Did you know that a 2022 survey of adults in the United States revealed that 200 million respondents intended to buy electronic products as gifts for the winter holidays? Popular items on shoppers’ lists included smartphones, tablets, headphones, and other trending accessories. With the 2024 holiday season upon us it is likely that even more technology will be gifted this year, and you too might be tempted by the latest deals, must-have gadgets, and curated wish lists. However, as Katarina Zotovic shares in her guide below, these devices can also be a gateway for cyber risks if not set up securely.
As you shop and set up your new tech, it’s crucial to remember that one of the leading causes of security breaches is human error. Often, tech users are simply unaware of the inherent cyber risks, causing them to not properly configure their devices and accounts. To help you safeguard your new smartphone, tablet or computer, we’ve compiled key proactive measures below. These setup and configuration tips also apply to other gadgets, many of which have similar features. Additionally, we suggest these recommendations be used to revisit the security settings of your current devices to ensure they are securely configured.
For families, we have included a special section on additional safeguards for devices and accounts used by children. Whether they’re streaming kids’ shows or navigating social media, young users should remain a priority when protecting digital experiences. Follow the steps below to ensure every device in your household is secure this holiday season.
Smartphones/tablets
Smartphones and tablets function similarly when it comes to security configurations. We have detailed below the importance of each security feature, and how to configure them for Apple and Android devices; however, please note that this may vary depending on the version installed on your device.
Use a strong passcode and prioritise biometrics
Why: A strong passcode is the first line of defence against unauthorised access. Many breaches happen simply because devices are left unsecured or use easy-to-guess passwords (e.g., ‘1234’ or ‘0000’, or the user’s date of birth). For children’s devices, a secure password not only protects against unintended purchases or exposure to harmful content, but also protects any linked accounts (such as your iCloud account or email) that are connected to the devices.
How: Choose a passcode at least six digits long, or better yet, use an alphanumeric password. Once this is set, opt for biometric authentication (fingerprint or facial recognition) when available, as it provides additional security while remaining convenient.
Ensure auto-lock is turned on and set for the shortest duration (usually 30 seconds)
Why: Auto-lock minimises the window of opportunity for unauthorised access if your device is lost or left unattended.
How: iOS: Settings > Display & Brightness > Auto-Lock
Android: Settings > Display > Screen Timeout
If 30 seconds is considered to be inconvenient, you can select a longer duration; however we recommend you configure this to be as low as practically possible for you.
Enable two-factor authentication (2FA) for your linked accounts (e.g., Google, Apple ID)
Why: 2FA adds an extra layer of security by requiring a second verification step, such as a one-time passcode (OTP) and/or biometric input, even if someone does gain knowledge of your password.
How: AppleID: Settings > [Your Name] > Sign-In & Security > Two-Factor Authentication
Google: myaccount.google.com/security > Enable 2FA
Enable automatic updates for applications
Why: Updates often include patches for security vulnerabilities. Keeping apps up to date ensures they are running the most secure and stable version.
How: iOS: Settings > App Store > Toggle on App Updates
Android: Google Play Store > Settings > Network Preferences > Auto-Update Apps
Disable auto-connecting to wi-fi networks
Why: Automatically connecting to open Wi-Fi networks can expose your device to risks like cyber attacks or malicious hotspots.
How: iOS: Settings > Wi-Fi > Auto-Join Hotspots > Toggle off
Android: Settings > Network & Internet > Wi-Fi Preferences > Disable Connect to Public Networks
Set up ‘FindMy’ to facilitate locating device or remote locking/wiping
Why: If your device is lost or stolen, these services allow for tracking, remote locking, or remote wiping the device to prevent misuse
How: iOS: Settings > [Your Name] > Find My iPhone > Enable all options
Android: Settings > Security > Find My Device > Enable
Turn off location sharing, and only enable for applications that require it
Why: Sharing your location for all applications can compromise your privacy, while limiting location access reduces the risk of location-based tracking or profiling.
