Last time we talked about two factor authentication, passcodes, and using the cloud. We’re not quite done yet as there are still a couple of places where we want to go that tie in. Next up, we’ll discuss device encryption and malware.
We can turn on device encryption. That scrambles the contents so that only someone logged in with the proper credentials can see the contents of the device. That means an authorized combination of user name and passcode. That’s where things can get interesting. Most encrypted devices include a protective action that returns your device to factory default after 10 failed attempts to log in. That includes wiping out apps and data. But, in most cases, that sets a low bar in several ways.
The login password is likely to be a relatively easy one to remember. We’re not likely going to have an alternative device to get into a password keeper before logging in. So guessing is also likely to be easier. At the same time, that password is used as the key for the encryption. That means that encryption is simpler than it would be with a longer, more complex passcode. The end result is easier to crack by an experienced hacker.
Along those same lines, we talked last time about using the cloud. Google Drive, iCloud, and Dropbox all use encryption both with the connection and for the files “at rest.” Microsoft encrypts OneDrive and Office365 connections, but only business users have an option to encrypt files on the server. To paraphrase George Orwell in his book 1984, all cloud services are equal, but some are more equal than others.
Viruses, Malware, and More
This one comes from Google itself. One of their security suggestions for users of Google Drive is to have all or most downloads go to your Drive. Then you can download from there. The reason for that suggestion is their built in anti-virus scanning, which is why I added “or most.” Files go onto your Google Drive “as is.” Google Drive will scan the file before it is shared or downloaded. If it has a “positive” for a virus, the file can’t be shared, downloaded (except by the owner), or converted to a Google Doc format of any kind. There is a 25 Mb limit to the size of files being scanned. Larger files will have a warning that they can’t be scanned. What about on your own devices?
If you’ve used a Windows PC, you’ve all read enough by now to know we want a firewall and anti-virus software, maybe some anti-malware software too. Then, we get to Linux, OS X, and our mobile devices. The “experts” vary widely in what they say we need. So, let’s clear that up a bit.
The tech gurus for each of those platforms suggest that the only viruses for them are all pretty much all in the labs. For now, that’s true. Much of what’s presently wreaking havoc is either malware or social engineering, relying on our temptation to click through if we’re prodded properly. So, we ought to be considering anti-malware software on every platform we use. Unfortunately, there’s no software that prevents us from making mistakes. For that, we just need to be more diligent. And, as we said, non-Windows viruses are pretty much still lab experiments. But look at what Apple has been using as an argument for not creating unlocking software for the FBI.
Apple says it’s likely that creating such software would eventually find its way into the wrong hands. That’s an interesting take on our society. Present reality with non-Windows viruses is that they’ve been in the lab a long time without being leaked. But look at the ever growing number and variety of Windows viruses. There will be a time when something in the lab ends up in the wild. So, what should we do now?
Yes, anti-virus, anti-malware, and firewall software are “must haves” for Windows. If you’re on Windows 10, Windows Defender has gotten very good and covers the virus and firewall protection. Otherwise, you’re going to need to add both. And we do need anti-malware protection, too.
Linux and OS X have available firewalls, anti-virus, and anti-malware software. Even though there are few active viruses for Linux, experts agree that both should be protected in all three ways. Better safe than sorry.
And what about our mobile OSes? Most anti-virus apps tout themselves as Internet security suites, including some firewall features. Good anti-malware apps include some virus protection. Because of the prevalence of malware, an anti-malware app is essential. Anti-virus apps have a reputation of putting a heavier load on battery life, but they’re getting better at that. So, with few viruses in the wild, you’ll need to figure out your priority for using an anti-virus app. Is it too soon to need one?
What are you using on your devices? Let us know in the comment section below or on Facebook, Google+, or Twitter.