What if I told you that you could dramatically improve your online security right now? No technical support. No computer science degree.
It’s not as farfetched as it may seem.
These days, the dangers lurking online are a much more clear and present risk to our personal and financial well-being than ever before. Keeping yourself and your data safe from hackers is becoming more and more difficult, even as a greater share of our lives (and our money) is spent online. Your online security should be a top priority.
Unfortunately, it can seem like a daunting task.
10 Useful Ways You Can Boost Your Online Security Yourself
The most effective ways to improve your online security generally involve helping you get the most out of the tools you already have or adding that one tool you really need, starting with…
1. Use a Password Manager
Anything that can be password protected should be password protected.
You might feel comfortable leaving some of your personal devices or accounts without a password, but you shouldn’t. Any access to your accounts or devices can allow an experienced hacker to completely avoid your online security systems.
Your passwords also have to be effective. They need to be strong and unique. You wouldn’t want the same key that opens your car door to also open your front door and your safe deposit box. You really wouldn’t want that same key to be used by dozens of other people in your neighborhood to do the same thing.
So why do it with your devices and online accounts? Use a password manager like 1Password or Last Pass to keep your passwords organized and to generate unique, complex passwords for new accounts. Password managers can even evaluate the passwords you’re already using.
Taking it a step further: Use Multi-Factored Authentication in your logins, and use passphrases where allowed – they’re considerably more secure.
2. Close Old/Unused Accounts
Your old and unused accounts, the ones you never closed, are a potential treasure trove of personal information, and a major online security vulnerability, if the companies keeping those accounts are hacked. Financial information, purchase histories, private conversations, and old login emails and passwords (that you might currently be using elsewhere) could all be accessed.
Go through your old accounts and remove all of the saved information, particularly payment information. Then close the account permanently.
Follow up. Check the company’s data retention policy, and reach out to them directly to make sure that they don’t keep the data stored from closed accounts in the same place as open accounts. The fewer accounts you have that could be swept up in a cyber attack, the better your overall online security will be.
Taking it a Step Further: Find out if your accounts have been included in any of the massive data dumps by hackers by visiting https://haveibeenpwned.com.
3. Use a VPN
One of the best ways to protect your information online is to only use a secure internet connection.
Public WiFi, or any other wireless network that you or your company do not directly control, is not a secure connection to the internet, and is a threat to your online security.
So only connect to public/unknown WiFi through a Virtual Private Network (or “VPN”). A VPN essentially acts like a tunnel for your data, connecting your computer (or mobile device) with the VPN’s servers, encrypting everything you send and receive. Since the data is encrypted, anyone snooping on the public wifi network would be unable to access your data.
There are many VPN options available, and most are inexpensive and quite easy to use. Among the best available are Private Internet Access (or PIA) (affiliate link), ExpressVPN, and Nord VPN (affiliate link).
Ultimately, anytime you’re using an unsecured internet connection, you should be using a VPN.
Taking it a Step Further: Certain VPNs also have blocking features that limit the ability of websites to track and advertise to you – both of which improve your online security.
4. Disable Bluetooth When Not in Use
Bluetooth connections are amazing and convenient. They also provide hackers with an unprotected way into your devices. On the bright side, most threats exploiting Bluetooth connection systems are dependent on your Bluetooth connection being active.
To improve your online security: turn off your Bluetooth when you’re not using it. Bluetooth attacks rely on the permission process that is the very backbone of Bluetooth. By exploiting that system, hackers can get around many other security features or systems on your device.
So when not in use, your Bluetooth should be turned off. Not in invisible mode or undetectable mode. Literally OFF.
5. Keep Secret Question Info Secret
We share a ton of information online, especially on social media platforms. But providing a public biography of ourselves to our friends and family inadvertently provides a roadmap for hackers to follow. Our social profiles contain tons of information hackers want, from our shopping patterns to potential password ideas.
Among the worst online security vulnerabilities lurking in your social media profiles: answers to your password recovery “secret questions.”
