16. Device Security

Lesson 86/135 | Study Time: 10 Min

Course: IT Professional Diploma

Computing devices are prime targets for cybercriminals who seek to exploit the information. Cybercriminals collect personally identifying information (PII), including:

Government ID numbers.
General information such as birth dates, addresses, email addresses, and phone numbers.
Financial information, such as credit card and bank account numbers.
Account credentials, such as those used to log into e-commerce websites or online banking accounts.

This lesson covers the topic of how to secure devices.

How to Secure Devices

Attempts to compromise PII are becoming more sophisticated every year. Increased sophistication makes attempts difficult to prevent and detect.

The following table describes common device security controls to protect PII.

Table 1: Secure Devices

Term	Description
Device passwords	Wireless access points, routers, and other devices often ship with a default password that an attacker can easily find on the internet. For this reason, it's important to change the default password to something secure. Computing devices such as laptops and smartphones typically give the option of using the device without a password or using another authentication method. While it's convenient to use devices without security, it's a really bad idea. If you lose the device, sensitive data could immediately be in the hands of a stranger.
Firewalls	Firewalls control the flow of network traffic and protect systems from unauthorized network connections. They're configured with a set of rules that define what kind of traffic is allowed and not allowed. For example, if a malicious user on the internet tries to establish a connection to a computer, the firewall identifies it as a violation and blocks the connection. There are two general types of firewalls: Network firewalls are configured at the border of the network, where it connects to the internet. By placing a firewall in this location, it can protect an entire network. Proxy servers can be configured as network firewalls as well. Host firewalls are installed on individual computer systems and protect only that system. For those who run a Windows system, Windows Defender Firewall is enabled by default. There are many third-party host firewalls available as well. To avoid conflicts, be sure to uninstall Windows Defender Firewall if you choose a third-party firewall. Typically, most networks use both types of firewalls. Network firewalls must be purchased and manually installed. Host-based firewalls are usually installed and enabled by default on most computer systems.
Data encryption	Data encryption is the process of translating data into an unreadable form that can deciphered only with a secret key. Windows 10, for example, can encrypt your entire device. This is a form of data encryption at rest. Other technologies provide the ability to encrypt the data when it is being sent to another device, typically over the internet.
Backups	Making a copy of your data, typically on a separate device, is another way to protect your data. This copied data is known as a backup. Having a backup of your data means that if your data is corrupted, you haven't lost your data. You can retrieve the data from the backup.
Anti-malware	Anti-malware software should be installed on computer systems to detect and prevent malware infections. Malware includes several types of malicious software: Viruses that attach to files and spread when the files are opened. Worms that infect systems and spread automatically through the network. Trojan horse programs that appear to be useful programs but secretly install malware without your knowledge. Spyware that tracks your computer or browser activity. Adware that displays unwanted pop-up advertisements. Starting with Windows 7 and later, anti-malware software called Windows Defender is installed and enabled by default on Windows systems. You can also install third-party anti-malware packages. You can have only one anti-malware package installed on a computer at a time. If you install a package and later choose a different one, be sure to uninstall the existing package before installing the new one. Anti-malware works as follows: Viruses and malware are identified by signatures or definitions. Attacks, including new attacks, are added to the software's database of viruses and malware. The software searches the computer for these signatures. The anti-malware software needs to be updated regularly. It can recognize the infection on a computer only if the software is current. You can be proactive in preventing malware by taking the following actions: Regularly scan for malware. Avoid logging on with administrative privileges unless necessary. Exercise caution when opening file attachments, downloading files from the internet, installing new software, and clicking links in emails. Set your anti-malware software to automatically scan your network on a regular basis. Sometimes malware can come from an infected machine in the network. A few signs to watch for that can indicate your system has been infected with malware are: Pop-ups show up in your browser and all the sites you visit. Sluggish processing time for websites to load or processing activities to complete. The system repeatedly crashes. A different toolbar displays. Sometime extra toolbars display. The default web browser has changed. You may get suspicious search results. Banner ads (third-party advertisements) display across the screen, often on multiple pages and often advertising free bogus security software programs. Redirection to a website different than the one you specified. It usually displays advertising, but could also attempt to capture authentication credentials. When an infected file is detected, the anti-malware software is usually good at taking care of the problem. You can manually configure the actions you want the software to take in the event of a detected infection. You can have: The infection was removed through cleaning. The infected file quarantined by blocking the file from being opened. The infected file erased.
Anti-spam	Spam is unwanted, unsolicited email that's sent to an email account. Key points are: Spam often carries viruses, advertisements for questionable products, and phishing attacks. Opening an attachment can execute a malicious file that infects your computer. Clicking a hyperlink in the message can take you to a malicious website. Some anti-malware software can block spam for you, but some can't. If your package doesn't, consider installing additional anti-spam software or switching to an anti-malware package does block spam. Although some spam is merely annoying; it does use processing resources.
Data destruction	When computers wear out or become obsolete, they're typically replaced with newer systems. System disposal can present a security risk. You must dispose of computers in a manner that prevents sensitive data from being exposed. If you're selling or recycling a computer, use a special utility to wipe the hard disk drive clean. Deleting the files is insufficient. The data still remains on the drive and can be easily reconstructed by someone with the right skills. Disk wiping software overwrites the hard drive with random data, obliterating any old data that's still on the drive. If you're disposing of a computer, consider destroying the hard disk to make the data it contains inaccessible.
Updates and patches	A best practice is to update or patch your computer on a regular basis. This helps to protect the devices from being exploited by the latest types of attacks. Patches and updates are needed for the operating systems, software, and even firmware. These patches can also help prevent zero day attacks, which are attacks that exploit a vulnerability in software before developers discover the vulnerability and patch it.

