Module 1: Protecting Devices

  Learning objectives:

Digital device is tool on which user can create, process, and store files. Digital devices offer easy access to the information: email, bank account, social media account, etc. Modern digital devices can have huge amount of sensitive data like photos, documents, and it is a window to modern digital world.

In this module participants will learn about threads in digital environment and best practices in physical and digital safety in order to protect their digital devices and prevent loss of digital content and privacy of digital content on them.

This module has 3 sub-sections; physical safety that covers how user can protect his digital device from unauthorized access to digital device, and how to avoid damage to device. Second sub-sections is how to protect digital device from malwares and online attacks by using anti-malware software, firewall and updates. And third sub-section will cover techniques how to save digital content and prevent loss of data.

Training contents:

Physical safety

Most of modern digital devices that we use have compact size that makes them particularly vulnerable to theft, and accidental loss or damage on device. In case that device get stolen or u lose device, thefts or person who find device could get access to device data and other sensitive information such as e-bank accounts, and social platforms (Facebook, Instagram, Twitter). Losing a digital device is usually a huge pain for the device owner, but it can impact people and organizations whose data may be compromised by the theft.

Physical damage on device could lead to complete loss of device and data on device. Main goal of physical security is to control who has access to the device and proper user of device.

What are risks:

  • Substantial financial losses if thieves access saved e-bank account or some online platform m account for sending and receiving money.

  • Data that can be found on device, can threaten user privacy, unwanted access to data on device can give sensitive information such as home address, phone number etc.

  • Sensitive data on device or access to social platform account saved on device can damage device user reputation.

  • Risk of legal implication if device has sensitive documents (firm documents or intellectual protected documents).

  • Complete loss of data that was on device.

  • Loss of device and financial losses due damage on device.


What device user can do to prevent?

1. Password-protect digital devices.

If anyone steals digital device, or if it device gets lost and found by someone that wish to use it. They will have to defeat device password to get access to digital content on device, which will significantly slow attackers or make device unusable for them. Although it is not impossible to defeat password protection on a digital device, it adds a useful layer of protection, buying device user time to locate and recover the device. Creating a strong and secure password is crucial because it is user digital key to digital content stored on device. Many digital devices today have more advanced way to identify user such as face recognition or fingerprint. But most basic way to protect digital device is to use strong password.

2.Use tracking software on digital device

Most of digital devices can be tracked with appropriate software. That information can be used by police to track device. Mobile phones for example can be remotely locked or user can delete all data remotely. It is best to contact police in case device is stolen or loss.

3.Do not leave digital device in public places.

Leaving digital device unattended in public places (airport, train, bus, coffee shop, restaurants etc.) can encourage thief to stole him.

4.Use of unauthorized repair service to repair damaged devices.

In case digital device gets damaged user should always use authorized repair service to prevent possible unprofessional repair of digital device, which can lead to loss of device digital content.

5.Using device properly

Use digital device according with instructions for use provided by manufacturer to prevent damage to digital device.

Protecting systems

Main thread to digital device system is malwares that can be found today everywhere.

Malware is a combination of the words "malicious" and "software." It is often used as a catchall term for threats such as viruses, spyware, adware, and other software installed without a user's consent or knowledge. Some of the ways that a digital device can be infected with a malware can be visiting the website and downloading infected files from Internet, USB memory, and CD-DVD discs. Email files can also contain malware or content of email can be link that lead user to infected file. According to Kaspersky Systems during the last year, 10.18% of Internet user devices worldwide experienced at least one malware attack, they blocked 666,809,967 attacks all around world. About 350.000 malwares are detected everyday according to AV-Test Institute. Google report that detects 50 malware infected sites every week.


Some categories of malware are:

Viruses are a kind of self-replicating software that can slow down or cripple systems and destroy or modify data.

Spyware is malware software that spies users' activity on digital device in order to steal passwords, online banking credentials, and other personal information. It is created to save all typed data on device sends it back to a cyberthief.

Adware displays annoying pop-up ads.

Scareware imitate antivirus or anti-spyware software, saying a computer has been infected, then encouraging users to download (and pay for) a fake security solution. The downloaded software is usually spyware.

Botnets are network of infected devices used for illegal activities, such as sending spam emails or "denial of service" attacks to other users.

What are risks?

  • Data on device can get corrupted some of malware is designed to make data unusable

  • Using malware attackers can get some sensitive data like bank accounts or social platforms accounts that can be stored on device. That can lead to financial lost and damage user reputation.

  • Device user can become victim of fraud; malware can mislead user to enter credit card that can lead to financial losses

  • Malware can be designed do impact device performance significantly.

  • Digital device can start to do illegal activities such as sending spam email with malicious content.

What device user can do to prevent?

