These days your personal and workplace devices (mobile phone, tablets and laptops) store information of value to you, including your financial records, photos, medical records, personal documents and emails. Unfortunately, this information is of value to cyber criminals too. If your device is compromised or stolen it could lead to identity theft, bank fraud and /or fraudulent purchases to name a few problems.

Here’s what you can do to protect your devices:

Secure your devices – the basic to-dos

• Set a password / passcode / pin / biometric that must be entered to unlock your device and ensure automatic lock is enabled
• Set your device so that a password is required before an application can be installed, this will prevent unauthorised applications from being installed onto your device
• Leave Bluetooth turned off when not in use
• Never auto connect to join a hotspot
• Use legitimate software and install applications from official sites only
• Enable remote wiping

Install anti-malware / antivirus solutions

Adware, spyware, viruses and malware can be used to compromise your device, corrupt or delete files, or open up a back door to your device to access / steal documents. It can be inadvertently downloaded onto your machine because you have visited a compromised website, opened up a file in your email or clicked on a pop up. Installing an anti-malware and antivirus solution on your devices will prevent adware, spyware, viruses, malware from being installed onto your personal devices.

What do I need to do?

Ensure you have antivirus / antimalware solutions (from a reputable vendor) installed on your personal and work devices and that it is configured to auto update so you have the latest signatures installed when connected to the internet. The solution should be always on so that it is scanning files that your device is downloading or files / applications that your device is installing. You should also perform periodic full scans of your device.

Keep up-to-date with firmware and patch releases

In a time when cyber security threats are ever increasing, keeping up to date with the latest security patches / firmware is essential for both the workplace and personal devices. This will ensure that your devices and software is up to date and known vulnerabilities that can be remediated are remediated.

What do I need to do?

In the workplace

Ensure patches and updates are installed on your devices as soon as they become available. Devices that are not patched are left vulnerable for malicious actors to exploit.

At home

It is highly recommended that for devices at home, you enable automatic updates of patches and firmware to be pushed through to your devices, including mobile phones, laptops and Internet of Things devices (smart televisions, fridges, lights etc.).

At times the upgrade will be downloaded onto your device but will require a restart to install. If you do choose to install the upgrade at a later time, remember to have your device connected to a power source as it can sometime require a minimum amount of battery life to install.

If you have devices that can no longer be updated because they are at end of life and no longer supported by the developer, it is recommended that the devices are retired as they leave you vulnerable to a cyber attack by malicious actors.

Perform regular backups

It is good security practice to regularly perform backups for your devices as files can sometimes be corrupted or erroneously deleted, and devices can be lost or stolen. If data is lost or a device is stole, or in the event of a disaster, a backup can be used to rebuild the system and the data in the applications restored.

What do I need to do?

In the workplace

It is recommended that regular backups of the key files on your laptops / Mac laptops is performed. You should back up to your workplace’s approved solution, eg a secure cloud storage service or external hard drive. This will enable you to access your files in the event your device is lost, stolen or corrupted.

At home

Similarly, with your personal devices regular backups of key files (e.g photos, financial records, documents) to an external hard drive or a secure cloud storage device will enable you to restore your devices in the event your data is lost or stolen or corrupted.

The more frequently you perform your backup the more up-to-date your files will be when you perform a restore.

Avoid the use of public Wi-Fi

While free WI-FI is now a common service offering at airports, hotels, cafes, shopping centres and fast food restaurants, using it should be avoided where possible. These are not always set up using best practice and can be compromised. Malicious actors are known to set up public WI-FI that look like the ‘official’ WI-FI hotspot to steal banking credentials, username and passwords other sensitive information.

What do I need to do?

• Do not let your mobile device automatically connect to unknown WI-FI hotspots
• Instead of using the public WI-FI, tether off your mobile device and use the data provided by your mobile provider
• If you must use a public WI-FI, use a Virtual Private Network (VPN) application to connect
• Do not do any Internet Banking, online shopping, check your emails or access government services (e.g. MyGov, Medicare, MyID, VicRoads etc) using a public WI-FI connection

More information

Australian Cyber Security Centre how-to guides on how to back up and restore from your Mac, iPhone and PC.