This guide has eleven (11) core points and assumes the following:
- You are an individual who wants to protect your personal computer which is not used for commercial purposes and will apply this standard in principle.
- You intend to practice good security habits even after implementing the controls in this guide.
- You are thinking critically and will implement specific solutions that are reputable, affordable, effective, and fit well with your lifestyle.
- You are solution focused, dislike procrastination and bureaucracy and aim to get things done.
1. What is Personal Device Security?
Personal Device security is using good security practices to protect the data on your portable computing device from anyone or anything with bad intentions. That includes protecting it from malicious software and people who you have not permitted to access your personal computer. Personal devices are considered to be things such as Laptops, Tablets, Smartphones, and Desktops.
2. Protect your digital possessions
2.1 Install anti-malware and internet protection software - Use a reputable all-in-one security software from a single company to avoid installing multiple separate applications from different companies. Use the help guide to configure your security software and frequently scan your device for malware and other threats. An excellent all-in-one security software usually comes with the following protections:
- Anti-malware scanner
- Email and spam protection (for incoming and outgoing messages)
- Firewall (Network and Web traffic)
- Browser security plugin (to check website’s reputation)
- Parental Controls (to filter content for children)
- Automatic Updates (to identify new types malware)
2.2 Use strong and unique passwords -Always use long and complex passwords. If fingerprint access is available, consider using it to minimise the likelihood of someone spotting your password when typing. If you’re technical, then consider multi-factor authentication.
2.3 Protect your passwords - Use a password manager to help you create and protect strong passwords.
2.4 Browsing - If not a part of your selected security solution, install a website filter to block sites with a poor or bad reputation automatically. Some anti-malware from the point above come with a web filter protection.
2.5 Avoid portable storage - Always scan files from portable storage media (e.g. flash drives, and portable hard drives), especially if the drive is not yours. If you must, then use your security software to scan the portable drive, immediately after you plug it in. If your security software does not return any warnings and you feel comfortable about the files you’re accessing, then go ahead.
2.6 Check alerts - Pay attention to alerts/warnings from your installed security software and take smart actions. E.g. deleting a file flagged as malware or avoid visiting a site flagged as harmful. Be careful of online alerts that claim it detected something on your computer and needs to fix it.
2.7 Only install reputable software - This includes software you can run by themselves or software which is an add-on to another application such as browser plugins. Only install browser plugins from official app stores, and even then only install what you need.
2.8 Be extra sceptical of FREE stuff - To help avoid shady files piling up on your computer, minimise the suspiciously free items you download online. This includes software and others.
2.9 Avoid untrusted files - Only launch software and files you know are from reputable sources and safe. Check online reviews from legitimate sites if unsure.
2.10 Minimise sharing - Avoid or limit sharing your device with others at all costs. If you must share it, guests should log into a separate account which does not give them access to your data.
2.11 Educate yourself - Continuously try to learn basic things to help keep your computer free from malicious people and software.
Share the link to this standard with the management in your company to help them with their due diligence responsibilities.