Proactive Measures for Cyber Safety

Over the years, many have approached me with questions about online security, reflecting a growing concern in our digital age. The importance of safeguarding one’s personal identity online truly cannot be overstated. Not only does good cyber hygiene benefit individuals, but it also extends to the organizations where they work. When people grasp the basics of cybersecurity, they’re better equipped to apply these principles in their professional environments, fortifying the digital defenses of their companies. With cyber threats becoming more frequent and increasingly sophisticated, it’s imperative for everyone to adopt proactive measures to protect their digital identities.

Here are some guidelines to ensure your online safety:

  1. Think Before You Click: More than 90% of successful cyber-attacks start with a phishing email. If you encounter a link you don’t recognize, trust your instincts and think before you click.
  2. Use Strong Passwords and change default ones: Until we can move to passwordless avoid common passwords like “password” or “123456”. Ensure your password is long (at least 14 characters especially if MFA is not enabled), unique, and randomly generated. Consider using a password manager to generate and store unique passwords. Many devices, including modems and routers, come with default passwords. Always change these to unique, strong passwords to prevent unauthorized access. This applies also to your mobile device, use a PIN/passcode (not your date of birth or “0000” or “1234”)
  3. Use Multi-Factor Authentication (MFA): MFA provides an additional layer of security by requiring two or more verification methods. We already discussed how to choose one method, for instance here. This applies also to your mobile device, secure it with biometric feature (e.g. fingerprint or face recognition).
  4. Stay Updated: Ensure all your software, including the operating system, is up-to-date. Cybercriminals often exploit vulnerabilities in outdated software. Whenever you receive notifications for software updates, install them promptly. Even better, turn on automatic updates.  
  5. Be Cautious with Software: If you didn’t actively seek out a software, an app or browser add-on, don’t install it. Conversely, uninstall software or applications you no longer use. This approach not only declutters your system but also reduces potential entry points for cyber threats.
  6. Avoid public or untrusted WIFIs: avoid those WIFIs especially when accessing or providing sensitive information, such as bank accounts, online shopping, etc. The same applies also for and unknown or untrusted storage devices, such as USBs, that can be used to transfer malware on to your device. Avoid those as well.
  7. Consider Using a VPN: Virtual Private Networks (VPNs) encrypt data transmitted between your device and the server. This ensures that your online activities remain private and secure, especially if you really need to use public Wi-Fi networks. However, not all VPNs are created equal. It’s essential to choose a trusted provider, as VPNs are entirely based on trust. You must be aware of the data protection laws of the VPN provider’s home country and any potential extra-legal pressures they might face.
  8. Ensure your valuable data is stored in an appropriate location and backed up regularly. Cybercriminals may encrypt your data so they can extort money from you. If you do become a victim of this, it is often impossible to decrypt the data, so you will have to rely on backups. To avoid this ensure valuable data is stored on approved secure storage services (not shared widely and encrypted) and backed up in the event of loss or damage.
  9. Bookmark Important Sites: Instead of clicking on email links that seem to come from trusted organizations, use bookmarks in your web browser to access important sites. This reduces the risk of landing on a phishing site.
  10. Don’t overshare on social media: Scammers often use social media to gather information about people. They may use this information to guess your passwords, use it in a social engineering scam, or impersonate you when applying for credit cards, bank loans, or even commit crimes. Also regularly review your social media access settings to understand who can see information you share and ensure it is restricted appropriately.

What do you think? Are these all the steps we should take to ensure our online safety?

Do you follow all these best practices? Share your thoughts and experiences in the comments below!

Sources: