Cybersecurity for Laypeople

Long gone are the days of stealing physical copies of personal documents to expose your sensitive information.

Protecting your sensitive data is more important than you may realize, but there are many ways to do it. Follow our simple tips and optimize your cybersecurity to defend yourself against digital threats.

Many things you do daily can put you and your data at risk of exploitation or theft. These activities include social media use, email, file sharing, online shopping, banking, and others. Hackers with malicious intent, also called black hat hackers, constantly look for new ways to access your information that they may attempt to leverage for financial gain, blackmail, or other criminal activity. Therefore, boosting the strength of your personal or business cybersecurity is as important as ever before.

What data is at risk?

Hackers and scammers can use your credit card information to spend your money directly. Unfortunately, those criminals are difficult to catch. Many banks protect their customers from unauthorized purchases on their cards. However, submitting a claim and proving that you are not the one attempting to defraud the bank may become a lengthy and complicated process. Similarly, with a social security number, scammers can open new credit cards or apply for loans in your name. Frankly, it is best to avoid becoming the victim of these crimes to the best of your ability by taking safety measures and constantly staying up-to-date on recommended data protection practices.

Protecting your information from hackers may leave you feeling powerless. There are several ways to protect yourself, your family, or your business from cybercriminals. By the end of this article, you should understand the different types of weaknesses your online activities expose and the steps you can take to combat cybersecurity threats.

Think Twice Before Sharing Information

Think twice before sharing personal information online. Whether you are shopping online, filling out a form, or applying for a program, for example, evaluate whether the information you enter is appropriate for the application you are using it for. For example, when filling out forms, never enter your credit card information. Scammers can persuade you to complete lengthy surveys, falsely promising rewards and coercing their victims into submitting their personal information.

Remember never to share your credit card information or social security number unless you know the recipient. Your cybersecurity can be under fire at all times. Do not assume complete protection when entering personal or sensitive information online.

Additionally, it is recommended not to save personal information on shared devices. If possible, always enter login details without saving them. If your details get saved, the individual who uses that device after you can access your information.

Encrypted Sites Ensure Cybersecurity

Secured websites use encrypted SSL (Secure Sockets Layer) and TSL (Transport Layer Security) connections so that your communication with the server is not interfered with. Without a secured connection, criminals could read or even alter the information being transferred from you to the server or vice versa. Luckily, legitimate sites are all encrypted, which is evident from two clues in your web browser address bar. Firstly, the actual URL or link of the website you are accessing. Secure sites will always start with an “https://,” where the “s” means secure. Secondly, your browser address bar should display a small padlock icon, indicating the site is encrypted.

Although these signs may not appear in every browser, the most commonly used web browsers, including Google Chrome, Mozilla Firefox, Safari, Opera, or Microsoft Edge, notify users when they are about to enter insecure sites. It is a healthy habit to notice security notifications when entering a suspicious website. Browsers and antimalware software, mentioned later, often block these sites but allow you to bypass the security warning recommendation.

Antimalware Protection for File Sharing

Although cloud-based systems nowadays eliminate the need for manually downloading files, we often download files shared by friends, colleagues, or sensitive documents. Files like these can be infected with malware that hackers may use to gain our private data or even take control of our computers or mobile devices.

Viruses are a type of malware that, just like biological pathogens, replicate and spread through as many files and programs as they can. Their purpose is to delete, encrypt, or modify files, and infect as many systems as possible through file-sharing, including removable storage devices and email.

Malicious software may seem daunting at first, but modern antimalware programs have made it very difficult for malware to pass under your radar. If a computer with good protection is infected, a simple scan can prevent further spread at the click of a button.

There are many free and paid antimalware applications for PC and mobile use. Some of the most highly recommended include:

PC/Mac Free

PC/Mac Paid

Mobile

PC/Mac Free

PC/Mac Paid

Mobile

Free antimalware software may be adequate for most home users, but small businesses should look into reliable plans that cover a broad range of applications, including cloud functionality and disk encryption. Premium plans may also include features including preventative backup, spam filters, virtual private networks (VPNs), or password managers.