How: iOS: Settings > Privacy & Security > Location Services > Select While Using the App for apps that may require it (e.g., Maps, Weather, Deliveroo) or Never for apps that don’t need location data
Android: Settings > Location > Adjust permissions for individual apps
Limit notifications so that no sensitive content can be seen on a locked screen
Why: Notifications on a locked screen can reveal sensitive information, such as OTPs, emails, or private messages, to anyone who picks up your device.
How: iOS: Settings > Notifications > [App] > Set Show Previews to When Unlocked or Never depending on the application and your preferences
Android: Settings > Notifications > Lock Screen Notifications > Select to hide content or only show alerts for specific applications
Computers
Use a strong password (even for a child’s device) and prioritise biometrics
Why: A strong password prevents unauthorised access, whether from casual misuse or deliberate attempts. Biometrics (fingerprint or facial recognition) add an additional layer of convenience and security. Biometric sign-in negates the need for children to remember complex passwords.
How: Windows: Settings > Accounts > Sign-In Options > Set up strong password and biometric login
MacOS: System Preferences > Touch ID & password > Enable biometrics
Ensure auto-lock is turned on and put for the smallest amount of time (usually 30 seconds)
Why: Auto-lock secures your computer when unattended, reducing the risk of unauthorised access.
How: Windows: Settings > Personalisation > Lock Screen > Screen Timeout Settings
MacOS: System Preferences > Security & Privacy > General > Set short timeout
Enable automatic updates for software
Why: Automatic updates ensure your system has the latest security patches, fixes, and improvements, protecting against vulnerabilities.
How: Windows: Settings > Update & Security > Windows Update > Enable automatic updates
MacOS: System Preferences > Software Update > Enable automatic updates
Check full-disk encryption is enabled
Why: Full-disk encryption protects your data by making it unreadable without proper credentials, even if the computer is stolen. For Windows 11 devices from October 2024, and for MacOS devices with M1 and M2 chips, this should be enabled by default.
How: Windows: Control Panel > System and Security > BitLocker Drive Encryption
MacOS: System Preferences > Security & Privacy > FileVault
Ensure the built-in firewall is enabled
Why: A firewall helps block unauthorised access to your computer while allowing safe internet traffic to flow.
How: Windows: Control Panel > System and Security > Windows Defender Firewall
MacOS: System Preferences > Security & Privacy > Firewall
Prioritise use of a standard account (not an administrator account) for daily tasks
Why: Using a standard account minimises the risk of unauthorised changes or malware installations, as administrative privileges are required for significant actions.
How: Windows: Settings > Accounts > Family & Other Users > Create/Switch to standard account
MacOS: System Preferences > Users & Groups > Manage account roles
Set up guest accounts with limited-access for any additional users, such as children
Why: Guest accounts provide limited access to your computer, ensuring that sensitive data and system settings remain secure.
How: Windows: Settings > Accounts > Family & Other Users > Create Guest Account
MacOS: System Preferences > Users & Groups > Enable Guest User account with restrictions
Install reputable antivirus software
Why: Antivirus software protects against malicious software, phishing attacks, and other security threats. It is a common misconception that Mac devices don’t require antivirus software; however, they are still targets of malware and cyber threats.
How: Choose a trusted antivirus like Bitdefender, Norton, or Kaspersky etc. Download directly from the official website, and schedule regular scans. Make sure to keep the software updated so that, as new threats emerge or vulnerabilities are identified, your software remains up-to-date in detecting these risks.
Set controls on camera and microphone access
Why: Controlling application access to your camera and microphone protects your privacy from unauthorised or malicious use. Certain malicious actors may ‘tap’ into your device’s camera or microphone to record actions and speech. This is particularly concerning on device’s used by children.
How: Windows: Settings > Privacy > Camera and Microphone > Adjust permissions per application
MacOS: System Preferences > Security & Privacy > Privacy > Modify permissions for Camera and Microphone access
Enable ‘Find My’
Why: If your computer is lost or stolen, this feature allows you to track it or remotely lock/wipe the data.
