Unlike conventional household items, you can't just switch on a smart device and forget it; you'll need to check a few simple things to protect yourself.
Although devices such as smartphones, tablets and laptops are getting more and more secure, hackers are getting better at attacking them too.
So if you've just received a new device for Christmas, or haven't looked at your security settings for a while, you should take some time to make sure you're protected against the latest threats.
Fortunately, most manufacturers provide easy-to-use guidance on how to secure your devices.
We've provided some links to their guidance below. We recommend you take some time to go through these guides* every few months, or when you get a new device, to make sure you're protected.
* (links lead to the relevant external websites)
In addition to the above links, here are 6 tips to help you secure your information after purchasing a new device.
1. Setting up your device
Before you buy, check reviews of the product and the manufacturer. For information about how to set up a specific device, refer to the manufacturer's documentation. This may be a printed manual or 'getting started' guide that came with the device, on the manufacturer's website (check the Support area first), or within the app itself.
Some smart devices will work without being connected to the internet. Others may need an internet connection, a smartphone app, or for you to create an account. Again, check their website for details.
2. Check the default settings
Some devices may be insecure when they are first switched on, so you'll need to take some quick steps to protect yourself.
If the device comes with a password that looks easily guessable (for example admin or 00000), change it.
Easily guessable passwords can be discovered by cyber criminals, so make sure you choose a secure one.
3. Managing your account
If the device or app offers two-factor authentication (2FA), turn it on. 2FA provides a way of 'double checking' that you really are the person you are claiming to be, and makes it much harder for criminals to access your online accounts, even if they know your password.
Some products can be controlled when you’re away from your home Wi-Fi, by creating an online account linked to your device. You can also often back up your settings and data, so you can recover them if you need to wipe your device. However, accessing your device like this can make it easier for other people online to access them without your permission, so make sure you have changed default passwords and enabled 2FA if available.
4. Keeping your device updated
As with your computers and smartphones, installing software updates promptly helps keep your devices secure. For each of your smart devices, you should:
switch on the option to install automatic updates (if available)
install any manual updates when prompted
make sure your device's operating system is up to date
Talk to our Trusted Partners and boost your cyber defences through the Government-backed Cyber Essentials scheme
5. If something goes wrong
If you become aware of an incident that's been reported and you think your device is affected:
visit the manufacturer's website to see if there's information available on what you should do
check the National Cyber Security Centre and the Information Commissioner’s Office for advice
if you think someone has malicious control/access of a device in your home, you should perform a factory reset.
6. Getting rid of your device
If you decide to sell, or give your device to someone else, you should first perform a factory reset. This will return the device to its original settings, and should also remove all your personal data from the device. Check your manufacturer's website if you need to find out how to perform a reset.
The contents of this blog provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.
EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.