1. Using antivirus software

Anti-virus and antispyware software guard digital devices against malware and other threats. It is not just for computes – it can be also installed it on smartphones and tablets and other digital devices. Digital device user should scan device weekly with antivirus software. Anti-virus software cannot protect against every threat, but it will detect and remove most of them. To achieve best possible protection from this kind of software user must do updates to software, because every day new malwares are created.

2. Operating system updates

These updates fix security issues and add new features. Device owner should install updates when is prompted to, or enable automatic updates if device have. Updates often happen automatically in the background — but not always. So, good practice is to check regularly for updates and make sure that device software has them.

3. Keeping digital device software up to date

It is important that user systems do not run on outdated software. Software updates are the general maintenance of device software. They include patching vulnerabilities and guarding against new-found cyber threats.

4.Be careful when downloading apps

Device user should always make sure that he trusts the softer provider and download the app from the Google Play Store, Apple’s App Store, or other trusted source, as they proactively remove known malicious apps to protect their users. 

5.Use firewall

A firewall is a network security system that filtering traffic and blocking outsiders from gaining unauthorized access to the device. Most of digital devices have firewall software in them. If digital device is infected with malware that wish to send or receive data from network, firewall will block that communication and protect device from unauthorized access to device digital content.

6.Email threat

Email virus can be distributed in email messages, and this code can be activated when a user opens an email attachment, clicks on a link in an email message, or interacts in a totally different way with the infected email message. User should not download files in email that comes from unknown sender addresses.

7. Practice Safe Browsing

Device user should be aware of threads and risk that exist online. Modern day web has billion of sites, every site could have malware. Cybercriminals use attractive content as bait. They know people are sometimes tempted by dubious content and may let their guard down when searching for it. The Internet's world is filled with traps, where one careless click could expose personal data or infect digital device with malware. By resisting temptation, user don’t even give the cybercriminals a chance to attack device. Paying attention during surf on web can contribute significantly to protect data and system.

Irresponsible user behavior on Internet, caring a risk to infect system and data with malware of to become victim of online fraud which can lead to financial loss.

Protecting data and content

Data protection is the process of safeguarding important information from corruption, compromise, or loss.

The first line of defense in protecting digital device data is device user. Learn about new threats, stay current and take the necessary precautions to keep device data safe. No matter if device is stolen, lost or it is attacked by some malware data and privacy of data on digital device should be protected. Both physical protection and system protection should give device some level of protection of data and privacy of data. But securing data and content is user job.

What device user can do to prevent achieve better protection of data and privacy of data?

1. Using backups

Even if device get stolen or data get corrupted by some malwares that does not mean that user lost all data from device. Backing up device data is one way to do something about it and be sure that device data will not be compromised. On that way device user will be relieved to know that his data is safe, elsewhere. Regular backups are the best way not to lose device data.

Malware can damage or destroy files, with that in mind device user should consider of backing up important data on external memory such as USB memory or DVD disc. Cloud base service can be choice to backup data, but device user should not keep sensitive data and files on cloud base backup because even cloud system can be compromised.

2. Privacy settings

Default configurations of many digital devices and software on them have default settings often geared more toward ease-of-use and extra features rather than securing device to protect data. This gives device user the freedom to know how much and what kind of information is shared with others. Device user should always choose the least amount of data sharing with other users and social network.

3. Protect data privacy with password or encryption

Files that are encrypted have been altered using a secret code and are unreadable to unauthorized parties. Most of digital devices allow encryption of data , that gives device data another layer of protection. In addition to that programs like Word and Excel have option to password protect files that assure maximum privacy of files.

Activity: True or false

  1. Using strong password on digital device will slow down or prevent thieves to access. TRUE

  2. Malware files cannot corrupt device data. FALSE.

  3. Downloading software from trusted provider will reduce chance to infect device with malware. TRUE

Questions for a test.

  1. Choose the incorrect sentence:

    1. Modern digital devices cannot be infected with malware.

    2. Using antivirus will give user device layer of protection again malwares.

    3. Firewall will block unwanted communication with internet.

  2. What is purpose of operating system updates:

    1. Updates fix security issues and add new features

    2. Updates should never be applied.

    3. Using updates can infect digital device with malware.

References:

https://security.berkeley.edu/device-physical-security-guideline

https://go.kaspersky.com/rs/802-IJN-240/images/KSB_statistics_2020_en.pdf

https://www.av-test.org/de/statistiken/malware/

https://techservices.illinois.edu/content/protect-your-device-physically-and-digitally

In a time where companies, celebrities, and even governments are coming under cyber-attacks, getting hacked might seem inevitable. But according to former NSA hacker David Kennedy, there are steps you can take to prevent it from happening to you. Kennedy shares his five must-do tips for protecting yourself from hackers.

  

  

Modifié le: vendredi 10 décembre 2021, 16:49