Security & Safety Resource Center

The cloud — due to being a centralized repository of sensitive information — is a common target for cybercriminals. By conducting regular audits of cloud permissions, you best safeguard yourself and your data from potential breaches. When assigning permissions, consider the principle of the least privilege, granting users and systems only the minimum access they need to perform their tasks effectively.

Here’s how regular cloud permission audits can safeguard your data:

1. Least privilege principle: Grant users and systems only the minimum permissions they need to perform their tasks effectively. This reduces the attack surface and minimizes potential damage in case of a breach.
2. Identify and revoke unnecessary permissions: Regularly review permissions and revoke any that are no longer needed. This helps prevent unauthorized access and potential data leaks.
3. Monitor user activity: Keep an eye on user activity logs to detect any anomalies or suspicious behavior. This proactive approach can help identify and stop unauthorized access in its tracks.
4. Implement multi-factor authentication (MFA): Add an extra layer of security by requiring MFA for all cloud access. This makes it much harder for unauthorized individuals to gain access, even if they have a user’s password.
5. Conduct regular training and awareness sessions: Educate employees on cloud security practices and the importance of proper permission management. This helps prevent accidental data exposure and reduces the risk of human error.

Phishing is a type of cyberattack where criminals try to trick you into revealing personal information or clicking on malicious links. Phishing emails often look like they’re from a legitimate company, such as your bank or credit card company. But they’re actually designed to steal your information or infect your device with malware.

Here are some tips for avoiding being a phishing victim:

• Be suspicious of unsolicited phone calls or emails. If you don’t know the sender, don’t open the email or answer the call.
• Don’t click on links in emails or text messages from unknown senders.
• Hover over links to see the actual URL before clicking on them.
• If you’re unsure whether an email is legitimate, contact the company directly using contact information from a previous statement or the company’s website.
• Don’t enter personal information on websites that are not secure. Look for the “https://” in the URL bar and a padlock icon.
• Keep your software up to date, including your operating system, web browser, and security software.

If you think you may have fallen victim to a phishing attack, change your passwords immediately and contact your bank or credit card company to monitor your accounts for suspicious activity.

Given their importance and propensity to cyberthreats, take stock of your financial apps by conducting regular audits. Specifically, review permissions and access, keep all software up-to-date, encrypt all data, be on the lookout for suspicious activity, ensure a backup is in place and test account recovery.

Here’s a checklist for a comprehensive financial app security audit:

1. Review permissions and access: Check which permissions your financial apps have and revoke any unnecessary ones. Limit access to trusted devices and remove outdated authorizations.
2. Keep software up-to-date: Ensure your financial apps and operating system are running the latest versions to fix security vulnerabilities.
3. Encrypt all data: Enable encryption features whenever available to protect your sensitive information from unauthorized access.
4. Watch out for suspicious activity: Stay alert for unusual transactions, notifications, or requests for personal information. Report any discrepancies immediately.
5. Backup your data: Regularly back up your financial data to ensure you have a restore point in case of a cyber incident or device failure.
6. Test account recovery: Verify that you can access your financial accounts if you lose your password or device.

By conducting regular security audits of your financial apps, you can significantly reduce your risk of falling victim to cyberattacks and safeguard your hard-earned money. Remember, vigilance is key in today’s digital world.

Software updates are essential for keeping your devices and networks secure. They fix bugs and patch security vulnerabilities that cybercriminals can exploit.

Most apps on Android and iOS are set to update automatically by default. You can also schedule big installations, like OS updates, in advance. This is better and safer than having to apply updates manually.

Here are some tips for setting important apps and updates to install automatically:

• Check your app settings to make sure that automatic updates are enabled.
• Schedule OS updates to install at a time when you won’t need to use your device.
• Use a third-party app updater to manage updates for all of your apps in one place.

By following these tips, you can help to keep your devices and networks secure by ensuring that important apps and updates are installed automatically.

