Devices Security Best Practices | CompTIA IT Fundamentals FC0-U61 | 6.2

In this video you will learn about securing devices (mobile & workstation) and device use best practices.

Securing Devices (Mobile/Workstation)

In the following sections you learn about the elements of device security, including antivirus, firewalls, password usage, safe browsing, and device and operating system patching/updates.

Antivirus/Anti-Malware

All computing devices whether they are desktops, laptops, mobile devices, Microsoft Windows-based, macOS-based or another operating system needs antivirus/anti-malware protection.  Here are the three major levels of antivirus/anti-malware protection:

  • Enabling and using an operating system’s default antivirus/anti-malware features:  Microsoft’s Windows Defender Security Center (Windows 10) offers protection against threats and also monitors system health.  However, other desktop and mobile operating systems do not include their own antivirus solutions.
  • Downloading free antivirus/anti-malware protection:  Many antivirus/anti-malware vendors offer powerful free versions of their commercial products.  For home or home-office organizations, these perform a very good job. However, commercial products offer additional features you might find useful.
  • Subscribing to commercial products:  Commercial products typically offer more features than free versions and also offer better support.  Many business-class products also offer centralized management to support multiple types of computers and devices.

Regardless of the product you use, follow this plan for best protection:

  • Set up automatic quick scans to run at least weekly.
  • Set daily updates.
  • Enable real-time protection to stop threats as they enter your systems
  • Update the virus scanner when available.
  • Run full system scans if a problem is detected with a quick scan or if a major virus or malware outbreak is reported.
Windows Defender Real-time Protection

Host Firewall

A firewall is a software or hardware network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.  A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the internet. A firewall can be a self-contained hardware device, a feature built into a router, or a software program.  Software firewalls are also referred to as host firewalls. A host firewall can be used along with a hardware firewall device for an additional layer of protection. Windows and macOS include host firewalls that work on a per-application basis.  Many third-party commercial antivirus apps also include their own firewalls.

Windows Defender Firewall Apps
macOS Firewall

Linux distributions include the iptables command-line utility.  Iptables can be configured to permit, drop, or reject connections based on IP addresses or TCP ports.  It can receive (input), forward, or output traffic based on the rules you specify.

Changing Default Passwords

Default passwords for your workstation or other device and web-based apps should be changed immediately.  After changing your passwords, take steps to protect them.  Routers and other devices with embedded web servers, such as print or scan servers, have default passwords.  These should be changed to prevent unauthorized users from taking over the devices.

Enabling Passwords

If you are using computers, mobile devices, or services that support passwords but don’t require them, you should enable passwords.  If you are using a local account with Windows, a password is optional. By changing a local account to a Microsoft account, the user’s Microsoft account password becomes the password for the user’s Windows account on any Windows device.  Make this change through the User Accounts or Accounts menu (varies according to the Windows version in use). If your macOS computer is configured for automatic login, disable automatic login and make sure that a password is required after sleep or screensaver mode.  Make these changes through the System Preference, Security & Privacy, General tab.

Safe Browsing Practices

Web browsers can be used as attack vectors that can infect systems with malware or be used to perform phishing and other types of identity theft.  Follow these safe browsing practices to avoid potential issues:

  • Enable your browser’s protection against questionable websites
  • Close pop-ups claiming your system is infected or that you need to update your browser, Adobe Flash player, or media player.  You might need to close down your browser to shut down these types of pop-ups. Run your own antivirus checker and go directly to the websites for your preferred media player(s) to check for updates.
  • Don’t click on third-party links purporting to take you to your bank, credit card, or other e-commerce site.  Log on to the website directly.
  • When shopping online, go to known websites.  Watch out for websites offering products that are much less expensive than market value.  These sites might be trying to get your payment information without delivering a product.
  • Make sure e-commerce sites are secure.

To protect yourself from suspicious websites in Google Chrome, enable Protect you and your device from dangerous websites (Settings, Advanced, Privacy and security).  In Firefox, enable Block dangerous and deceptive content (Preferences, Privacy & Security).  In Edge, enable Help protect me from malicious sites and downloads with Windows Defender SmartScreen.  In Safari, enable Warn when visiting a fraudulent website.

Patching/Updates

Patches & updates to operating systems and device drivers are essential to keeping systems working properly and securely.

Microsoft Windows

Windows installations are typically patched with Windows Update.  Windows Update is available through the Control Panel in Windows 7 and in Settings in Windows 8.x and newer.  Windows Update normally runs automatically, but you can also start as desired to check for updates.

Windows Update Settings

Updates can also be installed manually from your web browser.  Windows Update can be configured to install updates for Microsoft apps such as Office.  Many apps check for updates automatically, but some install the updates for you while others prompt you to install the update when you want to.

macOS

macOS upgrades, updates, and installed app updates are delivered through the App Store.  After opening the App Store, click Updates.  Click Free Upgrade to upgrade your version of macOS.  Click Update All to install all updates, or click Update for each individual update.  You may need to install updates and check for updates again to ensure that you have installed all available updates.

Linux

Some Linux distributions include a GUI-based update manager.  You can also update Linux and installed apps from the command line in a Terminal (console) session.  With a Debian-based release (such as Ubuntu), use the following commands:

  • Use sudo apt-get update to find new versions of the apps and operating system and to update the contents of your system’s software repository.  The software repository is the Linux equivalent of an app store and includes the operating system and apps.
Ubuntu Update
  • Use sudo apt-get upgrade to install software and the operating system.