Password Managers

Cybersecurity resources remind you time and time again of the importance of strong, unique passwords. The recommended length for a typical, strong password is 16 characters, including upper- and lower-case letters, numbers, and special characters. The recommended password length for important administrator accounts is 25 characters. It would be impossible to remember every unique password we use. Luckily, password managers offer a simple, safe solution. Services like these allow us to create a master password that functions as the key to a vault of passwords for every site you visit. They remind you to update your login details and notify you when your data is at risk. Some password managers even notify you of data breaches that could put your other accounts at risk.

Password managers are very easy to use. You can use them as desktop software, plugins for your web browsers, or mobile apps for smartphone use. They store all of your account data securely and help you quickly generate unique, strong passwords to maintain your privacy. Similarly to antimalware, password managers include free and paid features. Free versions offer password storage, protection, and creation features. Paid versions can offer file storage, sharing, and parental controls, among others. Some of the top-rated password managers today include:

Free

Paid

Free

Paid

Sharing Computers

As mentioned earlier, attackers can sometimes intercept the connection between you and a server when sites are not encrypted. However, there are some exploitation techniques that hijackers can use to remove the encryption from a site, exposing your valuable, personal information. Although most sites are now encrypted and these cybersecurity attacks are unlikely, be cautious and avoid unfamiliar Wi-Fi networks.

Connecting to a public computer presents a much higher risk. These computers, such as those at public libraries or schools, can become data traps. Hackers set up malware and simply wait for a victim to access it. Users often forget to delete their browsing history and private files, or log out of their accounts after using the computer. Saving login information to individual accounts can be extremely risky, as certain websites allow seeing saved passwords, putting all of the users’ accounts at risk. Especially so when the user uses the same passwords on multiple accounts.

Be Anonymous with VPNs

Virtual Private Networks, or VPNs, provide an extra layer of protection for cautious users. They work by creating a separate connection between your device and the network they are connected to, rerouting the connection through a server in a different location. In essence, they camouflage your network address (IP) and substitute it with another. VPNs shield your activity from spies and even your internet service providers, as your internet activity is concealed.

VPNs allow you to change your IP address, making it appear as if you were in a different part of the world. Their encryption often surpasses that of websites with weak cybersecurity and provides many other benefits. For example, such a benefit is bypassing content locked to specific geographies (geo-blocking). While this works for simple tasks such as watching your favorite foreign YouTube videos, it can also be used to get better offers based on geography.

Similarly to antimalware and password managers, VPNs come in free and paid versions. In reality, the core functionality remains the same. However, paid VPN services allow you to choose specific servers around the world based on geography and connection speed. Connection speed is a key factor in choosing a VPN server since rerouting your connection through a server halfway across the world increases server round-trip time. Below are some of our recommended free and paid VPNs:

Free

Paid

Free

Paid

Use Two-Factor Authentication

Two-factor authentication, or 2FA, is one of the last steps you can take to prevent unwanted access to your accounts. You can enable it on most sites containing personal information and add it for a strong layer of protection. When logging in, after entering your password, two-factor authentication prompts you to complete a secondary task to access your account. How this is done can vary. Still, the most common methods include PIN entry, single-use codes received by email, text, or an automated phone call at your default address/phone number, or through pattern locks and biometric authentication on mobile devices.

Anytime there is a login on an unrecognized device, two-factor authentication will get a notification that someone has tried to access your account. For instance, if you or someone else attempting to log into your account enters a password incorrectly or the second authentication test is not passed, you will receive an alert. With this in mind, your account can be temporarily locked to prevent consecutive attacks or additional cybersecurity threats.

Adjust Your Social Media Privacy Settings

As you become more and more comfortable with social media, it becomes easier to lose track of what content you share publicly and privately. Each post allows for individual privacy options to change post visibility to specific groups or the public. Some social media, including Facebook and Pinterest, allow users to change the visibility of content after it is posted, but some, namely Twitter, do not allow changing post privacy.

Deleting a post is always an option, but it is best to follow two simple rules before posting anything online:

1

Think about your intended audience before sharing something.

2

Whatever you put on the internet, stays on the internet.