Biometric authentication is considered one of the most secure and convenient methods of user authentication for sensitive applications. This technology leverages fingerprint recognition, facial recognition, iris scanning, voice recognition and — in certain cases — behavioral biometrics to facilitate streamlined, secure access.  This approach eliminates the need for memorizing and managing complex passwords, making it easier and less stressful to access your important applications.

Here’s how biometric authentication works:

• Unique identifiers: Your unique physical features serve as your password, making it nearly impossible to replicate or steal.
• Streamlined access: Simply use your fingerprint, scan your face, or speak a command to gain access to your protected apps.
• Enhanced security: Biometric authentication is significantly harder to bypass than traditional password-based methods.

By utilizing biometric authentication for sensitive apps, you can significantly enhance the security of your data and personal information. It’s like having a built-in security system that only recognizes you, the authorized user.

So, ditch the passwords and embrace the convenience and security of biometric authentication. Let your unique physical features be the key to protecting your sensitive digital world.

Passwords prevent unauthorized access to wireless networks. If you see a public Wi-Fi network without a password, don’t join it unless you have no other choice and have a VPN to encrypt your connection.

Public Wi-Fi networks can be dangerous. Cybercriminals can use them to steal your data or infect your device with malware. If you must use a public Wi-Fi network, take steps to protect yourself:

• Use a VPN to encrypt your traffic.
• Avoid entering sensitive information, such as credit card numbers or passwords.
• Be careful about what websites you visit and what apps you use.
• Keep your software up to date.

Here are some tips for finding a safe Wi-Fi network:

• Look for networks that require a password to join.
• Ask the business or organization that owns the network if it is safe.
• Use a Wi-Fi analyzer app to scan for networks and identify any potential risks.

By following these tips, you can help protect yourself when using public Wi-Fi networks.

Firewall protection works by either blocking or permitting network traffic — also referred to as network packets and data packets — based on a set of predefined security rules. Its primary purpose is to act as a barrier between your computer and potential threats. By enabling firewall protection, you establish an additional line of defense for your device and network.

Here’s how firewall protection works:

• Traffic filtering: It examines incoming and outgoing data packets, deciding whether to allow or block them based on security rules.
• Threat detection: It can detect and block malicious traffic, such as attempts to hack into your system or steal your personal information.
• Protection against unauthorized access: It prevents unauthorized devices or programs from accessing your computer or network.

Why is firewall protection important?

• It protects your data from cyberattacks: Cybercriminals constantly look for ways to breach your defenses and steal your data. A firewall can help block these attacks and keep your data safe.
• It prevents malware infections: Malware can infect your device through various means, including email attachments, infected websites, and malicious software downloads. A firewall can help block malware from entering your system.
• It protects your privacy: Cybercriminals can use your personal information for identity theft or other fraudulent activities. A firewall can help protect your privacy by preventing unauthorized access to your data.

How to enable firewall protection:

• Most operating systems come with built-in firewalls. Check your system’s settings to enable it.
• You can also install third-party firewalls for added protection. These firewalls may offer more advanced features and customization options.

Additional tips for firewall protection:

• Keep your firewall software up to date: Regular updates ensure that your firewall has the latest security patches to protect against new threats.
• Configure your firewall settings carefully: Make sure that your firewall allows legitimate traffic while blocking unauthorized access.
• Use a VPN when connecting to public Wi-Fi: A VPN encrypts your traffic, making it more difficult for cybercriminals to intercept your data.

By enabling firewall protection and following these tips, you can significantly enhance your cybersecurity posture and safeguard your data from potential threats.

In the instance of your sensitive information becoming breached, a well-structured disaster recovery plan is necessary to mitigate potential damages. While the plan will differ depending on the nature of the breach, you generally want to consider a risk assessment, backup restoration and legal and compliance matters.