Android

To determine if an update is available for your device, connect to Wi-Fi, open the Settings dialog and look for About device or a similar option.  Click the link to start the update process.  Depending on your device, you might need to have it at least 50% charged or it might need to be plugged in.  If you are unable to locate an update via Settings, check with your device vendor to see if an update is available online.  Android devices may be set for automatic app updates. To check your update settings, connect to the internet via Wi-Fi and then open Google Play.  Swipe right to open the user panel. Tap Settings (gearbox icon).  Tap Auto-update apps and make any changes needed.  To update apps manually, tap Apps & games and select the apps to update.

iOS

To check for updates for an iOS device, tap the Settings button after you connect to the internet with Wi-Fi.  Tap General to continue the process.  To check for updates to installed apps, look at the App Store button.  A number on the button indicates the number of available updates. Tap the App Store button, then tap Updates to choose which apps to update.  Tap Update all to update all listed apps.

Device Use Best Practices

In the following sections you will learn how to find trusted sources of software and how to remove software that you don’t need or that can harm your device.

Software Sources

Software (apps, programs) can come from a variety of sources such as:  CDs, DVDs, or USB flash drives. But most vendors today provide software as downloadable files.  macOS, iOS, Windows, and Android also have application stores to make shopping for apps easier. In the following sections, you will learn how to make sure you are getting apps from legitimate sources.

Validating Legitimate Sources

The App Store (macOS & iOS), the Microsoft Store (Windows), and Google Play (Android) are the safest ways to get software for the respective operating systems.  For Linux, using the updater built in to some distributions (distros) or the command-line apt-get update/upgrade methods for Debian-based distros or similar options for other distros provide safe sources for updates.  macOS devices can be configured to install apps from any developer, from the Mac App Store and identified developers, or from the App Store only. To see the current setting or to make changes, open System Preferences, Security & Privacy, and click the General tab.

To avoid installing potentially harmful apps from unfamiliar sources, configure your Mac to allow only apps from the App store.

Researching Legitimate Sources

Vendor’s websites are the best places to go to locate legitimate sources for major apps, such as office suites, graphics suites, and antivirus.  If you are looking for a bargain, you can sometimes find price reductions at websites or retail stores of major retailers. Be very careful of buying software that might be used or whose box has been opened.  If you don’t have the validation code, or if the validation code has already been used to register the software to a previous purchaser, you’re stuck with a worthless program.

OEM Websites vs. Third-Party Websites

There are a number of third-party download sites that act as aggregators for utility apps or casual gaming apps that are distributed as freeware or as a limited-time sample.  Some of the leading sites include MajorGeeks, The Windows Club, and Softpedia. One problem with some download sites is their preference for using installers that bundle unwanted or unnecessary software along with the actual app you want.  You can avoid this problem by using the direct download link available on the download page or by going directly to the original equipment manufacturer (OEM) website for the desired download.

Removal of Unwanted Software

Unwanted software can slow down your system, clutter up menus, and can sometimes interfere with other programs on your system.  You can remove it in a variety of ways:

  • To uninstall a program in Windows, use the Add/Remove Programs feature in Control Panel in Windows 7 and earlier versions or Apps & features in Windows 8 through Windows 10.
Uninstall Apps
  • To uninstall a program in macOS, drag the application to the Trash and click Delete when prompted.  If an app is installed on your system but does not appear in the Applications folder, check with the app vendor for an uninstall program.
Uninstall Apps in macOS
  • To uninstall an app in LInux if there’s a GUI software manager, use its Remove option.
  • To uninstall an app in a Debian-based Linux distro, use the following command:
    • sudo apt-get remove appname
  • When installing a free app, choose the custom installation option and uncheck the optional apps you don’t want.  If you keep the apps off your system, you won’t need to uninstall them later.

Many Windows laptop and desktop computers from major manufacturers include a large number of unwanted software programs.  To uninstall these applications quickly, many users run the PC Decrapifier app. This app can remove multiple apps at the same time.

Removal of Unnecessary Software

Unnecessary software is software that performs the same job as another program on your system.  One of the problems that happens with software that duplicates what other software does is that the operating system usually selects the most recent program installed as the default for the file types it can open.  You can change these settings, but if you find that you’re not using one of the programs you installed, just uninstall it. Use the same methods that you use to get rid of unwanted software to get rid of unnecessary software.

Removal of Malicious Software

Malicious software is software that is designed to mess up your system, steal files off of your computer/server, or take your files hostage.  The creators of malware usually make sure that their programs don’t show up in the usual locations (Control Panel, Settings, Applications, etc).  You can scan for viruses and malware with the tools you already have installed on your system. If your antivirus/anti-malware program finds bad software, it can remove it for you.  However, malware apps that get past your existing protections often hide themselves too well to be located with conventional antivirus/anti-malware apps. For this reason, it is not a good idea to reinstall your operating system and an antivirus/anti-malware app.  The virus or malware could still be present on your system. Instead, you can use the following methods to fight back:

  • Check to see if your antivirus/anti-malware app’s real-time protection was turned off.  Some viruses and malware do this as part of the infection/attack process. Turn it back on and perform a full scan.
  • If you are unable to turn real-time protection back on, you need to use an alternative.  Removal programs that run from bootable optical drives or USB flash memory drives have their own operating systems and can locate malware and repair infections.  Be sure to use a different computer than the infected one to download and create removal media.
  • You can also run web-based detection and removal tools offered free by many antivirus vendors if malware has not prevented a connection to those websites.
ESET Online Scanner
  • One of the most difficult types of infections to remove is a rootkit.  A rootkit can hide itself in normally inaccessible parts of the operating system, such as the boot sector on the system drive, and can’t be removed by most antivirus utilities.  To remove a rootkit, you need to use a rootkit removal tool.

Here are some bootable virus, malware, and rootkit removal tools you can download for free:

Some free web-based antivirus/anti-malware scanning apps include the following:

It is not always possible to remove all traces of malicious software with a single tool.  It’s advised to use two or more to clean your system.