Personal Device Security Guide

Woman holding smartphone and using laptop on table with glasses and coffee cup

Follow the below tips for protecting personal devices and accounts.

Install anti-virus software

Research shows that home office networks are 3.5 times more likely than corporate networks to be infected by malware. Several anti-virus solutions are available for use on personal machines.

Duke is partnering with CrowdStrike to protect personal computers from viruses and malware.

CrowdStrike Falcon Prevent for Home Use for installation on home computers (Windows only).

The CrowdStrike Falcon Prevent for Home Use software is designed to be used alongside traditional anti-virus software. To this end, the Duke Security Offices currently recommend using one of many popular options such as:

Windows: Windows Defender Antivirus
Mac: Sophos Home

Run an up-to-date operating system

Manufacturers eventually stop providing updates, including security patches, to their older operating systems. Without security updates that address the latest threats, unsupported operating systems are a target of attackers. Other software, including anti-virus software, may not work effectively on devices with unsupported operating systems. Plan ahead to upgrade to an up-to-date operating system before it goes out of support.

You can track end of support dates for operating systems at https://endoflife.date

Devices running unsupported operating systems will be quarantined from the Duke University network, see Endpoint Device Security and Quarantining Practices.

Patch your system

Patching your computer is one of the most important ways to protect yourself online.

Windows: Windows users should turn on Windows Update and set it to download and install patches automatically.
Mac: For Mac OS X, patches are installed via the App Store, and the settings can be checked under System Preferences → App Store.

Patch your applications

In addition to patching your operating system, you should regularly check for updates to applications. Attackers can use vulnerabilities in browsers, and popular browser plugins like Adobe Flash and Java to take over your computer. There are programs out there that will automatically check for updates on your programs and applications.

Windows: Activate Microsoft Updates so that Office and other Microsoft updates are being applied. The Security Offices recommend Patch My PC Updater for your at-home Windows computers (you cannot use it on a Duke-owned device).
Mac: The Security Offices recommend Mac Update Desktop for Mac users.

Choose a long password or passphrase and protect it with 1Password

With so many breaches occurring, it's important to have long, different passwords for each site. See the Secure Access Guide for recommendations on passwords and password management.

Use multi-factor authentication

Multi-factor authentication, also referred to as advanced or two-factor authentication, provides an additional layer of security when logging in or performing transactions online.

Just as most Duke faculty and staff use Duke's multi-factor service to protect their Duke accounts, the Duke Security Offices recommend applying the same approach to personal accounts. Consider taking advantage of multi-factor services provided by online vendors such as Google, Facebook, Dropbox, Twitter, Instagram, Apple, Microsoft, and many more.

Enable Device tracking

Enable the ability to track and locate your personal devices, in case they are lost or stolen.

Apple: Set up Find My for all your Apple devices.
Microsoft: Set up Find my device for any Windows device, such as a PC, laptop, Surface or Surface Pen. This requires use of a Microsoft personal account.
Android: Google Find My Device requires installation of the Find My Device app.

Prey (http://preyproject.com/), is an open source anti-theft solution available for multiple platforms on various devices, that provides certain options should your device get stolen.

Limit Access

Set up different accounts for family members on shared computers. Many of us share a single computer with multiple family members. Microsoft and Apple make it easy to set up different accounts on the shared computer.

To prevent others from accessing your device, use a password-protected screensaver that starts after a period of inactivity.

Windows: Add or remove accounts on your PC; Change your screen saver settings

Mac: Set up users, guests, and groups; Use a screen saver on your Mac

Use the Duke Virtual Private Network

Use the VPN when accessing services remotely, especially when traveling. Remember that hotel and coffee shop networks are not secure.

Encrypt your devices

Visit our whole disk encryption page for suggestions to help encrypt personal machines.

Best Practices for use in research

Visit our best practices for use in research page for comprehensive guidelines on how to appropriately prepare your personal device for research use.

Reminder: Protect Duke Data

Sensitive data must be stored in Duke services that meet the minimum security requirements for Sensitive data. See Duke Services and Data Classification to select an appropriate Duke service for storing Duke data depending on the data classification.