Data is now considered the gold of the 21st century. Why is that?
On the one hand, because it can be collected and analyzed by companies more or less legally and then sold on for a lot of money. On the other hand, they serve as a basis for the development of products and services, as well as for their optimization. Since we now store our data almost exclusively electronically, our electronic devices are a relatively easy target for criminals without appropriate security measures. These in turn use data to extort ransom, resell it or use it themselves for product development. This can have unpleasant or even life- and existence-threatening consequences in both the private and business live.
However, the security of devices on which our data is stored or software we use is not necessarily the focus of manufacturers. The focus is usually on user-friendliness or on collecting as much data as possible, which in turn is used for various purposes of which users are often unaware (for example, https://threatpost.com/facebook-ios-tracks-anything/180395/, opens an external URL in a new window). The increasing computing power and storage capacity of mobile devices also tempt us to carry all the data we potentially need with us on our mobile companion. If the device is also used to access corporate data, the potential for damage in the event of loss or theft increases considerably. Also, the various applications (apps) that are installed are sometimes a threat to the security of data stored on the device. Often these applications send data to service providers on the Internet without the users being aware of it.
That is why it is so important to protect our data. Both in the private live and especially in the work sphere. But where to start? You often have better things to do than to get lost in security settings.
To make life a little easier for you in terms of IT security, I will now publish the IT security tip of the month here once a month. I'll explain in a nutshell (and always with instructions) what measures you can take to secure the devices you use in order to protect the data processed on them in the best possible way.
But what to start with to keep our data safe?
First step: Encryption
Imagine you arrive at the Wien Meidling train station by train in the morning. When you get off the train, there is - as is very often the case - a dense crowd. When you want to pay for your coffee and croissant at the bakery in the station hall you notice that your wallet, your tablet and your smartphone are no longer in your backpack. Very unpleasant for you, but possibly also for TU Wien! Because on your tablet as well as on your smartphone you might check your work emails and on the tablet you synchronize all cloud shares where you edit important research results and correct exams. Data, the disclosure of which can become very unpleasant for the TU Wien.
That is why all our devices should be protected with hard disk encryption. Once a PC, laptop or smartphone is encrypted, the information stored on it can only be accessed again if the correct passwords are known.
Newer smartphones (iOS and Android) are encrypted by default.
Apple computers are equipped with an encryption technology called FileVault by default. Instructions on how to enable it can be found at the following link: https://support.apple.com/de-de/guide/mac-help/mh11785/mac, opens an external URL in a new window.
To protect the built-in hard drive of Windows 10 computers from unauthorized access, the so-called "Bitlocker technology" can be used. This is integrated in Windows 10 by default.
To do this, enter the term BitLocker in the search field at the bottom left (see picture one).
This will take them to the "BitLocker Management". There you click on "Activate BitLocker". This encrypts the hard drive and any information is now stored on the device with appropriate security. Thieves can no longer access the files - provided you use a secure password for your computer (you can learn how to create secure passwords here: https://colab.tuwien.ac.at/x/PHD1AQ, opens an external URL in a new window).
The screenshot below (picture 2) shows the optimal configuration:
By the way, this usually works for external hard drives as well. If you store sensitive data there, you should definitely encrypt them as well.
Mobile devices issued by TU.it, opens an external URL in a new window (can be found here: https://www.it.tuwien.ac.at/services/arbeitsplatzunterstuetzung/tuclient/tunotebook, opens in new window) are encrypted by default.
Feel free to leave questions and suggestions at coLab under https://colab.tuwien.ac.at/x/UoB5Bw in the comments. I will be happy to address them.