Every day we hear about new threats to online security. Whether you’re concerned about your personal information, keeping your children safe online, or safeguarding your business data, there are many dangers in cyberspace, such as identity theft, malware, and ransomware. Fortunately, there are also quite a few effective measures that can greatly reduce the risks of becoming a victim. The following are the 10 top ways to stay safe online.
1. Back Up Everything
Backing up your data doesn’t protect you from attacks but it does ensure you won’t lose everything if you need to reinstall your hard drive. This also protects you against other catastrophic scenarios such as computer crashes and natural disasters. One increasingly common type of attack involves ransomware, where the hacker essentially holds your data hostage and forces you to pay to retrieve it. Backups can help you avoid having to pay in such cases. Reliable cloud-based services are ideal for storing data.
There are several advantages to keeping important information in the cloud. Aside from the security benefits, all the members of your team can easily access data from any location. If you have lots of files to back up, you may have to pay for storage as services such as Google Drive, iCloud, and Dropbox only provide a limited amount of free storage. However, the costs are quite reasonable.
2. Be Password Savvy
Even the most intricate password doesn’t guarantee your safety online (nothing can, unfortunately). However, passwords are your first line of defense when it comes to securing your accounts. There are many simple mistakes that make it all too easy for hackers to access your information. Make sure you’re paying close attention to your passwords and doing everything possible to keep them secure.
- Always use difficult and unique passwords for all of your accounts. Never use easy to guess passwords that include your name (or your kids’, pets’ or friends’ names), birthdates, or a sequence of numbers such as 1234. The traditional secure password is a combination of upper and lower case letters, numbers, and symbols. However, another approach that might be even more secure is to use a long sequence of random words such as “volcano dog Paris green oatmeal meadow.”
- Don’t share passwords unless it’s absolutely necessary. Only share them with people who actually need to access a certain account. Limiting access in this way goes beyond trusting individuals. Even someone who doesn’t mean any harm might be careless, such as by writing a password down in a place where others can see it.
- When someone leaves your organization, always change the passwords for any accounts that the person had access to.
- If you do have to give out passwords for any reason, change them afterward. For example, if you hire a web designer, you’ll need to give him or her access to your web hosting account. Don’t forget to change the password when the task is complete.
- Never post or write down passwords in public areas. This may seem obvious, but it’s fairly common for people to write down passwords on post-it notes or notepads on their desks.
3. Use Two-Factor Authentication
Two-factor authentication (or multi-factor authentication, which is still more secure) is a step that makes it harder for anyone to log into your accounts without your permission. It forces the user to enter additional information beyond your password. Typically, you need to enter a pin number or answer a question. More sophisticated types of multi-factor authentication include fingerprints and eye scans. The latter methods are getting more popular, especially with businesses that deal with financial and other sensitive information. Any type of two-factor authentication takes extra time but the added security makes it well worth it.
4. Understand the Dangers of Free Extensions and Software
Installing free browser extensions, apps, and software put you at risk for many unpleasant intrusions. Such applications may contain viruses, malware, adware, or spyware. This isn’t to say you should never install or download free applications. Some types of open source programs (e.g. WordPress, Open Office) are reputable. However, be wary of programs that you aren’t familiar with. In addition to downloading applications, be wary of free browser extensions. These can be tempting as they’re simple to install and often have enticing benefits. In addition to security risks, these can slow down your browser.
Freebies often promise faster operations, enhanced security or other benefits. In some cases, you’re enticed with lots of free images, templates, or PLR (Private Label Rights) articles you can give away or sell to your customers. Even if the creators of free software aren’t hackers or scammers if their product isn’t well designed it can leave you open to threats. In some cases, developers of such free products quickly abandon the projects, making it impossible to get support or install updates. Make sure you and your employees are careful about downloading or installing anything free. There are often hidden costs.
5. Avoid Viruses and Malware
Just as biological viruses attack the body, computer viruses can do real damage to your computer. These are malevolent programs written specifically to overwrite software to harm your device or steal information. Malware is a broader term that includes all kinds of malicious software including adware, spyware, Trojan horses, and ransomware (an especially pernicious type of program that disables your information while the hackers demand ransom in exchange for returning it to normal). Fortunately, there are ways to prevent malware and viruses from taking over your devices.
- Keep all of your software updated. For example, if you use WordPress, make sure you’re using the latest versions. The same for any plugins you’ve installed. This makes it harder for anyone to hijack your software. Make sure any programs you use are up to date.
- Use reputable anti-virus software such as Kaspersky, Norton, McAfee, or Bitdefender (there are others as well).
- Beware of messages alerting you of viruses. Hackers often warn you of the very things they want to do to you. For example, pop-up messages that say something like “Warning! Your computer is infected!” are often used to get you to click on a link and download malicious software.
- If you do get a virus, don’t panic. Your anti-virus software may be able to remove it. If not, you may have to reinstall your programs and even the operating system. Enlist help for this if necessary. This possibility is one reason to always back everything up.