The specific plan will vary depending on the nature of the breach, but you should generally consider the following:

• Risk assessment: Identify the potential risks to your sensitive information and assess the likelihood and impact of each risk.
• Backup restoration: Establish a process for restoring your data from backups quickly and efficiently.
• Legal and compliance: Consider the legal and compliance obligations that apply to your organization in the event of a data breach.

Here are some tips for creating a disaster recovery plan:

• Involve all relevant stakeholders in the planning process, including IT, legal, and compliance teams.
• Test your plan regularly to ensure that it is effective.
• Update your plan as needed to reflect changes in your organization or the threat landscape.

By having a disaster recovery plan in place, you can be better prepared to respond to a data breach and protect your sensitive information.

While there’s no one-size-fits-all for how long it should take for your phone to lock following inactivity, generally, the earlier, the better — though, not at the complete expense of convenience. Consider setting an automatic inactivity lock on your smartphone after approximately five minutes or fewer, depending on preference. This, in turn, will help improve the security of your device and protect your personal information from unauthorized access.

There’s a difference between passwords and passphrases: Passwords are typically shorter and combine letters, numbers and symbols, while passphrases are longer phrases or sentences. Opting for a passphrase may be a more secure choice for your WiFi network relative to traditional passwords, offering an additional layer of security.

Oftentimes, cybercriminals gain access through in-house negligence — hence, awareness is key. Teach those who hold sensitive information to recognize suspicious links, the role of strong password measures and regular software updates, among other relevant factors. Notably, a strong defense starts with educated vigilance.

Here are some tips for educating your family or team on cybersecurity:

• Explain the different types of cyberattacks and how they can affect them.
• Teach them how to recognize suspicious emails, links, and attachments.
• Help them create strong passwords and enable two-factor authentication on all of their accounts.
• Explain the importance of keeping their software up to date.
• Talk to them about the risks of using public Wi-Fi and public charging stations.
• Encourage them to report any suspicious activity to you immediately.

By educating your family and team on cybersecurity, you can help to protect them from cyberattacks.

Cybersecurity threats have evolved, and people often talk about using password managers and cloud backups to stay safe online. But antivirus (AV) software is still important, especially for PCs and Macs. AV software scans for known threats and quarantines them to protect your data and privacy.

Here are some tips for using antivirus software effectively:

• Install AV software from a reputable provider.
• Keep your AV software up to date.
• Run regular antivirus scans.
• Enable real-time protection.
• Be careful about what you download and open.

By following these tips, you can help protect your computer from viruses and other malware.

The main objective of email filtering is a reduction in phishing risk. By analyzing sender information, content and attachments, these filters identify suspicious emails and arrange them into categories relative to their nature. You can set up email filtering rules either by using the built-in features of your email provider or by utilizing a dedicated third-party email filtering software.

If you use Apple, you can access app permissions in the Settings app under “Privacy.” For Android, this can typically be found in the “Apps” or “Application Manager” section of the Settings app. Revoke unnecessary permissions for apps that don’t require them, limiting their access to your personal information. Notably, be particularly mindful of granting access to sensitive data, such as location, contacts and camera.

Encrypted containers refer to virtual vaults that protect your data with strong encryption algorithms. Here are a handful of steps to consider when using encrypted containers:

• Choose a reliable encryption tool: Popular choices include VeraCrypt, Bitlocker, FileVault and LUKS, among others.

• Create strong passwords and passphrases: Avoid easily guessed passwords and consider using a password manager to generate and store complex credentials.

• Backup encryption keys: Passwords can easily be lost or forgotten — ensure that you have a backup in place or recovery methods laid out.

File sharing is the practice of distributing digital files with others. It can be done in a variety of ways, including:

• Using removable media, such as USB drives or CDs
• Uploading files to a cloud storage service and sharing the link
• Using a peer-to-peer network, which allows users to share files directly with each other

File sharing is a popular way to share music, movies, photos, and other types of files with friends and family. It can also be used to share work documents or educational materials with colleagues or classmates.

