Security

Keeping your gadgets safe and secure

Tips for keeping your IoT gadgets and personal data safe and secure, from Cocoons expert security team
Cocoon Labs

Most of us are now connected through our phones and gadgets from the moment we wake up to the moment we fall asleep. We’re constantly sharing personal data, so it’s important to be savvy and secure in how we use our gadgets.

It’s no use being over cautious, or the real value of the technology is lost – imagine being so worried about your phone being hacked, that you never use the messaging apps? Instead, it’s about being smart with your gadgets.

Technology is fun and useful but is also a portal into a huge amount of your personal data. Our security experts have compiled 5 simple tips for keeping your gadgets safe and secure.

Install the latest software and app updates

Don’t ignore the push notifications suggesting you update your phone software or the apps you have installed. If possible, set them to happen automatically in your phone settings.

They’re important, often containing vital security updates to protect your devices from the latest viruses and hackers. As viruses and hackers are always evolving, so must the technology you use. Last year’s apps will be nowhere near as secure as last week’s when it comes to keeping your data and devices safe.

Reputable companies like Cocoon regularly push updates to your devices and apps, these help ensure that you’re as well protected as possible. Cocoon’s team of security experts are frequently updating our technology, it ties to our mission of making it easy for you to feel safe. The updates aim to give you the same peace of mind that our home security device does.

Use new and robust passwords

We all know that having decent passwords is key to staying secure when using connected devices, phones and online services, yet many of us use the same password for everything. We’ve written about easy ways to make your passwords more secure before but the key thing is to avoid repeatedly using the same password, which is why we recommend using a password manager.

Two-factor authentication will really help to boost your online security too.

It is bad practice but some gadgets come with a default username and password. This is despite the fact it’s one of the leading points in the UK Government’s IoT security guidelines. It is important that you have unique passwords for your key accounts, including your bank accounts, email and connected home gadgets.

John Berthels, our Head of Software, says: “Default user/passwords on devices are a wide-open gate, defeating any other security you may have.  Attackers will work off lists of known user/password pairs, either logging straight in (after fingerprinting your device) or simply try them all.”

“Higher-quality devices (like Cocoon) won’t ship with default logins (or any logins at all!). Whenever you buy a new device you should check for this, always setting a strong password. You also need to check for this any time you reset a device.”

Secure your devices with a screen lock

Your phone is often the key to your data and other gadgets, so it’s important it stays secure. Screen locks provide an extra layer of security to your device. They mean that someone can’t pick it up and immediately have access, instead needing to enter a PIN, pattern, password or fingerprint.

While most modern multi-camera facial recognition systems are reasonably secure (requiring elaborate tricks to bypass them), the earlier systems found on some Android phones can be fooled with a simple photo of you. Something often found in the wallet you’ve lost along with your phone. John and Nick instead recommend using a fingerprint lock or pin code longer than 4 numbers. While not unbreakable, these methods are much harder to trick!

Be careful when using public Wi-Fi

Public Wi-Fi networks pose an increased risk due to the fact anybody can use them, including hackers and criminals. Look out for duplicate hot-spots, particularly at airports, designed to trick you into connecting. If unsure, it’s always best to ask a member of staff what the official Wi-Fi address is. Wherever you are, if connecting to a public Wi-Fi, we recommend you avoid transferring any sensitive information (such as card details) while connected to public WiFi. If you’re just browsing a few simple things can keep you secure.

According to John, it’s not always easy to check if a site is secure. Modern browsers are getting better at making it easier, here are two key things he suggests you look out for:  

  1. “Be careful of HTTP websites, as any data you share on them could be intercepted. Check that every page on the sites you visit has a URL that opens with HTTPS. That “S” is important, it stands for secure. Most browsers illustrate this by showing a small padlock in the URL bar (see the image below).”
  2. “Is the site name what you expect? Does the website address show what you think it should? Be careful, anyone on the internet can set up a secure site, so you may be expecting “https://login.appple.com” but actually, be directed to “https://apple-login.badguy.com“. See the problem? Rogue Wi-Fi hotspots can also be set up to redirect you to similar but malicious websites. Whenever using an internet connection other than your own, double check URLs.”

https secure url in browser example

Nick Gregory, our Data Security Expert, also recommends “installing a low cost but trusted VPN (Virtual Private Network) app. This will give you a secure way to get online even if using a public WiFi spot. There are a few in-browser VPNs you can try too.” TechRadar has compiled a list of the best free VPNs, give them a try to browse safely on public WiFi

Delete old data and accounts

How often do you enter your details into a website or app when signing up or accessing something? That’s a lot of your data, all of which you’ve consented to share. With GDPR entering European law in May 2018, managing your data should get much easier. Even with GDPR it’s still worth keeping track of what is out there about you. You can then remove your information from sites you no longer use.

We recently discovered a smart tool to manage this. Deseat.me allows you to remove any data that’s old and you no longer want to share.

You can read all about deseatme, and how it deletes your old data, here.