11 security steps to take after unboxing your new devices

You’ve unboxed that brand-new device. It might be a smartphone, laptop, smart watch, smart TV, or another tech gadget — it doesn’t matter. You’re happy to have it, so enjoy the moment. Then start thinking about security and privacy.

New internet-connected devices can make you vulnerable by exposing cracks in your home network that could allow cybercriminals to enter. That’s why it’s a good idea to take steps to help maintain your security and online privacy when you get a new device.

Before your new tech gadget becomes part of your day-to-day life, here’s what you need to know.

How do new devices create privacy and security risks?

A lot of those new devices are part of the Internet of Things — IoT, for short. They can connect to the internet and to each other on your home network. They’re designed, in part, to make your life more convenient.

Here’s a sample of IoT devices:

• Wearables: This includes smart watches and activity trackers. They may share data about your health and location.
  
• Monitors: Baby monitors, security cameras, and webcams are included on the list. They may show what’s going on inside and outside of your home.
• Home products: This includes things like smart thermostats and voice-activated speakers. When activated, they could divulge details about your home activities.

IoT devices can also leave you vulnerable because they’re connected to the internet and may be connected with each other on your home network.

That connectivity could provide entry points for cybercriminals to introduce security threats into your home such malware, viruses, ransomware, and spyware. 

Hackers might use malicious software to gain control over your computer and other devices. That could enable them to access your personal data.

Or they might spy on you and gather sensitive information. That sensitive data could be used to commit identity theft and other online frauds.

That’s why it makes sense to take steps to secure those new devices right out of the box.

11 security steps for new device owners

You might be eager to activate your new devices and connect them to your home network. Start by setting them up as securely as you can.

You might have a new iPhone, iPad, Android tablet, or other device. Different devices may require varying steps, but the main security points should be the same.

Here’s a checklist of 11 security steps you should consider.

1. Secure your home Wi-Fi network.

Before letting your new devices connect to your home network, make sure your home’s Wi-Fi router is secure with strong encryption. When using a device outside of your home, avoid unsecure public Wi-Fi. If you must use it, consider setting up an extra layer of protection with a virtual private network, or VPN.

2. Set up Touch ID or Face ID.

These functions combine one-touch or face-enabled access with biometric security to give you strong protection.

3. Use two-factor authentication (2FA) or multi-factor authentication.

Traditional passwords no longer provide the best protection. If you have an Apple device that uses iOS 9 or OS X El Capitan or later, you’ll have access to two-factor authentication.

When enabled, 2FA can give the identity-verification process a second layer of security with the biometric authentication of your fingerprint or facial biometrics.

4. Create strong passcodes.

Many internet-connected devices have default passwords set up, but many of those passwords could be accessed by anyone online.

It’s important to create a new, strong lock screen passcode as well as strong, unique passcodes for all of the applications and accounts you’ll use on your new device.

Here are some dos and don’ts to help you create strong passcodes.

• Don’t use any personal information.
• Don’t use your name, family members’ names, or any other identifying information.
• Don’t use real, easily guessed words.
• Do use a random combination of at least 12 special characters, numbers, and uppercase and lowercase letters. Or you can create a long passphrase — a string of words you’ll know but others would find hard to guess.
• Do create long, complex, and unique passwords.
• Do remember to change your passwords regularly.
• Don’t reuse passwords.
• Do use different passwords for different accounts.
• Don’t enter your passwords on another person’s computer or on networks that aren’t yours.
  
• Don’t share your passwords. If someone wants to use your computer, for instance, you can set them up as a guest user with a different, temporary password.
  

5. Consider using a password manager.

You can use a password manager to help create strong, more protected passcodes. A password manager can help keep your passwords organized and safe by storing them in an encrypted vault.

This vault stores one strong master password that gives you easy access to all of your accounts, while helping to maintain the privacy and security of your computer. 

6. Conduct a thorough review of your settings.

It’s a good idea to take a particularly close look at your privacy and security settings. Smart devices often come with default settings enabled that may benefit the manufacturer instead of you. Be sure to change any default settings that don’t provide the best security. This includes disabling any device features that you don’t need.

These privacy settings may include:

• Location services: Control which apps, if any, can access your location data.
• Contacts: Decide which apps can access your information.
• Photos: Restrict which apps can access your photos.
• Camera: Set which apps can access your camera.
• Microphone: Decide which apps can access your microphone.
  
• Accessibility: Set which apps can control your device.
• Analytics: Prevent the sharing of data on your use of apps.

7. Install reputable antivirus and security software; update it regularly.

Installing reputable device security software is important. You’ll also need to regularly update this software, along with your computer or device operating system. Setting automatic updates can help so you don’t forget. This will ensure you’re protected with the most up-to-date security patches, which fix vulnerabilities that might leave you open to hackers and threats like malware.

Security flaws — if not fixed — can let in threats like malware, allowing a hacker to gain control over your computer and access your personally identifiable information (PII). PII might include everything from your passwords to your bank account information and Social Security number. Cybercriminals might then use this PII to commit identity theft or financial fraud. They also could sell this information on the dark web for others to use.

8. Activate multi-layer firewall security.

Turning on a firewall can give you an additional layer of protection by helping to block unwanted inbound network connections and regulate app access to your network to keep out malware.

9. Do your due diligence before installing and when revisiting apps.

Be careful when installing apps and check what permissions they want. Avoid giving them permissions if not necessary. It’s important not to use any apps that override your operating system.

It’s also smart to perform a regular audit of your apps, because they could pose a security risk, drain your battery, and slow down your device. It’s also important to revisit apps and read the fine print, because their privacy policies may change.

Smart-watch apps, for example, may want to access your account information and geographical location. You may want to limit these disclosures.

Cybercriminals who hack into a device like your smartwatch could infect it with spyware. Then, when your smartwatch communicates with your smart-home technology, it could be exposing more information about your activities than you’re comfortable with.

Also consider a possibility where an IoT device like your smartwatch links to your mobile device, which then might connect to your company’s network. This could provide a door for cybercriminals to enter, leading to the exposure of confidential information.

10. Turn off your devices when not being used.

One of the easiest ways to make sure cybercriminals aren’t using your devices to find a vulnerability or a way in is to turn them off when you aren’t using them.

11. Do set up Find My iPad, iPhone, or App.

If you have an iPhone, iPad, or iPod Touch, you can set up Find My iPad, Find My iPhone, or the Find My App. These features would enable you to find and wipe your device if it’s stolen or lost.

Ready to go

New devices can add efficiency, convenience, and fun to your life. But before you put that new technology to work, it’s a good idea to make sure your smart home is secure and your devices are set up with online privacy and security in mind.