Here are some tips for file sharing safely:

• Be careful about what files you share. Only share files that you are sure are safe and that you have the right to share.
• Be aware of the copyright laws in your country. It is illegal to share copyrighted material without permission from the copyright holder.
• Use a secure file sharing method. If you are using a cloud storage service, make sure that it uses encryption to protect your data. If you are using a peer-to-peer network, use a reputable network and be careful about which files you download.
• Be aware of the risks of file sharing. File sharing can be used to spread malware. It can also be used to track your online activity.

By following these tips, you can help to protect yourself and your data when file sharing.

Given the increasing prevalence of remote work, balancing remote desktop convenience with security ensures its ongoing efficiency and risk mitigation. Prioritize strong authentication, encrypted connection and limiting access to trusted sources only. Furthermore, regularly update software, monitor logs and implement access controls to enhance the security of your remote desktop access.

To best secure your IoT devices, consider the following: change default passwords, update firmware regularly and isolate them on a separate network. Furthermore, disable unnecessary features, audit device access and, as always, use strong WiFi passwords. And to take extra precautions, here are steps that you can take:

• Divide your home network into separate segments, creating a dedicated network for your IoT devices.

• Use virtual LANs to segregate your IoT devices further if your router supports it.

• Regularly monitor network traffic and keep an eye out for patterns.

Set up intrusion detection systems (IDS) that can alert you to potential threats or unusual behaviors on your network.

HTTPS is the secure version of HTTP, the protocol used to transfer data between web browsers and servers. How do you know if a site is protected by HTTPS? Look in the URL bar. It should start with “https://”. Depending on the browser and site, it might also show a padlock icon or a green block with the certificate holder’s name.

Here are some tips for spotting HTTPS indicators:

• Check the URL bar. If it starts with “https://”, the site is using HTTPS.
• Look for a padlock icon in the URL bar. This means that the site is using a valid SSL certificate.
• Look for a green block in the URL bar. This shows the name of the certificate holder and confirms that the site is using HTTPS.

If you don’t see any of these indicators, the site is not using HTTPS. It’s best to avoid entering sensitive information on such sites, as it could be intercepted by cybercriminals.

By following these tips, you can help protect your data and privacy when browsing the web.

Public WiFi, while convenient, can be a hub for cyberattacks. To mitigate this, consider using a VPN to ensure your data is protected. VPNs work by routing your internet traffic through a secure server, encrypting the data in transit — making it virtually impossible for cybercriminals or eavesdroppers to intercept your online activities.

Here are some tips for using a VPN on public Wi-Fi:

• Choose a reputable VPN provider.
• Make sure your VPN uses strong encryption.
• Connect to a VPN server before you start browsing or using any apps.
• Keep your VPN software up to date.

By following these tips, you can help protect your data and privacy when using public Wi-Fi.

Running out of battery on the go can be inconvenient, but it can also be dangerous. If you need your phone for GPS or to communicate your whereabouts, a dead battery can leave you stranded.

A portable, rechargeable battery pack can help you stay charged and safe. It also reduces the need to use public charging ports, which can be risky. Cybercriminals can use public charging ports to steal your data or infect your device with malware.

Here are some tips for using a portable charger safely:

• Choose a charger with a high capacity. This will ensure that you can charge your devices multiple times.
• Make sure the charger has safety features, such as overcharge protection.
• Keep the charger clean and dry.
• Don’t leave the charger unattended while it’s in use.

By following these tips, you can use a portable charger to stay safe and connected on the go.

Particularly concerning sensitive accounts, such as your email, online banking and cloud storage, regular reviews and the updating of authorized devices thereof act as a defense against potential security threats. If you identify a new device that you either don’t recognize or no longer use, remove it immediately and file a report if necessary.

