More students are increasingly adopting Chromebooks in their studies. However, Chromebook security settings are one of those things that, sadly, many Chromebook users do not care about.
It almost seems like they are the new-age Mac users who used to believe that their units could not get infected by malware.
Of course, both OSes are built in such a way that they never grant root access to any malware and as such, could keep out most of the attacks by themselves. That, however, does not mean that you should leave them to do it all at all times.
In this piece, we discuss the various malware and data theft/ loss threats facing Chromebook users, and what to do about them in real-time.
Where the Chromebook shines
To understand where we are going with this, it is important to underline where we are coming from also.
Chromebooks are as secure as a modern-day unit could be. It seems that Windows is the only one left on the poor security service for now – but we cannot blame them as they would be a bigger target since they have a larger user base.
That is not the discussion for today, though.
Right out of the box, the following security models make a Chromebook the darling of many.
#1 Cloud-Based Storage
Gone are the days when you have to fear losing or dropping your device because of the data-theft that could occur.
Google sells the Chromebook as a cloud-storage unit so all of your files are kept in the cloud. Even if someone were to get access to the unit, they would need to be able to bypass your cloud settings to get access to your data.
The good news here is that you don’t control the cloud service and authentication yourself. That is handled for you by the good guys over at Google and you can rest assured that they are doing a terrific job.
The promise is not that you would not find any malware trying to sneak onto your Chromebook. The promise is that they will have a hard time getting in at all.
Google makes that possible with something they call the sandbox.
Every app, program, and software running on the Chromebook is insulated from the other. Even browser pages are not allowed to interact with one another – and they are inside the same program.
Thus, if malware exists within a certain app kernel, Chromebook keeps the malware sandboxed there. That way, it cannot interact with other parts of the computer.
Google started the monthly security update thing with their Android OS – and they have morphed that into something better for the Chromebooks.
Side Note: Chromebooks don’t run on Android OS. They have a specialized Chrome OS they run on but can run all Android apps in an emulation environment.
With Chromebooks, Google is all of timely, fast, and smart with the updates.
Every Chromebook unit comes with a primary and backup server side. When the system is in use and an automatic update is due, the update is applied to the backup part. This way, the user is never interrupted when working.
As soon as the computer is not in use anymore, the backup applies the update to the primary server.
#4 Recovery Mode
In the rare instance that your Chromebook gets attacked, the device protects itself by going into Recovery Mode.
This mode understands that some of the software components have been corrupted, most likely by external influence.
It, thus, seeks to restore itself to normal working operations by asking the authorized owner to restore the system.
For this recovery to happen, you would have to reinstall the data from a recovery storage device (RSD). In most cases, you would have synced your RSD to your Google account. A simple login of your account will get your device working like new again.
The Security Threats that Chromebook Users Face
All the above sounds good. It is looking like there is truly no way to breach a Chromebook right now.
You should understand that the more sophisticated a system is, the more sophisticated the hackers launching attacks on that system also.
That is why the following attacks prevail on the Chromebook front:
Like we mentioned somewhere above, Chromebooks do not run on the Android OS but they can run the same apps like an Android device.
There was a time when some Chinese developers were found to have loaded the Google Play Store with malware-infected apps. These apps went for long without detection from Google’s engineers and they siphoned data off multiple users.
In other words, you would have installed the malware onto your device by yourself – and from a trusted source nonetheless.
With other operating systems, hackers usually have to look at a lot of places to steal the data that they want.
Chromebooks make the user’s life easier with their cloud storage functionality, but that also makes a hacker’s work simpler too.
Now, they only have to focus on cracking your Google Cloud account and they have access to all of your data, sensitive files, and more.
Think about all the credit card details they can get from your Google Checkout. Or, maybe all the passwords you have linked to your Google Dashboard.
The possibilities of what data you could lose this way are endless.
Still, on the application front, there is a growing concern around seemingly legitimate apps that are out to steal user data and information.
This is exemplified in the case of Eric Savics who downloaded an illegitimate cryptocurrency wallet, entered his recovery phrase, and found out that the hacker had stolen all of his coins.
Such has happened to many other users in the past – and not just in the cryptocurrency world.
The novelty of the phishing attack idea is that they do not care what device you are on.
You could be on the most secure OS in the world and still fall victim to a phishing scam.
That is because the threat actors behind this form of attack leverage the user’s trust – getting them to bypass their security settings.
Protecting yourself on your Chromebook
Now, you know that the Chromebook security settings that ship with your device are not enough to keep you protected. Fortunately, you can leverage a handful of neat little tricks to beat unauthorized access and thwart the efforts of hackers/ scammers coming for you.
Download Security Software
Help your Chromebook tackle attacks better by giving it more security tools than it came with.
Google might have experience in the mobile and desktop niche, but they cannot do it all on their own. Use these:
- An antimalware to catch malicious apps, prevent the opening of malware-infected files, and keep your computer generally safe.
- A VPN for Chromebook to encrypt all of your internet traffic, especially if you are connected to a free/ public Wi-Fi network.
- Email scanners to check for possible blacklisted domains, phishing links, malware-infected attachments, etc.
- A password manager to securely store your passwords away from the Google dashboard. That is one less data you have to worry about losing in the case of a cloud hack.
Practice Healthy Application Habits
Many users have welcomed malware onto their Chromebooks with open arms without even knowing it. All in the name of getting more apps and programs to keep their device better functional.
Here’s what to do from today:
- Never install apps from sources other than the official Google Play Store.
- Make sure your apps are from trusted vendors and publishers.
- Be wary of the permissions you grant your apps. Don’t always be in a hurry to launch an app that you just click through on all permissions.
- Keep your apps updated as soon as a new version is out. That way, the latest exploits are patched up.
Improve your Password Security game
We mentioned having a password manager in the first point here. That would do nothing for you if you are storing weak passwords on them.
Your password is a very important piece of access to all that sensitive data and it should be treated with high regards also.
Do these for better password security:
- Use online password generators to come up with new passwords.
- Never share your passwords with anyone or write them out anywhere.
- Enable 2FA anywhere possible. Fortunately, you can get the Google Authenticator app and still stay within the Google ecosystem.
- Beware shoulder-surfers when signing into your device.
- Enable sleep locking. This way, a password is needed to wake your device from sleep.
Keep your Data Safer
The above tips will aid your basic Chromebook security settings to keep you safer in a series of situations.
There is still a small chance of flaw, but you would be better protected than the average Chromebook user when you implement the tips and tricks above.
Even if you were able to delay a hacker by a few months, you would have beaten them at their own game.
Fortunately, since you are here today, we know that you won’t stop looking for new ways to protect your Chromebook better. In other words, you will always be one step ahead of hackers coming for you.