Personal Device Security Guides

Use Strong Passwords

Keeping your computer secure starts with a strong password. Follow our guidance on creating strong passwords for your device's administrator account.

Apply Updates

To update software downloaded from the App Store, choose Apple menu > App Store, then click Updates. If you have third party software, configure it to update automatically. To confirm update status of third party software, consider downloading Mac Informer from http://macdownload.informer.com/landing/.

Install Anti-Virus Software

Basic anti-virus features are included with your computer’s operating system. Make sure these are enabled and up to date. Many users will want to protect their computers with the enhanced protections provided by installing third-party security software.

View our guide on choosing anti-virus software for your personal computer.

Enable Application Firewall

  1. Choose System Preferences from the Apple menu.
  2. Click Security or Security & Privacy.
  3. Click the Firewall tab.
  4. Unlock the pane by clicking the lock in the lower-left corner and enter the administrator username and password.
  5. Click "Turn On Firewall" or "Start" to enable the firewall.

Encrypt your Hard Drive

FileVault provides encryption for MacOS. Follow these instructions to enable it. https://support.apple.com/en-us/HT204837

Disable Browser Password Storing

When a password is stored in a browser, it could be exposed to people or cyber criminals who have access to the computer. You can disable password storing by following this guide. https://support.1password.com/disable-browser-password-manager/

Lock your Screen

When you aren't at your computer, you should lock your screen. Go to the Apple menu and choose Lock Screen or press Command+Control+Q. To automatically lock the screen when the screen saver turns on, follow these steps.

  1. Choose System Preferences from the Apple menu, then click Security & Privacy.
  2. Click the General tab.
  3. Select the option to require password after sleep or screen saver begins.

Use Strong Passwords

Keeping your computer secure starts with a strong password. Follow our guidance on creating strong passwords for your device's administrator account.

Apply Updates

Automatic updates should be enabled for Windows. To confirm this, go to the Start button, then Settings->Update & Security-> Windows Update.

For software installed through the Microsoft Store, you can enable automatic updates by following these steps.

  1. Select the Start  screen, then select Microsoft Store.
  2. In Microsoft Store at the upper right, select the account menu (the three dots) and then select Settings.
  3. Under App updates, set Update apps automatically to On.

You should configure any third party software to install or notify you about updates. To confirm your software is up to date, consider using SUMo to notify you of missing updates.

Configure Anti-Virus Software and Firewall

Windows comes with Windows Security built-in. It includes anti-virus and firewall. You can customize how your device is protected with these Windows Security features. To access them, select Start  > Settings > Update & Security > Windows Security.

Many users will want to protect their computers with the enhanced protections provided by installing third-party security software. View our guide on choosing anti-virus software for your personal computer.

Encrypt your Hard Drive

Home versions of Windows do not offer hard disk encryption. If you have a professional versions of Windows, encryption is provided with Bitlocker. You can configure it by going to Control Panel > System and Security > Bitlocker Drive Encryption.

Disable Browser Password Storing

When a password is stored in a browser, it could be exposed to people or cyber criminals who have access to the computer. You can disable password storing by following this guide. https://support.1password.com/disable-browser-password-manager/

Lock your Screen

You can lock your computer screen by pressing Windows Key + L or by pressing Ctrl+Alt+Delete and choosing Lock.

To set your PC to lock automatically when the screen saver pops up go to Control Panel > Appearance & Personalization > Change screen saver and then check the box for On resume, display logon screen.

Set-up 

  1. Go to System Settings/Device (or My Device) and open Lock Screen. There are two settings here which you will need to enable.
  2. Under General (or More), open Security. You'll see an option to Encrypt Device.
  3. Run this process. It will protect the contents of your device if it is ever lost or stolen.  This process may take more than an hour, so you may want to let this process run overnight.
  4. Also under General (or More), you'll see About Device.  
  5. Open this, and then open Software Update.   If there is an option called Auto Update, turn it on.   This will notify you when there are patches for the device's operating system.  However, it will wait for permission to install them.

Use and Maintenance

Keep the Operating System (OS) up to date. 

Your device will notify you when there is an OS update available.  You should apply these settings promptly. 

Do not store confidential information on your device.

Level 4 information should not be stored on a mobile device.   Discourage the people you work with from sending such information to you via email or cloud services such as Dropbox or Box.

Think about the Apps you run

Before using an app for Harvard business, you should consider what information you will be providing to the app.  Do you know if it will be stored or transmitted appropriately?   If not, you should not use it for Harvard business.  

Loss or Disposal

If your device is lost or stolen, you should:

  1. Contact University Information Security.  Because the device was used for Harvard business, Harvard may need to report the loss if it contained confidential information.
  2. Log onto Android Device Manager and Enable Lock and Erase.  This will tell Google to send a signal to wipe your device, erasing all data. It can be restored from back-up.

If you intend to trade in, gift, or recycle your device you need to make sure that it doesn’t have contain confidential information, and that it cannot access your Harvard account or any of your personal accounts.  To do this:

  1. Go to System Settings/Backup and Reset. 
  2.  Select Factory Data Reset and follow the steps.

 

 

 

 

Set-up

  1. Go to Settings/Touch ID & Passcode.
  2. Select Enter Passcode.  You will be asked to set a PIN.
  3. Turn Erase Data to ON. This will automatically erase all data on your device if someone puts in the incorrect password 10 times.
  4. Turn on Updates under iTunes and App Store. Your apps will now download and install patches automatically.  

Use and Maintenance

Keep the Operating System (OS) up to date. 

Your device will notify you when there is an OS update available.  You should apply these settings promptly. 

Do not store sensitive information on your device. 

Level 4 information should not be stored on a mobile device.   Discourage the people you work with from sending such information to you via email or cloud services such as Dropbox or Box.

Think about the apps you run. 

Before using an app for Harvard business, you should consider what information you will be providing to the app.  Do you know if it will be stored or transmitted appropriately?   If not, you should not use it for Harvard business.  

Loss or Disposal

If your device is ever lost or stolen:

  1. Immediately change your Harvard password so your device can't be used to access your email or any of your Harvard accounts.
  2. Contact Harvard IT.  Because you have been using the device for Harvard business, Harvard may need to report the loss if it contained confidential information.
  3. From any web browser, log into iCloud and use the “Find My iPhone” tool; this will also work for iPads.  Use the Erase iPhone (or iPad) feature.  It can be later restored it from back-up.

If you intend to trade in, gift, or recycle your device, you need to make sure that it doesn’t have any confidential information on it, and that it cannot access your Harvard account or any of your personal accounts.  

  1. Go to Settings/General/Reset.
  2. Select Erase All Contents and Settings and follow the steps.