Device Security

& Protection Leon Chapman

Joe Parla Grand Computers Club

NT SIG March 16, 2016

Mind Reader Demo

iPhone 7 Rumors

Samsung VR Rollercoaster

3/16/2016 2 www.grandcomputers.org

How Tech Reveals Us Personal Info Found Online

• Photos 60%

• Birth date 50%

• Email address 46%

• Employer 44%

• Home address 30%

• Cell phone # 24%

• Video 24%

• Political party 20% 3/16/2016 3 www.grandcomputers.org

“Resonate” by Nancy Duarte

Trouble Makers

Threats to data loss:

• 42% hardware failure

• 30% human error

• 13% software corruption & “bit rot”

• 7% viruses, malware, spyware

• 5% theft, ransomware

• 3% other

3/16/2016 www.grandcomputers.org 4

Privacy Strategies Popular actions currently used

• Clear browser history & cookies 64%

• Delete social network posts 41%

• Disable 3rd party cookies 41%

• Use temp email service 26%

• Encrypt communications 14%

3/16/2016 5 www.grandcomputers.org

Pew Research Center, 2013

Helpful Tools

Helpful tools (use with caution)

• Malwarebytes (malware removal)

• CCleaner (registry & system cleaner)

• Secunia software updater (may be taking new direction)

• Glary Utilities (multipurpose tool)

• Slim Computer (multipurpose tool)

• Cocktail for Mac (multipurpose tool)

3/16/2016 www.grandcomputers.org 6

Tune-up to Improve Security

• Keep software up to date

• Regularly defragment your hard drive

• Check for viruses and other malware

• Spring clean your web browser

• Limit startup programs

• Get rid of unwanted programs

• Remove temporary files

• Backup data, devices, & drives

3/16/2016 www.grandcomputers.org 7

GAO Study

• Passwords are not enabled

• Two-factor authentication not used

• Wireless communication not encrypted

• Devices can download apps with malware

• Devices do not have security software

3/16/2016 www.grandcomputers.org 8

GAO Study

• Operating systems are out-of-date

• Apps on devices are out-of-date

• Devices do not limit Internet connections

• Devices have unauthorized modifications

• Communications channels are poorly secured

3/16/2016 www.grandcomputers.org 9

Ways to Protect Yourself

Protect the data

• Use passwords correctly

• Consider storing important data on separate media

• Encrypt files

• Install and maintain anti-virus software

• Install and maintain a firewall https://www.us-cert.gov/ncas/tips/ST04-020

3/16/2016 www.grandcomputers.org 10

Ways to Protect Yourself

Protect the device

• Stick with OS App Store for apps

• Use gestures or long passwords

• Back up your data

• Choose your Wi-Fi networks wisely

• Read the fine print on apps (EULA)

• Have a "remote control" function

CSO Security & Risk

3/16/2016 www.grandcomputers.org 11

Ways to Protect Yourself

Protect the device

• Less is more when it comes to apps

• Have a backup plan

• Consider mobile security software

• Be wary of fake SMS (text messages)

• Auto-lock your devices

CSO Security & Risk

3/16/2016 www.grandcomputers.org 12

Ways to Protect Yourself

Use multiple types of authentication

• Something you know (password)

• Something you have (one-time code or smart card)

• Something you are (fingerprint or other biometric method)

• Somewhere you are (GPS/IP location, real-time-photo)

3/16/2016 13 www.grandcomputers.org

Ways to Protect Yourself

Email

• Use anonymous service

• Encrypt email (OpenPGP)

• Encrypt disks, flash drives, file (VeraCrypt)

3/16/2016 14 www.grandcomputers.org

Ways to Protect Yourself

Web browsing

• Tor browser

• Lock down browser (CERT)

• Use multi-factor logon

• Use https with Chrome when possible

• Enable two-step authentication on your Amazon account

3/16/2016 15 www.grandcomputers.org

Ways to Protect Yourself

Cloud services

• Encrypt sensitive data or do not use

File storage & archive

• Create private cloud (PogoPlug)

• Encrypt portable drives

3/16/2016 16 www.grandcomputers.org

Ways to Protect Yourself

Social networking

• Limit use of these sites

• Monitor what “friends” post about you

Location data

• Avoid using Foursquare

• Minimize apps that use location info

Wireless services

• Limit use of BlueTooth & free Wi-Fi 3/16/2016 17 www.grandcomputers.org

Ways to Protect Yourself

Search engines

• Use trackless search engines like DuckDuckGo

Personal security

• Use stronger password & passphrases

• Use a password manager

3/16/2016 18 www.grandcomputers.org

Manage Your Passwords

• About LastPass

– Number 1 Rated

–Encryption on Workstation

– Free for Web

– $12 for devices

– Support for All Browsers and OS

–Can support USB one-time-passwords

3/16/2016 www.grandcomputers.org 19

Where To Get It

www.lastpass.com

3/16/2016 20 www.grandcomputers.org

Where To Get It

www.lastpass.com

3/16/2016 21 www.grandcomputers.org

You Can Always See Your Vault

www.lastpass.com

3/16/2016 22 www.grandcomputers.org

Tools & Software • 20 security apps for Androids &

iPhones

• 20+ best FREE security tools

• How To Encrypt Data on Your Smartphone

• Top 3 Android security apps: Do they protect?

3/16/2016 www.grandcomputers.org 23

Tools & Software • 10 Android Security Applications to

Keep Your Mobile Devices Safe

• 10 Helpful iPhone Security Apps

• Find My iPhone Demo

3/16/2016 www.grandcomputers.org 24

Advice • National Cyber Awareness System

• Securing Your Web Browser

• 9 hacking, phishing & social engineering lies

• 10 tips for Android security

• How Do I Protect the Information on My Mobile Phone?

3/16/2016 www.grandcomputers.org 25

Advice • How to Wipe Your Device Before

Donating?

• Erase Your Info Before Donating A Cellphone

3/16/2016 www.grandcomputers.org 26

Next Meeting

Augmented &

Virtual Realities

Wednesday, April 20, 2016

4:00-5:30pm

Havasupai/Maricopa Rooms

Chaparral Center

3/16/2016 27 www.grandcomputers.org

Next Meeting

Samsung VR Rollercoaster

VR Headphones Stimulate Inner Ear

3/16/2016 28 www.grandcomputers.org

Questions???

3/16/2016 www.grandcomputers.org 29