7 cybersecurity tips for holiday gift setup

The holidays are here! Many of us will be giving and receiving gifts over the next week or two—and some of those gifts will be computers, IoT devices, and other digital goodies.

But there’s a danger lurking behind all the fun and festivity, because computer-related gifts can easily become threats to our security and privacy.

In some cases, electronic gifts are direct cybersecurity threats, containing vulnerabilities that bad guys can exploit. 

Other times, it’s the setup that’s the problem, as unwary recipients, eager to try out that new toy that they’ve just unwrapped, skip over important security steps and expose themselves to risk.

For a safer holiday season, follow these seven cybersecurity tips for gift setup:

1. Read the instructions

   Fun? No. Essential? Yes! Before using your gift for the first time, take a couple of minutes to go through the manual. You don’t have to read it cover to cover, but pay attention to the parts about security, the privacy policy, and the section that tells you how to get software or firmware updates.

2. Turn on automatic updates

   If possible, set up your new device so that you’ll receive software updates automatically. If that’s not possible, don’t rely on your memory to keep your device updated—create a recurring calendar event so you receive regular reminders to check for and install the latest security patches.

3. Secure new accounts

   If you need to set up a new account to use your gift, protect yourself from data breaches and hacks and do it the right way. Create a strong, unique password for the account—using a password manager if possible. For added privacy, use Hide My Email so you don’t expose your real email address. If the gift supports two-factor authentication, turn that on as well.

4. Define app permissions

   If your gift comes with a mobile app, be sure to limit the app’s permissions on your device. Apple’s App Store Privacy Labels help you see what kinds of data the app collects, and how that data is used. From there, you can limit the app’s access to your data using the built-in controls in iOS.

5. Change IoT defaults

   When setting up an IoT gift, don’t forget to change the default username and password. Many smart devices ship with factory default credentials. When users fail to change these defaults, the device becomes extremely low-hanging fruit for hackers. For more IoT safety tips, see our guide to setting up an IoT gift for security. 

6. Dumb it down

   Remember, many IoT devices will also work perfectly well without a network connection. So If someone gives you a smart coffee machine as a gift, ask yourself if it really needs to be on your home network. If not, enjoy your morning coffee without the security worries by taking the radical step of…not connecting your coffee pot to the Internet. (Read this blog regularly for other advanced security tips).

7. Add controls for kids

   If your child has been given a computer or mobile device as a gift, use parental controls to safeguard their security and privacy—and your peace of mind! For details on how to do this using Apple’s parental control settings, refer to Checklist 307: Rapping and Unwrapping Security Tips.