Module 04
Keeping your phone, computer, and home network secure through updates, settings, and safe habits.
If there's one security habit that matters more than any other, it's this: keep your software up to date. Software updates aren't just about new features. They patch security vulnerabilities — specific weaknesses in code that attackers know how to exploit. When a vulnerability is discovered, the clock starts ticking. Attackers race to exploit it before people install the fix.
The WannaCry ransomware attack in 2017 is a perfect example. It infected more than 200,000 computers across 150 countries, locking people out of their files and demanding ransom payments. The attack exploited a vulnerability in Windows that Microsoft had already released a patch for — two months earlier. Every computer that had been updated was immune. Every computer that hadn't was a target.
This pattern repeats constantly. The vast majority of successful attacks exploit known vulnerabilities that already have patches available. Attackers count on the fact that people delay updates because they're inconvenient. Don't give them that advantage.
Your phone is likely the most personal device you own. It holds your email, bank accounts, photos, messages, location history, and more. If someone gains access to your unlocked phone, they have access to your entire digital life. Here's how to lock it down.
Set a PIN of at least 6 digits — not 4. Better yet, use biometric authentication (fingerprint or face recognition) for convenience combined with a strong PIN as backup. Avoid simple patterns and PINs like 123456, 000000, or your birth year. Your screen lock is the front door to everything on your phone.
Enable your phone's built-in tracking feature so you can locate, lock, or erase your phone remotely if it's lost or stolen.
If your phone is stolen, you can remotely lock it, display a message, or erase all data. This feature has saved countless people from having their personal information compromised after a phone theft.
Apps often request more permissions than they actually need. A flashlight app doesn't need access to your contacts. A photo editor doesn't need your location at all times. Periodically review what permissions your apps have and revoke anything that doesn't make sense.
Your computer likely stores years of documents, photos, financial records, and saved passwords. Modern operating systems come with strong built-in security tools — you just need to make sure they're turned on.
A firewall monitors incoming and outgoing network traffic and blocks suspicious connections. Both Windows and macOS include one — make sure yours is active.
You don't need to pay for antivirus software. Windows Defender (now called Microsoft Defender) is built into Windows and is genuinely effective — independent testing labs consistently rank it among the best antivirus products available. On macOS, XProtect runs silently in the background. The days when you needed to buy Norton or McAfee are over.
Make sure your built-in protection is enabled and scanning regularly. On Windows, open Windows Security and check that virus protection is active with real-time scanning turned on.
If your laptop is lost or stolen, full-disk encryption prevents anyone from reading your data — even if they remove the hard drive and connect it to another computer. Without encryption, your files are fully accessible to anyone with physical access to the device.
Create a standard (non-administrator) account for daily use and keep an admin account just for installing software. This way, if malware tries to install itself or make system changes, it'll be blocked because your daily account doesn't have permission. This one change can stop many types of malware from taking hold.
Your home router is the gateway between every device in your house and the internet. If an attacker gains access to your router, they can monitor your traffic, redirect you to fake websites, or use your network for illegal activity. Most routers ship with weak default settings that need to be changed.
Most routers come with a default administrator password like "admin," "password," or "1234." These defaults are publicly known — you can find lists of them on the internet for every router brand. Log into your router's settings page (usually by typing 192.168.1.1 or 192.168.0.1 into your browser) and change the admin password to something long and unique. This is the password to manage the router, which is separate from the WiFi password.
The default network name often includes the router's brand or model number (like "NETGEAR-5G" or "Linksys02847"). This tells anyone nearby exactly what router you're using, which helps them look up known vulnerabilities. Change it to something that doesn't identify you personally or reveal your hardware.
In your router's wireless security settings, use WPA3 if your router supports it. If not, use WPA2 (also called WPA2-PSK or WPA2-Personal). Never use WEP — it was cracked years ago and provides essentially no protection. If your router only supports WEP, it's time for a new router.
Most modern routers support creating a separate guest network. Use it for visitors and for smart home devices (smart speakers, security cameras, smart TVs). A guest network is isolated from your main network, which means a compromised smart device can't be used as a stepping stone to access your computer or phone.
Routers receive security updates just like computers and phones — but they don't always update automatically. Check your router's admin page every few months for firmware updates. Some newer routers (like Google Wifi or Eero) handle this automatically, but most traditional routers don't.
Coffee shops, airports, hotels, libraries — public WiFi is everywhere, and it's convenient. But public networks come with real risks. When you connect to a shared network, other people on that network can potentially see your traffic, intercept data you send, or set up fake networks designed to steal your information.
On an unprotected public network, an attacker can perform what's called a "man-in-the-middle" attack — positioning themselves between your device and the WiFi router to intercept the data passing between them. If you're logging into a website that doesn't use encryption (HTTPS), they can capture your username and password in plain text. Attackers can also create fake networks with names like "Starbucks_Free_WiFi" to trick people into connecting.
Ransomware attacks lock you out of your own files and demand payment — often thousands of dollars — for the key to unlock them. Hard drives fail without warning. Phones get lost or broken. Laptops get stolen. The only reliable protection against all of these scenarios is having a current backup of your data.
The gold standard for backups is the 3-2-1 rule: keep 3 copies of your data, on 2 different types of storage, with 1 copy offsite. This sounds complicated, but it's actually straightforward:
Cloud backup is the easiest way to keep an offsite copy of your data. Most phone and computer platforms offer integrated cloud backup:
An external hard drive provides a fast, local backup that doesn't depend on internet access. A 1TB external drive costs roughly $50 and can store years of documents and photos. Plug it in, set up automatic backup, and store it somewhere safe. On Mac, Time Machine makes this almost effortless. On Windows, use File History or the built-in Backup feature.
A backup you've never tested is a backup you can't trust. Periodically verify that your backups are running, check that recent files are included, and try restoring a file to make sure the process works. The worst time to discover your backup system is broken is the moment you need it.