October is Cybersecurity Awareness Month, a national effort to create awareness about the importance of cybersecurity (also called online security). We would like to share some tips with you to help you keep your information private and secure.
Cybersecurity Tips & Recommendations:
- Do a security checkup. Most companies offer these to help you check the security of your account. For example, Google provides a great tool for their apps: https://myaccount.google.com/security-checkup
- Turn on Two Step verification (also called two-factor authentication). Adding an extra layer to the security of your accounts prevents unauthorized access if your login details ever get lost, stolen or guessed. Do this for all your accounts, including email, banking, government, etc..
Recommendation: Use an authenticator app like Microsoft Authenticator where possible. They are more secure than using mobile text messages for this purpose.
- Update your software. Even if your operating system, apps, anti-virus software, etc. should update automatically, it is important to make sure that they actually are. If you do not already have automatic updates turned on, it is best to do so.
- Use unique and strong passwords. One of the most common ways criminals get access to your accounts is by trying to access them using login information that was stolen and leaked or sold online. If you use a different and hard to guess password for every app you can reduce that risk.
- Use a password management app. Do not write down your passwords, and never save them in a Word document, text file or your online address book.
Tip: When creating or changing a password, first enter (or generate) and then save it in the password management app, and check to make sure it is saved. Then enter it in the online account.
- Check if your email address or phone number was ever leaked in a data breach. You can use websites such as https://haveibeenpwned.com/ to check. That website is a secure public service and the information is provided free of charge. Take steps to further secure your account if it was part of a breach, for example if you used a leaked password elsewhere.
- Avoid suspicious requests, emails and web pages.
Recommendation: If you are not 100% sure an email is genuine, check with the sender and when in doubt permanently delete the message. Email is one of the most common ways criminals try to trick you to gain access to your accounts.
- Remove apps you no longer use and the data for them, both online and on your device. Criminals frequently use data they obtain from apps people have forgotten about and actively use those apps to further compromise your online identity and security.
Recommendation: when you decide to stop using an app or service, check with the vendor on how you can delete all the data they store that is related to you.
- Avoid using public Wi-Fi. Instead, use your mobile device to create a personal Hotspot.
- Back up your data. Creating backups can help you recover important files in the case of data loss due to ransomware (criminals use a virus to encrypt your files), accidental deletion, damage or theft. Frequently test your backups to make sure you can use them when necessary.
Recommendation: Also back up your files to an online backup service. In the event of the loss of both your device and your backup you can get your files back from your online backup. Remember to add two-factor authentication for your online backup.
Tip: Back up your most critical files to a USB drive, verify they are accessible on that drive, and then place that drive in a personal safe similar to how you protect your other important paper documents and personal items.
You’ve made it this far. Great! Thank you for doing your part to be cybersmart! If you would like to read more about online security, and the steps the US government is taking to help protect the nation against online threads, go to https://www.cisa.gov/cybersecurity.
Stay safe online, and have a great October!