How: Windows: Settings > Update & Security > Find My Device > Enable
MacOS: System Preferences > Apple ID > iCloud > Enable Find My Mac
Children’s devices
The recommendations above should be configured for all devices, but if you are setting up a device for children, consider the following additional safeguards. These are targeted towards tablets, which children more regularly use; however, similar features are available on laptop devices.
Outside of the devices themselves, many streaming services (e.g., Netflix, Disney+, YouTube) have built-in parental controls and account settings which can be set to restrict content by rating or category.
Parental controls
Why: Parental controls allow you to monitor and manage what your child can access on their devices, creating
a safer online experience.
How: iOS: Use Screen Time to set daily limits for specific apps/app categories, block explicit content,
monitor activity reports to understand usage habits
Android: Use Google Family Link to set screen time limits and daily usage caps, approve/block app downloads, lock devices remotely when it’s time for a break
Child-friendly accounts
Why: A child-specific account creates a controlled environment with age-appropriate settings, ensuring limited exposure to inappropriate content.
How: iOS: Create a family sharing group where children’s AppleIDs are linked to a parent’s account; this allows for monitoring any purchases, downloads, and app usage.
Android: Create a supervised Google account for children which allows parents to manage app usage, content settings, and activity reports. Android devices also offer Google Kids Space which requires a Google Account password in order to exist the kid-friendly tablet environment.
Disable In-App purchases
Why: Children might unknowingly make in-app purchases that lead to unexpected expenses or expose sensitive payment information.
How: iOS: Settings > Screen Time > Content & Privacy Restrictions > iTunes & App Sore Purchases > Set In-App Purchases to Don’t Allow
Android: Google Play Store > Profile Icon > Settings > Authentication > Require Authentication for Purchases > For All Purchases
If you add any payment methods to a child’s device, consider making it a prepaid or child-specific payment method that limits spending abilities, such as linking gift cards instead of credit cards.
Restrict App downloads
Why: Restricting app downloads ensures that children do not install inappropriate or unsafe applications without parental approval.
How: iOS: Settings > Screen Time > Content & Privacy Restrictions > Restrict Installing Apps
Android: Google Play Store > Family Settings > Enable Parental Approval for App Purchases
Set all application accounts to Private
Why: A private account ensures that only approved followers or friends can view posts and interact with your child, reducing exposure to strangers and potential predators.
How: Instagram : Settings > Privacy > Account Privacy
TikTok: Settings > Privacy > Private Account
Profile > Menu > Settings and Privacy > Content Preferences > Restricted Mode
Snapchat: Settings > Privacy Controls > Adjust Contact Me, See My Location, View My Story, Family Center and other relevant settings
Enable content filters/restricted mode
Why: Content filters block explicit or harmful material, creating a safer browsing and viewing experience for children.
How: Web browsers: Use built-in parental controls in Chrome or Safari, for example, to block explicit sites.
YouTube Restricted Mode: Settings > General > Restricted Mode > Enable
Use third-party management tools
Why: Third-party management tools and social media monitoring help parents track online activity, flag potential risks, and foster safer digital habits for minors. This should be used proportionately and responsibly, ensuring they support healthy boundaries and respect privacy while maintaining open communication and trust within the family.
How: Consider third-party content filtering software like Qustodio, Net Nanny, or Norton Family. Enable alerts to the parent’s device for account creations or suspicious activity.
As we embrace the convenience and connectivity of modern technology, taking the time to secure our devices is essential. By following the steps outlined above, you can significantly reduce the risks of to your sensitive data, unauthorised access to your devices, and other common cyber threats. Remember, security isn’t just about safeguarding information, it’s about protecting your family’s privacy and peace of mind. For devices used by children, extra precautions can provide a safe and enriching digital experience tailored to their needs. Whether setting up a new gadget or revisiting the configuration of an old one, proactive measures today can save you from potential challenges tomorrow.