Here are some tips for managing your list of authorized devices:

• Make a list of all the devices you use to access your sensitive accounts.
• Regularly review the list and remove any devices that you no longer use.
• If you see a device that you don’t recognize, remove it immediately and contact the account provider to report it.
• Enable two-factor authentication on all of your sensitive accounts. Two-factor authentication adds an extra layer of security by requiring you to enter a code from your phone in addition to your password when logging in.

By following these tips, you can help to protect your sensitive accounts from unauthorized access.

Airports, buses, and other places may have public USB ports you can use to charge your devices. But it’s best to avoid them unless you really need to recharge. Public charging ports could be used to spy on you or infect your device with malware.

Here are some tips for staying safe when charging your devices in public places:

• Only use charging stations that are operated by trusted companies.
• Avoid using charging stations that are in secluded areas.
• If you must use a public charging station, use your own charging cable.
• Be aware of your surroundings while your device is charging.
• Avoid using sensitive apps such as online banking or email while your device is charging.

By following these tips, you can help to protect yourself from the risks associated with using public charging stations.

Webcams are a common target for those who seek to invade your privacy. To best safeguard yourself, webcam covers are an affordable, easily implementable safety measure that prevents cybercriminals from gaining unauthorized vision. Alternatively, disabling your webcam while it’s not in use serves a similar purpose, ensuring that no one can access your camera without consent.

By conducting regular audits on each of your social media accounts, look to review privacy settings, update passwords, ensure two-factor authentication is functioning properly and remove any suspicious connections.

As cybercriminals commonly leverage public social media information, these routine checks strengthen your digital security and protect your personal information from potential breaches and attacks.

Such policies and/or guidelines may include the following:

• Password complexity necessitates the use of strong, ideally randomized passwords.

• Password rotation, whereby users change their passwords on a thrice-monthly basis.

• Multi-factor authentication on all devices, ensuring multi-level protection in the instance of a cybercriminal gaining unauthorized access — this can further be expanded to biometric authentication for additional security.

• Remote wiping, whereby users can remotely dispose of data if a device has been lost or stolen.

• Access control, particularly concerning sensitive information.

You may also like to consider implementing an incident response plan, outlining what to do in the case of a security breach or device theft — working to reduce risk by ensuring that everyone is on the same page.

When you log in to a public computer, such as one at a library, kiosk, or other public place, your activities could be monitored. This is because public computers are often shared by many people, and anyone with access to the computer could potentially view your browsing history, search queries, and login credentials.

To protect your privacy and security, it’s important to log out completely after you’re finished using a public computer. This means closing all of your open windows and browsers, and then clicking on the “log out” button. If you’re not sure how to log out, ask a staff member for assistance.

Here are some additional tips for protecting your privacy and security when using public computers:

• Be careful about what information you enter into websites. Avoid entering sensitive information such as your credit card number, Social Security number, or online banking password.
• Be aware of phishing scams. Phishing scams are attempts to trick people into revealing their personal information. If you receive an email or see a website that asks for your personal information, be suspicious and don’t enter it.
• Use a strong password manager. A password manager can help you to create and manage strong, unique passwords for all of your online accounts.

By following these tips, you can help to protect your privacy and security when using public computers.

Leveraging a hardware security key for 2FA adds an additional layer of security, making it considerably more difficult for cybercriminals to gain access — even if they have your password. Specifically, such measures facilitate strong authentication, protection from phishing, offline protection and a streamlined authentication process, among other benefits.

A separate commerce email address may serve you in the following ways:

• Organizational clarity: Having a designated email address for subscriptions can help you keep your inbox clutter-free.

• Privacy protection: Subscription services often sell customer data, leading to an increase in spam emails and potential phishing risk.

• Enhanced security: Should your separate email address be compromised, it minimizes the risk of your primary email — which likely contains sensitive information — being collaterally exposed.

Beyond benefiting your mental well-being, digital detoxes also help to decrease your digital footprint, and in turn, reduce your susceptibility to cyberthreats. While cybersecurity goes beyond logging off, a detox can serve as a simple, easily-implementable first step toward fortifying your online security.