So, you’re in the market for a new computer to trust your valuable data with, huh? No worries, we’ve all been there. With so many computer brands, models, and options to choose from, it can be a bit of a headache trying to figure out what to look for.
The most secure computer is Purism’s Librem laptop which pairs hardened hardware and a custom operating system to help protect users’ data. Manufacturers like Apple produce more familiar and user-friendly devices with good data privacy.
When it comes to keeping your digital life secure, choosing the right computer is key. To make the best choice, you’ll want to consider the hardware, operating system, and software you use and how they match up with potential threats.
Let’s take a closer look at each factor and identify what might pose the biggest risk to your computer’s security and privacy
Selecting The Most Secure Computer Hardware
The hardware is the first aspect most consumers consider when selecting a secure laptop or a desktop computer. Find a PC manufacturer focused on using safe components as a foundation for the security of their systems.
Generally, the best hardware for a secure computer is open and transparent. The hardware should be designed to limit attacks and contain no backdoors allowing the component or system manufacturer control.
For example, Intel’s Management Engine on their processors is a common target for hackers since it can be exploited to run processes completely bypassing the operating system. A threat actor can install malicious software and perform advanced attacks like tampering with the BIOS or altering the boot sequence. AMD Secure Technology is a similar subsystem, lest you think their chipset is more secure.
An excellent example of secure hardware is Purism’s Librem laptops, designed with security in mind from the ground up. The company ships laptops with Intel’s Management Engine disabled. They also include security features like hardware switches for WiFi and Bluetooth and the ability to cover or completely disconnect the webcam.
The hardware element of computer security is crucial because it affects everything else, including how the operating system and other software running on your computer work.
Selecting The Most Secure Computer Operating System
The operating system (OS) is the second most important consideration when selecting or running a personal computer. The OS is the most essential part of a computer to defend, having access to both your data and the hardware.
The most secure computers tightly integrate hardware and operating system. Secure operating systems are typically open-source. This development transparency allows a community of experienced programmers to audit, patch, enhance, and secure OS.
Linux is the most common secure operating system, but it’s often criticized for the lack of quality user experience (UX). Its open-source development causes fragmentation in a cohesive user interface (UI), which can deter new users. The community has been making great strides towards UX and UI with friendlier distributions of Linux like Linux Mint and elementary OS.
The other operating systems from manufacturers like Apple and Microsoft are not as secure due to their proprietary nature and single-company development. While both companies have put billions of dollars towards securing their respective operating systems, they both have been known to contain severe vulnerabilities.
In general, Apple OSX has a reputation for having more secure default configurations than Microsoft Windows for consumers looking to stay with mainstream options.
A Bit of Advice:
There’s an ongoing debate over the most secure mobile device. My advice: For users that are not tech-savvy, an Apple iPhone is more secure out-of-the-box than most Android smartphones. However, advanced users can make an Android phone more secure by flashing to an Android variant designed for security and privacy like CalyxOS or GrapheneOS.
Regardless of which hardware manufacturer or secure operating system you select, users are the weakest link in cybersecurity. Consumers who install vulnerable software on top of an OS become the problem.
I recommend selecting and using only the most essential software from trusted sources. But how do you know what software is secure?
Selecting The Most Secure Computer Software
TL;DR: Download, install, and use only paid or open-source software. Here’s why…
Users often choose programs or apps because it’s free or offers a free trial. These software programs are typically unknown (security vulnerabilities) and more likely to contain bugs, exploits, or at a minimum, harvest users’ data.
Software with paid licensing is usually higher quality, commercially supported, and generally respects user privacy (though read the privacy policies). Companies offering paid products have a financial incentive to secure their software and act in the best interest of their customers.
For the sake of all that’s holy, please do not pirate commercial software! Not only are you doing something illegal, but you’re also installing pre-hacked applications onto your device.
Alternatively, consider finding free and open-source software (FOSS) alternatives if you’re budget-constrained in buying commercially licensed programs.
FOSS applications are usually developed by a community of programmers and function just as well as their paid counterpart products. Although these projects may not be as polished as closed-source versions, they have the potential to be more secure because the source code is open for public review.
Whether you go the paid route, leverage FOSS applications, or some combination of the two, selecting secure software is the final step in establishing your secure computer.
There’s an even larger threat to your laptop or mobile device’s security and your data privacy.
9 Tips for Choosing and Keeping Your Computer As Secure As Possible
In the security industry, the human in front of the screen is simultaneously the cause of a large attack surface and also the weakest link in the security chain.
Here are 9 unique habits and tips to help you keep the most secure computer system possible:
1. Smash Your Hard Drive
Deciding what to do with your old computer after getting a new one can be tricky. While selling it may seem like an easy way to make a few bucks, it also increases the risk of your personal data falling into the wrong hands.
I usually repurpose old laptops by wiping and handing them down to the kids to know where the hardware is going. If that isn’t an option, the most secure method is to remove the memory and hard drive and physically destroy the chips (and magnetic platters for older hard drives). From there, you can properly recycle or dispose of the old computer.
2. Be Paranoid AF
When it comes to using a computer on the internet, you’re just one click or a poor decision away from being hacked. That’s why it’s important to be paranoid at all times when online. Pretend your computer, apps, and every site or service you use are already hacked. Make choices from that starting point of view.
3. Habitually Lock Your Screen (Or At Least Use Auto-Lock)
If you frequently step away from your computer, learn the shortcut key to lock your screen.
- Windows: Windows ⊞ + L
- Mac: Ctrl + Cmd ⌘ + Q
- Linux: Ctrl + Alt + L
- ChromeOS: Search 🔍 + L
Please: Do this even if you’re home or in an office. In public spaces, close your device and take it with you after locking the screen.
4. Watch Your Back: Pay Attention To Shoulder Surfing
In public spaces, sit with your back to the wall so no one can look over your shoulder. Alternatively, use a privacy overlay on your screen, limiting the viewing angle and keeping your data more private.
5. Encrypt Everything, Including Your Whole Drive
Fully encrypting your laptop’s hard drive or your mobile device’s onboard memory prevents hackers from mounting your storage if your device is stolen.
6. Use These Secure Browsers
Many people have the misconception that it doesn’t matter which web browser they use. Unfortunately, this isn’t true. We selected the best browsers for online banking (or any secure task). Take a look at these alternatives to Google Chrome, Microsoft Edge, and Apple Safari.
7. Don’t Use Passwords
The humble password is dying. I wrote this article detailing how to create secure passphrases (a short, long sentence) and even programmed a FOSS tool in that post to randomly generate your own passphrases. Please stop using and reusing passwords and put your passPHRASES into a password manager.
8. Passphrases Aren’t Enough: Two-Factor Authentication (2FA)
Multi-factor authentication, or 2FA, adds an extra layer of security to your login process by requiring not only your password but also something you own, such as your smartphone.
By enabling 2FA, you make it much more difficult for hackers to access your accounts, even if they know your password. 2FA is a small step that can save you a lot of headaches and heartaches down the line.
9. Keep Your Software Updated
This is probably the most recited advice, but folks don’t keep their malware and operating systems updated.
Here’s the deal: operating systems and anti-malware applications don’t update themselves. You have to do it manually. And trust me, these updates aren’t just for show. They frequently include critical security patches and bug fixes to defend your computer against known vulnerabilities and potential threats. Make it a habit to check for and install updates regularly.