The security of our digital identities and properties is a topic of ever growing importance, with more and more sensible data and informations we depend on being stored on our devices or in the cloud.
As freelancer software engineer should be even more aware of how secure your machine and devices are, as not only your data is stored there, but your clients as well. Taking your client security seriously is a sign of professionally, and could turn out to be a life saver if something happens to your laptop.
Here's a list of simple actions that you can take right now to improve your "security rating".
Lock your screen
This is the abc. You probably learned it when you were at school and somebody fraped you. When you're not in front of your machine, lock it.
It takes only a couple of days to build up the habit of locking the screen every time you walk away from it, but a safe "lazy proof" way is to set the screensaver timeout for one minute.
Pro tip: The productivity tool Alfred for Mac makes locking your screen as easy as the hitting
Alt + Space,
Pro tip: Having short timeouts can become annoying when you're watching things on your computer. Caffeine is a tiny free Mac app that prevents your screen from going to sleep automatically. And guess what? There's an Alfred workflow for it too.
Lock your devices
Your phone might not have the ssh key to download all your client codebase and sell it to it's competitors, but has something as powerful: your email! With access to your email even a teenager can do some serious damage.
So add a passcode to your smartphone!
Use strong passwords and consider a password manager
Your account is as secure as your password. But what makes a password secure? There is a lot to say about it, here some fun starting points: xkcd on strong passwords, xkcd on password reuse, and an infographic on password security.
You could also consider using a password manager. Password managers are a matter of tastes. I'm personally not a big fan of them, they are a single point of failure, and add friction. But it's undeniable that using a password manager will allow you to use secure password, being them very long or rich of symbols, taking away the effort of remembering them.
Use multi factor authentication
An extra layer of security can be added to your email, GitHub, etc. by enabling multi factor authentication.
Multi-factor authentication (MFA) is a method of computer access control which a user can pass by successfully presenting authentication factors from at least two of the three categories: Knowledge factors ("things only the user knows”), such as passwords; Possession factors ("things only the user has"), such as ATM cards; Inherence factors ("things only the user is"), such as biometrics.
Once you’ll have setup a couple of accounts with MFA you’ll find yourself addicted to it. It’s gonna be a disappointment when you’ll have to sign up for a service that doesn’t offer it.
List of all the services I use supporting MFA
Pro tip: Instead of relying on the authentication token being sent you through SMS, use Authy. Authy is a great app to access your MFA accounts from the smartphone and offers extra features such as backups and multiple devices support.
Encrypt your disk
Another simple measure you can take to make your machine more secure is to encrypt your disk. This will prove incredibly valuable in case you forget your laptop somewhere, or if it gets stolen.
Some disk encryption softwares provide deniable encryption. They create an hidden volume. You can then have a "normal" password to unlock the disk, while keeping the data that's really important and sensible in an hidden volume, that can be unlocked only if a "secret" password is used instead.
If you're on Mac you can use Filevault. Note that Filevault doesn't provide deniable encryption.
Wrapping it up
We saw a few simple moves that everybody, not just freelance software developers, can and should take, to improve their security, and make their clients and themselves more comfortable.
If you have other tips to improve security tweet me about it.
Happy coding, on your secure machine.