20 Things You Can Do Right Now To Up Your Cybersecurity Game

The ubiquitous, unceasing and indiscriminate nature of the cyberthreats makes it imperative that all of us do our part to maintain the highest level of security possible. As National Cybersecurity Awareness Month comes to a close, we’ve sorted through the deluge of cybersecurity tips and best practices out there and compiled a list of 20 simple actions you can take right now to maintain your online safety.

20-Cybersecurity-Tips-300x300-No Face

  1. Keep a clean machine. Protect any device that connects with the internet by installing anti-virus software, such as firewalls, email filters and anti-spyware, and regularly update them.
  2. Think before installing apps. Understand what kind of personal information app’s require and ask for, and don’t install them if they are asking for too much.
  3. Delete unused apps. The risk of being breached climbs higher with every app installed, so if it’s not being used, junk it.
  4. Guard your device and lock it when not using.
  5. Re-think your passwords. Avoid pet names or other personal information, or any common words that could come up during a simple dictionary attack. Rather, use a passphrase such as a headline or title, and then add punctuation or numbers. Use a custom numeric code longer than the default number. Ideally, it should be eight or more digits.
  6. Use multiple passwords, and keep them securely stored. Use unique passwords for each account and store them using a secure password manager, such as Dashland, 1Password or LastPass.
  7. User stronger authentication. A two-step verification process, such as PIN numbers, security keys, biometrics and one-time codes, adds an extra layer of protection and an added step to deter a would-be hacker to make the extra effort.
  8. Avoid public Wi-Fi. We’ve all been guilty of using public Wi-Fi, especially during business travel, but, as a general rule, don’t use it if it’s not a work emergency. It can be inherently less secure, and offers criminals easy opportunities to breach personal electronic devices.
  9. Disable auto-connect and Bluetooth on your device. This way you’ll avoid connecting to an insecure network without your knowledge or before you can stop it.
  10. If you have to use public Wi-Fi, go to the source. Confirm the network name and security protocols in public places such as hotels and coffee shops by asking employees before you connect.
  11. Beware of spoofing and fake websites. Many illegitimate websites clone authentic ones and appear like the real thing – only visit websites with https://.
  12. Choose your activities on public Wi-Fi or Hot Spots wisely. If you’re on an insecure network, avoid shopping, banking or working on sensitive documents.
  13. When it comes to emails, think before you click. Avoid phishing attempts by deleting emails from unknown senders that ask for personal information like passwords or social security number, or emails directing users to a hyperlink. Remember this adage: “When in doubt, throw it out.” Email scammers are also using spoofs of email addresses of people you might know from your company – always double check that the email address of the sender is spelled properly.
  14. Knowledge is power. Learn about different types of attacks: Malware, viruses, bots, and more, in order to spot a problem early on and mitigate it quickly.
  15. Familiarize yourself with your Cloud’s privacy policies. Understand the cloud service you, or your company, are using and what its privacy policies are. In the workplace, ensure there is a detailed agreement in place defining what can and cannot be shared, or which data requires higher levels of protections.
  16. Regularly back up all important work and data.
  17. Check your social media app settings. Review social media permissions and privacy before joining them, and limit how much personal information your share. The more you post, the more someone can learn about you to enable them to steal or cause other harm. Always check to make sure that your settings aren’t enabling automatic geotagging so that your location remains private – especially if you’re posting from somewhere sensitive, like your home or from your child’s school.
  18. Monitor employee activity. In the workplace, use a log correlations engine at work or SIEM to audit employee activity, and know the signs of suspicious behavior to mitigate insider threat before it becomes a problem.
  19. Manage employee access. Limit access to different levels of sensitive information to only those employees who need it to do their jobs.
  20. Graduate from default settings. Your home or office Wi-Fi network is the gateway for criminals to access all of your devices. Secure it by changing the factory-set passwords and username.



For additional best practices, and details about how to execute any of the suggestions above see the following resources:

Related Articles