Protecting your mobile devices

– Antivirus is not enough

Relying on antivirus software alone to keep computers safe is a dangerous approach. At best, this strategy offers only basic protection, penetrable by determined attackers who can craft attacks using “zero-day” vulnerabilities that security professionals have yet to discover. Antivirus software protects computers to some extent, but it is reactive, meaning that antivirus software vendors are always one step behind attackers.

You should think seriously about multiple levels of protection. Attackers can target systems in multiple ways: sniffing passwords using key-logging software; targeting victims using “phishing” techniques; or even stealing data held physically on the device. Thankfully, there are several things you can do to protect yourself.

– Consider the data

Think about what you’re really protecting when you try to lock down your device. Only the data on your computer are really important; so, protection mechanisms should be data-centric, designed to protect the information stored on a computer.

One of the first things you can do is to encrypt your data. Storing data in plain text is the perfect way to lose it if your system is stolen or lost – and there is little excuse not to encrypt a laptop. Microsoft Corp.’s Windows operating system (OS) offers the encrypting file system, which allows you to scramble information on your hard drive. Encrypting a file is as simple as right-clicking on it, selecting “Properties/General/Advanced,” then checking off the “Encrypt contents to secure data” option.

The alternative is “whole volume” encryption, which was included with the Ultimate and Enterprise editions of Windows 7, and with the Pro and Enterprise versions of Windows 8. This method encrypts all of the information in a volume on your hard drive.

This encryption protection should extend to removable devices. Many firms have made the headlines for the wrong reasons after mislaying information that was stored in plain text on a USB key or an external hard drive.

Most recently, an employee with the Region of Peel in southwestern Ontario lost the personal information of more than 18,000 citizens after an unencrypted memory card, which was left in a bag in a car, was stolen. And let’s not forget the situation surrounding the Investment Industry Regulatory Organization of Canada earlier this year, when an employee lost a mobile device containing the personal financial data of 52,000 brokerage clients from 32 firms. Those data also were unencrypted.

These situations could have been easily avoided. Windows has a version of its BitLocker disk-encryption feature, called BitBlocker To Go, for removable drives. This feature installs an application that encrypts the entire drive, turning it into a read-only storage device that then can be read by other computers operating on the Windows OS – but only if they have the password. On the Mac, you can use FileVault to encrypt your data.

Proper password management is important for both of these OSes. Having a weak password will enable attackers to break into your system and scramble your data. Use long system passwords, preferably random strings of characters that you commit to “muscle memory,” so that you easily can type them in when you boot up your laptop.

– Password management

You can’t remember long random strings of letters and numbers for every website or application you access. Password protection is a challenge for many people, who end up either writing down their passwords in an easily accessible place, storing them in a file on the desktop or, worse still, using the same password for everything.

You should use a password manager, installed on your computer, that automatically generates strong, nonsensical passwords for you to use with your favourite applications and websites, then saves those passwords. The best of these tools automatically will fill in log-in screens for web applications, along with other forms, such as billing screens for e-commerce sites.

Password managers encrypt the passwords that you use and also enable you to enter those passwords without typing them on the keyboard. If you are unlucky enough to be infected with a piece of key-logging malware, which detects your keystrokes and sends them to an attacker, then a password manager will give you a better chance of avoiding being compromised.

– Install a watchdog

There are additional ways to protect the data on your laptop. Data-loss prevention products watch for data that look like they might be sensitive (the formats for social insurance numbers or credit card numbers, for example). Such loss-prevention software then prevent a user from absent-mindedly emailing or copying these data to a removable device. Some of this software can be installed on individual devices; others are available in hardware that sits on your local network and watches for telltale traffic to block it before it leaves.

If you need to send a document with sensitive data to someone else, there are ways of protecting them after the data have left your device. Information rights management is a Microsoft technology that’s used to encode Office documents. Creators of these documents can set properties that stop others from forwarding, modifying or printing the information within. These restrictions also can be set to expire after a certain time.

– Mobile management

Although most of the aforementioned solutions focus on laptop users, many financial advisors use tablets and smartphones as mini-computers in the office.

Thankfully, some of the same measures are available for these devices. For example, Google Inc.’s Android OS offers full-device encryption built into newer versions. Apple Inc.’s iPad also includes encryption, although the way it handles it under the covers means that data could be recovered from a jailbroken device without a password.

Another safety measure is to use a remote location and data-wiping service for your mobile device. This comes built into Apple’s iOS, which is used in iPhones and iPads. This wiping system will locate your device for you, and you also can lock it so that others don’t have access to your data. The tool also enables you to erase the device remotely. All of this requires that the device connect to the Internet after it has been lost or stolen, of course.

For both mobile devices and laptops, keeping up to date with security patches is perhaps one of the most crucial pieces of advice. Cyberthieves are good at exploiting older versions of software in which vulnerabilities have been found. Keeping the software up to date will protect you from many software-based attacks.

© 2013 Investment Executive. All rights reserved.