Previous Lesson Next Lesson

Adugna Asrat

Product Designer

5.00

Profile Book a Meeting

Class Sessions

1- 18. Reading on Logic Gates 2- 21. Module 1 Glossary 3- 8. Supplemental Reading for CPUs 4- 11. Reading for Data Storage 5- 13. Power Supplies Reading 6- 4 Reading on Connector Types 7- 21. Module 2 Terminologies 8- 22. Reading for Chrome OS 9- 21. Reading for ReFS File System 10- 16 Reading for Boot Methods 11- 17. Boot Methods Best Practices 12- 2 Choose OS for Your Next PC 13- 9. Reading for Ubuntu 14- 11. Module 3 & 4 Terminologies 15- 3. Common Scripting Solutions 16- 5 Reading: Software Versioning 17- 30. Software Terminologies 18- 28. Networking Terminologies 19- 4. Crafting Your Resume 20- 7. Creating Your Elevator Pitch 21- 11 IT and Computer Terms 22- Other Exam and Certification Resources 23- 10. Reading: IT Infrastructure 24- Live Class Schedule 25- Hardware-Part1: Connector Types 26- Hardware Part2:RAM 27- Hardware Part3:Motherboard 28- Hardware Part4: Power Supply 29- 7 Operating System Facts 30- 9 Windows Settings Facts 31- 20. The Windows Registry 32- 19. Task: Change Windows Settings 33- 23. System Software facts 34- 8 Functions of Operating Systems 35- 10. Practice for the interview 36- 27. Practice for the interview 37- 26. Domain Networks: Practice for the interview 38- 26. Virtualization: Practice for the interview 39- 8. Windows Features Facts 40- 9 Windows Interface Facts 41- 15. Windows File Management Facts 42- 16. Assign File Permissions 43- 17. NTFS Permissions 44- 18. Use PowerShell Commands 45- 23. AD: Key Tasks for IT Support 46- 8. Microsoft 365 Business Basic 47- 8. Web and Internet Facts 48- 9. Web Applications 49- 10. Blogs and Wikis 50- 15. Web Browsers Facts 51- 16. Website Navigation Facts 52- 20. Browsers additional Reading 53- 13. Proxy Server Facts 54- 11. Cloud Computing facts 55- 12. Software as a Service 56- 13. Cloud Business Solutions 57- 15. Windows Cloud Storage 58- 24. Social Media 59- 23. Crowdsourcing 60- 22. Digital Marketing Facts 61- Internet Communications 62- The Internet of Things 63- 17. Typing Master Lesson 64- 7. Basic Networking Facts 65- 8. Network Types 66- 12. Device Address 67- 9. Networking Device and Interface 68- 19. Wireless Standard 69- 10. Connection Types 70- 16. Virtual Private Networks Facts 71- 13. Internet Protocol(IP) 72- 21. HTTP Methods and Status Codes 73- 18. Dynamic Host Configuration Protocol (DHCP) 74- 14. Subnetting 75- 24. Network Troubleshooting Tools: 76- 23. Network Troubleshooting 77- 5. key aspects of data security 78- 6. Digital Privacy 79- 8. Identity Theft 80- 10. Authentication Facts 81- 11. Authorization 82- 13. Encryption and Decryption 83- 15. Password Best Practices 84- 17. Ecommerce Security 85- 16. Device Security 86- 19. Windows Defender 87- 20. Windows Firewall 88- 21. Confidential Information 89- 23. Fault Tolerance 90- 24. RAID Implementations 91- 25. Backup 92- 26. Disaster Recovery 93- SQL Basics & Commands 94- Introduction 95- Programming Terminology 96- Programming Language 97- History of Programming Languages 98- Algorithm, pseudocode, & flowchart 99- Programming Logic 100- Programming Paradigms 101- Integrated Development Environments 102- How Do APIs Work? 103- Activity: Basic Python Scripting 104- Activity: Basic JavaScript 105- Programming Career 106- HTML, CSS, and JavaScript 107- HTML Tags 108- Start Lab 109- 27. Security Career 110- 33. Networking Career 111- Database Career 112- 29. Internet Technology Career 113- 32. system support careers 114- 24. Computer Hardware Career 115- 7. Troubleshooting Methodology 116- 8. Documenting in Ticketing Systems 117- 2. What is Customer Service? 118- 3. Why Customer Satisfaction Matters 119- 4. Communication Skills 120- 5. The Pillars of Great Service 121- 6. Dealing With Difficult Customers 122- 7. IT support and customer service 123- 8. Effective Customer Service 124- 9. Mock Calls Script 125- Exam Objectives 126- Get Professional Certificate 127- Introduction to Data Analysis 128- 7.1 Microsoft 365 Account 129- Data Collection and Preparation 130- Descriptive Statistics 131- Data Analysis Tools: 132- Exploratory Data Analysis (EDA) 133- Data Presentation and Reporting 134- Overview 135- Step By Step Installation of SQL Server