6. Don’t Fall For Phishing Scams
Many online attacks are accomplished with the victim’s (unwitting) cooperation. Phishing is the practice of sending out links that appear to lead to legitimate websites but are, in fact, fraudulent. Once you reach the fake website, you’re enticed to share personal or financial information. When you’ve been “phished,” you are actually giving out your precious information voluntarily.
Most phishing attacks come via email but they are increasingly coming via other means as well such as Facebook and Whatsapp messages and text messages. There’s one simple rule that will save you from becoming a victim: don’t click on links that come in emails or messages. While you don’t need to be suspicious of every message that has a link, there are some clues to help you spot phishing scams.
- Urgent warnings. Just as we noted that hackers will “warn” you about viruses with fake popups, so they’ll issue fake warnings that your bank account has been hacked -as they’re attempting to do that very thing! So watch out for messages with dire warnings and require immediate attention. They want you to act before thinking.
- Amazing offers. This is the opposite of the urgent warning. You may be the winner of a lottery or unexpected grant or loan. Basically, be suspicious if it sounds too good to be true.
- Spelling and grammatical mistakes. A sure sign that an email isn’t what it claims to be is that there are errors in the copy. You might also notice sloppy phrasing with words missing.
You can always avoid falling victim to phishing by not clicking on links. If you’re not sure, simply visit the website from a new browser. Make sure all of your employees understand this as well!
7. Be Cautious When Using Public WiFi
More and more people telecommute and work at home either part or full time. Working at home just as often means working in a public place such as a cafe, airport, or library. While it’s convenient that public WiFi is so widely available, it also presents some serious security risks. You and your employees should always be very wary about what you do and share in public places. Some security experts take this advice to a greater extreme and advise you to never connect to public WiFi, period.
Hackers can easily steal your information via public WiFi spots. In some cases, the hacker may be in person. It’s enough to make you paranoid, worrying if the people at nearby tables with their laptops young student with a backpack or the diligent middle-aged businessman isn’t really a hacker! If you must log into public WiFi, at least follow these precautions.
- Never disclose sensitive personal or financial information (e.g. social security number, credit card info).
- Avoid logging into any accounts where you have important information stored. This includes bank accounts and your personal and work email accounts.
- Only use secure connections. Setting your browser to “Always Use HTTPS” helps you avoid less secure sites. You can make this easier by using Google Chrome, which now marks HTTP sites as not secure.
- Subscribe to a Virtual Private Network (VPN). With a VPN, you don’t need to use public WiFi. If you have a business and have employees who work remotely, consider supplying them with a VPN. The cost is well worth the added security.
8. Watch Your Devices
When thinking about online security, we tend to focus on websites, operating systems, platforms, and other technical issues. While these are all crucial, you shouldn’t ignore the offline aspects of security. If someone seizes or even sees your device and what’s on it, they don’t need advanced hacking skills. Never leave your devices unattended in public places, even work. Phones and laptops are stolen every day. Some thieves might just want to pawn your device or sell it on eBay. Others, however, might have even more nefarious plans such as stealing data or your identity.
Aside from outright theft, beware of leaving sensitive information on your screen. Keep this in mind at work as well as in public places. Remember that hackers today often use cameras. Just as sophisticated criminals will take photos of people entering passwords into an ATM, they can discreetly take photos of your screen when you’re logged onto sensitive pages. Or, more simply, someone can simply look over your shoulder if you’re not careful.
9. Keep Your Mobile Devices Secure
As more and more communications and transactions are conducted on phones and tablets, hackers are targeting mobile devices. All of the tips that apply to laptops and desktops are equally relevant for smartphones and tablets. There are also some additional points that are especially relevant when you’re on a mobile device.
- Keep your phone OS and apps up to date.
- Only install apps from trusted sources. Be careful of novelty apps or from companies you’ve never heard of.
- Be careful about divulging sensitive data online in public places. This gets back to the warning about public WiFi. However, people are often more careless on their phones.
- Install or enable a “Find My Phone” app so you can easily locate your phone if it’s lost or stolen.
- Shut off mobile devices when you’re not using them.
- Place a privacy screen on your phone. This makes it harder for anyone to see what you’re typing.
10. Review Your Accounts and Credit Reports
Sometimes, despite every precaution, a hacker or identity thief targets you and you have to deal with the fallout. In such cases, the sooner you spot the problem, the less damage they can inflict. By regularly scanning your bills and important accounts, you can quickly spot any irregularities such as purchases you don’t remember making. Credit reports also provide clues to any unusual activity. Monitor both your personal and business credit and look for any unexpected issues.
Staying Safe Online Takes Common Sense and Vigilance
Hackers, identity thieves, and scammers are quite resourceful. They keep up with the latest technology and find ways to exploit it. To stay safe, you need to stay current with the latest threats. Security largely comes down to common sense. Cybercriminals use the same type of logic as traditional burglars. Just as you need to lock your doors and windows at home, you need to take common-sense precautions for your devices and online behavior. Make sure you, your family, employees, and anyone with whom you share cyberspace is on board with your security measures.
If you want help analyzing your risk and improving your website security, check out this reasonable and well-reviewed website security analysis service.