10 ways to stay safe online
Protecting information and securing systems and devices is an essential task that seems like an afterthought to some. However, it’s crucial to stay safe online to protect your personal and financial information. There are many steps individuals can take to enhance their cybersecurity without requiring a significant investment or the help of an information security professional. Below are ten tips you can put into action now:
1. Keep your software up to date
Keep all software on internet-connected devices—including personal computers, smartphones, and tablets—current to reduce risk of infection from ransomware and malware. Outdated software is vulnerable to hackers looking to steal personal information, like usernames and passwords, bank account numbers, or even your Social Security number. Configure your devices to automatically update or to notify you when an update is available. If you don’t enable automatic updates, it’s recommended to install software updates as soon as they roll out or check monthly.
2. Enable multi-factor authentication
Two-factor authentication or multi-factor authentication (like biometrics, security keys, or a unique, one-time code through an app on your mobile device) is a simple way to keep your financial information secure, and you should use it whenever offered. If a password is hacked, guessed, or phished, it’s not enough to give the intruder access without the second form of authentication—thus rendering it useless.
Two-factor authentication varies across platforms, but the overall process is generally the same. For example, you log in to your bank account with your username and password. If entered correctly, the server will send an authentication code to a secondary device, typically via text or email. You’ll then enter the unique code to confirm your identity and gain access. If someone is attempting to access your account, they won’t be able to without the authentication code.
3. Use long, unique passwords
Use a long, unique password to keep your accounts secure. A strong password is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember, while also using a combination of letters, numbers, and symbols. Do not use sequential letters and numbers, like “qwerty” or “1234.”
It’s also important to use separate passwords for different accounts. Around 66% of Americans use the same password for more than one account, which can be detrimental if there is a security breach. If you use the same password for your social media accounts and online banking, your financial information can easily be stolen if your social media password were to be hacked.
4. Use a password manager
It’s hard to keep track of multiple complex passwords, but avoid writing your passwords on paper or storing them on an unprotected device. The best way to manage unique passwords is through a password manager application. A password manager is software created to manage all your online credentials like usernames and passwords. It stores them in a safe, encrypted database and also generates new passwords when needed.
There are various free or cheap user-friendly password manager applications that can be used to securely store your information across multiple devices. Bitwarden offers a free personal plan that allows you to store unlimited passwords, use the app on unlimited devices, free sharing for two users, and more. They also offer a family plan for $40 per year that allows up to six users, encrypted file sharing, emergency contacts who can access your vault in case of an emergency, and more.
5. Think before you click
Links in emails, tweets, texts, posts, social media messages, and online advertising are the easiest way for cyber criminals to obtain sensitive information. Be wary of clicking on links or downloading anything that comes from a stranger or that you were not expecting. Clicking on unknown links or opening attachments may install malware, like viruses, spyware, or ransomware, on your device. The software is covertly downloaded, so you won’t notice until it’s too late.
If you do accidentally click an unknown link, disconnect your device from the internet and ensure your files are backed up. Next, scan your device for malware, then change your usernames and passwords. Lastly, set up a free fraud alert on your credit report with one of the three major bureaus: Experian, Equifax, or TransUnion.
6. Report phishing attempts
If you’re at the office and the email came to your work email address, report it to your IT manager or security officer as quickly as possible. Procedures vary between organizations, so be sure you know your company’s policy for reporting phishing attempts.
If you’re at home and the email came to your personal email address, do not click on any links (even the unsubscribe link) or reply to the email. Delete the email altogether. You can take your protection a step further and block the sending address from your email program, too.
7. Use secure WiFi
Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your laptop or smartphone while you are connected to them. Limit what you do on public WiFi, and avoid logging in to key accounts like email and financial services. Consider using a virtual private network (VPN) or a personal/mobile hotspot if you need a more secure connection.
VPNs encrypt your online traffic and anonymize your location, allowing you to browse safely and securely. Even if your traffic is intercepted, hackers can’t view your activity. VPNs are becoming increasingly popular due to the ability to unblock geo-blocked content on streaming platforms, and they’re also user friendly.
8. Back up your data
Protect your valuable work, music, photos, and other digital information by making an electronic copy and storing it safely. If you have a copy of your data and your device falls victim to ransomware or other cyber threats, you will be able to restore the data from a backup. Use the 3-2-1 rule as a guide to backing up your data. The rule is: keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite.
9. Check your settings
Every time you sign up for a new account, download a new app, or get a new device, immediately configure the privacy and security settings to your comfort level for information sharing. Regularly check these settings to make sure they are still configured to your comfort.
10. Share with care
Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it might affect you or others. One popular trend on social media consists of answering a list of personal questions, such as the name of your first pet or the street you grew up on. Many of those are common security questions, and you’re unknowingly distributing those answers for hackers to view—and potentially gain access to your financial information.
Following the above steps is essential to keeping your personal and financial information secure. This is the first in a series of cybersecurity education posts meant to help you stay safe online. Over the next few months, we’ll share greater insight and tips on each of the topics mentioned above. In the meantime, we offer additional resources to brush up on your financial education, with ACHIEVE for consumers and small businesses. Click here to start learning today.