TT Class 6- Device Maintenance and Security

This course will review the concepts for keeping your device up to date and secure to a standard level. Find additional info about scheduled system updates and backups, as well as antivirus and security concepts.
Remember that the first layer of computer security begins with you as the operator. The knowledge you have will support your ability to recognize and fight digital bad guys.

Session Goals

Learn about these system security concepts:

  • Identifying you system information
    • About your operating system
    • Checking for updates
    • Scheduled updates
  • About Viruses
    • Firewall
    • Antivirus
    • Identifying installed malware
    • Removing installed malware
  • Phishing concepts
    • Phishing example
    • MFA
  • Social Media Privacy
  • Browser Cookies
    • Incognito mode

About your device

Go into your system settings to learn about your device and its info.
Within a certain tab, you will find information about the hardware and the software installed on your machine, and often info about internet accounts linked and used to log in.

Device info

Here are some aspects of your computer you may be interested in:

  • Operating system- the core interface of your computer, often Windows, MacOS (OSX), ChromeOS or another Linux derivative
  • Hardware capabilities- this section contains details about the physical processing ability of the machine, as well as memory storage and battery, wifi and other peripherals
  • You can also use the system monitor or task manager to see an ongoing status update of currently-running processes.

System updates

Under your OS settings, you can find system updates and app updates- Each application typically handles its own installation separately and can give you a notification when a new version is published. It is important to keep your device and apps up to date because updates contain useful new features and security patches to repair newly discovered bugs.
How to update you system:

  • Open the system settings options and search for "update"
  • Follow the dialogs and prompts- A reboot may be recommended or necessary for the updates to activate.
  • Check a toggle or setting for automatic updates. Sometimes this will be set to a convenient time to automatically run if the machine is left running while you are not using it.
  • Firmware settings (updates for hardware communication layers) are also applied at a system-wide level and typically requires admin permissions to execute.

Software updates

Software updates are handled slightly differently depending on the app.

  • Most apps are able to sync to the internet to automatically check, download, and install a new version. Open the app, then find settings or preferences in the dropdown options.
  • Some apps can be managed by a type of app manager like Google Play or the AppStore. You can log in to your account in these store-apps to find the other related apps and manage them here.

Virus technology

The risk of a virus is inherent to any device which connects to any other device- even wirelessly.

What is a virus?

A computer virus is a type of malicious software (malware) that spreads from one device to another and can cause damage, steal data, or slow down the device.
Think of it like a real germ on your computer which infects and starts causing trouble - causing congestion or showing pop-up ads you didn’t ask for.

Identifying viruses

Here are signs you may have a virus or malware:

  • Your device runs slower than normal
  • You see pop-ups or ads you didn’t ask for
  • New apps or programs show up without you installing them
  • Your browser opens strange websites or redirects you
  • You get a message from your antivirus like “Malware detected”
  • You’re asked to “click here to fix it” or “download a patch”
    If you become wary of any of these signs, don’t click anything. Turn off and restart the device. Then, check your antivirus or contact your tech support for the next steps.
    In corporate settings, it is imperative to notify your team right away to prevent damage to valuable company documents and customer data.

Removing viruses

Using an installed antivirus program, follow these steps:

  1. Open the app
  2. Perform a system scan. You system will often do a light-scan on occasion, but you should do a full scan in this setting.
  3. Follow the prompts.
  4. The antivirus may find the infected files and offer to correct the issue. Follow the prompts.

Obtaining viruses (negative action)

People who create a computer virus don't publish it with a label that says it's a virus. They hide the bad code inside of something that people will want to download, like a game or movie. Viruses can also be attached with files in emails, or executed when those files are opened. Even official apps in your device's app store can contain poorly-written software causing unwanted behavior.

Social engineering

Social engineer is a branch of concepts where the bad actors will attempt to trick you into installing their virus.

Phishing

Phishing is a basic type of communication exploit, often via email, wherein the hacker will try to trick you into downloading those bad files using charged language and trigger-words.

Phishing email example

For example, a person may contact you via email stating that they are from your bank and they need your help to solve an urgent matter regarding your account balance.
It is possible that your account is in jeopardy, in which case you should go to the bank or log on to the real bank website.
The email is filled with words like "urgent" and "need help now" to cause you to forget the basics of internet safety and rush to provide help. This is part of the trick to disguise themselves without legitimacy.

Phishing identifiers

There are certain parts of a point of communication you can check to confirm if it is legit.

  • Look at the name and email address of the person who sent the message. Does it match what you are expecting to see?
  • Check for spelling and grammatical errors in the text.
  • Urgent words and words that trigger emotions will distract you from the scam.
  • Doublecheck links by hovering over them with the mouse (or tapping and holding on touchscreen) to confirm that the full URL has no typos and goes to the correct website.

Too-good-to-be-true

This is a concept that typically fits with scams- if the offer seems to good to be true, it usually is.
For example,

  • Games may promise certain rewards for specific actions, but they fail to deliver
  • An internet advertisement says you are the 100th visitor and a winner of a prize, but this website only collects and sells your personal data
  • On a download page, you might see a bright flashing button that says "DOWNLOAD NOW", but that is not the link for the real file you are looking for.

Social media

Your persona on the internet should be protected as well as your personal body in real life. Once information lands on the internet, it stays for a long time and is hard to remove.

Internet privacy

Check your profile privacy settings to understand who can see content on your profile.
In general, it is better to limit the visibility of your data to your friends group, or to not add personally identifiable information at all.

Social media scams

For example, if you post about your upcoming 2-week long cruise, then later post pics of yourself while on the cruise, a savvy burglar could take advantage of this time frame to clear out your house of valuables knowing that you are unable to stop it!

Cookies

Cookies are pieces of information saved on your computer and shared with websites as you visit them.
Cookies contain data related to you as a visitor, including:

  • Your account info, if you are logged in to the site
  • The language and timezone of your machine, to display legible content
  • A full shopping cart, if you have one
    Most websites will function just fine to operate with "necessary cookies only", and they will provide a popup notification when this option is available.

Incognito mode

Incognito mode, aka Private Browsing, is a session-layer obfuscation runtime modification which masks your regular browser cookies to websites you visit. This means your browser puts on a metaphorically funny hat and tricks the internet into thinking you are a new stranger in town.
Websites you visit will believe you are a fresh visitor- this is similar to the act of deleting all cookies and wiping the browser before visiting the website, but the special mode often has a few extra features, for example, it will not locally record your website history and won't save any new cookies that may be created.
Incognito mode is useful for visiting websites while having a more anonymous profile, or for preventing the tracking of your internet path.

  • Note that incognito mode is a local/client feature.
  • Other users on you network, such as the network administrator or the internet service provider, may be able to identify certain pieces of your network traffic, including the websites visited and at what time.