Keeping your personal devices safe
This is the second in our weekly security advisories during National Cyber Security Awareness Month. Last week we focused on protecting your accounts (through strong passwords and multifactor authentication). This week we're focused on steps you can take to keep your personal devices (computers, phones, tablets) safe.
If your devices are insecure (due to out-of-date or insecure software) then any other steps you take to protect your data could be for naught.
Avoiding out-of-date operating systems
Whether you are using a computer, phone, or tablet - you should always try to use an operating system (or OS) that is still receiving security updates. Each vendor stops supporting operating systems and/or devices after a period of time. When any vulnerabilities in the OS are discovered in the future - they won't be patched leaving your device, your data, and accounts on that device potentially vulnerable.
Note: This is general advice about how to keep your devices safe - SUNY New Paltz does not endorse any particular manufacturer or operating system and are unable to provide support for OS updates on personal devices.
Windows
As of January 2020 – Microsoft is no longer providing updates for Windows 7 (anything older than Windows 7 like Vista or XP hasn’t received updates for several years). If you are still using a Windows 7 device, you should look into upgrading to Windows 10. Note: The college is still in the process of upgrading office computers from Windows 7 to Windows 10 – but expect to have this completed by the Windows 7 end-of-support date.
MacOS (Apple's Desktop/Laptop Operating System)
The latest version of MacOS is Catalina (10.15), which was just released this month. Since it is just out you may want to wait a few weeks before updating to it (there are a few bugs which are causing issues for users at New Paltz and elsewhere).
To see whether or not your Apple computer can run Catalina – see: https://www.pocket-lint.com/laptops/news/apple/144725-macos-system-requirements. You should be running at least the Mojave version of MacOS (10.14) though.
Android
Updates for Google's Android operating system can be complex. Even if there are later versions of Android – it is up to each device manufacturer (and in some cases cell phone carrier) to provide updates. Some devices that you get brand new in the store will never have an update offered.
So what can you do? Google’s site shows how to find the update level of your device (https://support.google.com/android/answer/7680439?hl=en). If your device hasn’t had security patches in the last six months it’s something to be concerned about.
That being said, we understand that everyone isn’t going to always have the latest device. If you have an Android device with an older operating system, or lacking recent security updates, you should be cautious about installing apps (ensure any app you install is from a trusted source and is something you really need).
iPhone/iPad
Apple’s latest version of iOS (the operating system that runs the iPhone or iPad) is iOS 13. Apple is traditionally much better about providing updates (features & security) to older devices, so you can get iOS 13 on the iPhone 6S and any later version. Apple’s site has more on checking the iOS version on your phone at https://support.apple.com/en-us/HT201685.
Keeping critical software up-to-date
Updates aren't just about the OS - you want to make sure the applications you most use are up-to-date. This is especially true for the following:
- Web Browsers (Chrome, Firefox, etc.)
- Microsoft Office (if you have a version of Office older than Office 2016, you should update)
- PDF readers (especially Adobe Reader – which has been prone to a lot of security issues over time).
Avoiding software with security issues
If you still have Java or Adobe Flash installed on your personal computers – we recommend removing them (unless you have a critical need for them). Flash is still available in Google Chrome until the end of 2020 (and for now you have to enable it on a per-site basis). Java was heavily used in campus offices for the older version of the Banner system, but is rarely needed anymore to be installed on personal computers.
Aside from Java or Flash – be cautious about installing any new software on your personal devices. Before installing something – ask yourself the following:
- Do I need this?
- Do I trust the source?
- Does it ask for permissions that it doesn’t need (for example, flashlight apps asking for access to your camera, files, map, or contacts)? Note: permissions like this are shown on Android, iOS, and in some MacOS applications.