, follow the same directions as before to set up Apple's Find My Device. For Windows, go to Start, Settings, Update and Security, Find my Device, then Turn On. Now if your Windows machine gets stolen you can to go account.microsoft.com/devices and wipe your device if it gets stolen. Again, test the Find My Device options by logging into the Find My Device account from another device, and try ringing the computer or making it play a sound.

The last thing on today's to-do list is updating your computer. For Apple, open the App store on your Mac, click Updates at the top, and download any updates that appear. For Windows, go to Start, Settings, Update and Security, Windows Update, and Check For Updates. Download and install any updates available then restart your machine if it doesn't do so automatically. It's wise to turn on automatic updates if available via these settings as well for any device you own.

Okay! You're officially done with Day 5 and have done the absolute minimum to protect your devices security and privacy. Now if your devices are physically stolen, you can breath easier knowing it'll be harder for a criminal to get into your data.

Tomorrow I'll share why we nerds suggest turning off Bluetooth, NFC, and WiFi. But first, make sure to subscribe on youtube and hit up snubsie.com for the downloadable checklist and to skip ahead on the 30 day security challenge. Again, I'm Shannon Morse and I'll see you tomorrow for day 6!



Setting up your lock screen

https://support.google.com/nexus/answer/2819522?hl=en
https://www.imore.com/lock-screen

Smartphones are easy to encrypt and lock down!

https://ssd.eff.org/en/module/how-encrypt-your-iphone
http://www.androidauthority.com/how-to-encrypt-android-device-326700/
https://www.lifewire.com/encrypt-the-data-on-your-android-phone-or-iphone-2377707

Using Find My Device

https://www.google.com/android/find
https://support.apple.com/explore/find-my-iphone-ipad-mac-watch
https://support.google.com/android/answer/6160491?hl=en

Update your phone:

https://support.google.com/nexus/answer/4457705?hl=en
https://support.apple.com/en-us/HT204204

Turn on (or change) your lock screens

https://www.laptopmag.com/articles/change-password-windows-10
https://support.apple.com/kb/PH25376?locale=en_US

Encrypt your hard drive

https://support.apple.com/kb/PH25553?locale=en_US
https://www.howtogeek.com/234826/how-to-enable-full-disk-encryption-on-windows-10/
https://support.microsoft.com/en-us/help/4028713/windows-turn-on-device-encryption
https://www.veracrypt.fr/en/Home.html

Find your Computer

https://support.microsoft.com/en-us/help/11579/microsoft-account-find-lost-phone-device
https://support.apple.com/explore/find-my-iphone-ipad-mac-watch
https://account.microsoft.com/devices

Update your computer:

https://support.apple.com/en-us/HT201541
https://support.microsoft.com/en-us/help/12373/windows-update-faq