Digital security is paramount for both businesses and individuals. Today we have more personal information online than ever, with increasingly dangerous digital threats popping up all the time.
If you want to fortify your digital security, we have several tips to help you. Put these nine pieces of advice into practice, and you'll be better equipped to securely navigate the online world.
1. Keep All Your Devices Up-to-Date
System updates---whether for your Windows or Mac computer, or your iPhone or Android smartphone---are important. You should check for and install them regularly.
These operating system patches often fix security risks which could otherwise open your whole device up to attack. As an example, many victims of the WannaCry ransomware attack in May 2018 were running an outdated version of Windows 7. Had they updated those machines, the attack wouldn't have been as effective.
It's not always convenient to let your device restart and apply an update, but you should do so whenever possible. And in a business environment, you must also update servers, networking equipment, and similar devices. Monitoring services can help you confirm patches installed successfully.
2. Enable Two-Factor Authentication
Two-factor authentication (2FA) is one of the best ways to protect your online accounts. It requires something you have (typically a passcode from your phone) in addition to the password that you know. Thus, even if someone steals your password, they'd need your phone to get in.
Check the website Two Factor Auth to see what services you use support 2FA and how to set them up. We recommend setting up 2FA on at least your email accounts, file storage services like Dropbox, any financial accounts, and other sensitive services. Try the Duo Mobile app on Android or iPhone to generate these codes.
3. Use an Antivirus and Web Filter
Everyone should keep a strong antivirus installed to protect against the variety of malware in the wild. If you don't already have a favorite, Bitdefender Internet Security is a solid choice.
It's wise to supplement an antivirus with another security tool, since an antivirus alone can't handle all threats. For this, you can use a filtering tool like OpenDNS Home or Cisco Umbrella for business.
4. Create Strong Passwords
Strong passwords are vital for protecting your online accounts. Weak passwords (whether they're easy to crack by a machine or guessable by humans) are an invitation for someone malicious to breach your accounts.
As a general guideline, try creating a password phrase of several random words, longer than 8 characters. Add a number and/or symbol in for increased security.
For example: 5HilariousSpiceBelieveSwipe$
This is a 28-character password that is fairly easy to remember, yet hard for machines to crack. It's also random, so someone who knows you wouldn't be able to guess it based on information like your birthday or pet's name.
We recommend using a password management tool like 1Password or LastPass. These services securely store all your passwords behind one master key. Because they can generate strong passwords for you and fill them in on websites, they make the task of password security easier.
Finally, we don't recommend forcing employees to change their passwords in a company. This increases the chance that users will use weak passwords and write them down in insecure locations.
5. Avoid Dangerous Emails
Phishing emails designed to steal your credentials are a common threat in email. It's wise to avoid clicking links and instead always navigate to the site in question. Be aware that poor grammar and typos are often the sign of a bogus email. And never approve financial transactions requested by email without calling the person directly.
We've covered types of dangerous emails to watch for with more tips.
6. Know How to Recover a Stolen Phone
If you lose your phone or it's stolen, you should know how to remotely locate and wipe it if needed. Check out Apple's guide to using Find My iPhone or Google's instructions for Find My Device for instructions.
7. Use a VPN
A VPN (Virtual Private Network) encrypts your network traffic. This is important on public Wi-Fi networks like those in airports and coffee shops, where you can't trust the network or the other people using it.
For home use, Private Internet Access is a good choice. Company employees may be able to use their business VPN to encrypt traffic on any network.
8. Encrypt Your Computer
If someone removed the storage drive from your PC and plugged it into another computer, they would be able to access your personal files. You can encrypt your computer, which makes its contents unreadable unless you have the key, to protect against this.
9. Know How to Respond to Hacking
Data breaches are unfortunately not a rarity. Whether someone steals your Facebook password or compromises something more serious like a financial account, you should immediately change the password of the account. If you've also used that password on any other sites, you should change it for your safety as well.
You may also want to look at consulting a professional to address the damage and help you get back to normal.
These nine security tips cover a lot of today's online security. It's worth taking some time to implement them into your online life. Getting hacked or otherwise having your data is scary, frustrating, and time-consuming. Preventing it is easier than responding to an incident.
If you would like help implementing these security best practices as well as other IT best practices, please feel free to reach out to us anytime!