Review your social media profiles and make sure that only those you want to be able to see your information are able to. Although Twitter only has two privacy settings (Yes and No, essentially), Facebook, Instagram, LinkedIn, and most others have more granular settings. However, even with your privacy settings engaged, you should still remove any information that answers or provides clues to any password recovery “secret question” you use.
Unsure what security questions you’ve chosen? Time to reset some passwords, and the security questions while you’re at it!
Taking it a Step Further: To prevent someone from using your own personal information against you, make up responses to the secret questions that are either fake or are actually the answer to a different question.
6. Use a Separate Recovery Email
Among the biggest prizes for a hacker is access to your personal primary email account. Why? Because that’s where almost everyone has password change or recovery emails sent to if they forget.
The hacker wouldn’t even NEED the answers to your security questions!
For most people, their primary personal email address is the only one they actually use. Ut seems like the logical choice to link to when opening new accounts. Problem is, since you use that account so much, it’s pretty easy for anyone to get it if they want. Heck, you give it away to almost anyone you interact with online.
This might seem obvious, but knowing your email account name is the first step in being able to hack it. By creating an email account solely for receiving password recovery emails, and never for other communication, you’ll eliminate a major vulnerability and boost your online security.
Taking it a Step Further: Your password recover email address username should be something other than your name – or anything like it – so it can’t be easily guessed.
7. Review Bank Statements Regularly
Among the best possible news to get after learning that your identity’s been stolen is that you won’t be responsible for what was taken. There really aren’t too many other situations where you get robbed, and as soon as the robber leaves, someone walks up behind you and stuffs cash in your pocket.
For identity theft victims, it may not feel quite that good, but it certainly helps control the panic.
Unless you forget to notify your bank in time.
Guess what – if you have bank statements mailed to you, the law says that banks are allowed to assume that you read them. In most situations, you only have 90 days to notice a problem. After that, the bank has no obligation to help you.
Taking it a Step Further: Look for the small transactions – you may not find outright identity theft, but you might discover you’re being charged small amounts for things you didn’t buy!
8. Secure Your Router
Even if you’re vigilant about using a VPN and limiting your web browsing while on Public WiFi, don’t forget about your wireless router. It will serve as the lynchpin of your online security.
Your home router is the crossroads for all the data into and out of your home. Personal emails, credit card and banking transactions, and all other online interaction that happens while you’re using WiFi.
Routers are also the most frequently exploited device in cyber attacks targeting Internet of Things devices.
So make sure your router is as secure as possible. Turn on automatic updates. Check the administrative dashboard (or mobile app for newer routers) and make sure the firmware is up-to-date. Turn off any plug-and-play features you don’t use. Set up a strong password. If you have a “Guest” login, it needs to have a password as well.
Also, make sure your router is using the latest security protocols available. The newest, WPA 3, is being rolled out now, and may not be available yet on your router. If so, make sure your router is at least using the best available, which is likely WPA2-AES.
Taking it a Step Further: Make your router invisible by turning off the SSID (Service Set Identifier).
9. Don’t Click on Links – Retype Them
By now, we’ve all received a suspicious email asking us to click a link for some reason or another. Those suspicious ones stand out.
The good ones don’t.
Whether the links themselves contain malware or happen to direct you to a page asking for login credentials, clicking the wrong link can be an online security catastrophe. Most organizations and companies that hackers impersonate in these emails have policies in place to never send you links via email.
And yet, on average 4% of people who receive a phishing email will click on it. They believed it was legitimate.
For the sake of your online security, avoid the problem altogether: don’t click on the link.
Open up your web browser, and re-type it. That way, you avoid the possibility that the link you’ve been sent may misdirect you to a very convincing-but-fraudulent site.
Taking it a Step Further: The same is generally true for information over the phone – if you didn’t initiate the call, confirm nothing, provide no information. Instead, hang up and call them back.
10. Don’t Ignore the Obvious
Very few indications that you’ve been hacked are as clear as a ransomware notification. After all, since they’re holding something for ransom, they actually need you to be aware of the hack.
Most other breaches in your online security do not come with a ransom note (or other obvious sign). However, there are often other indicators that something is amiss:
Toolbars in your web browser you never added. A sharp increase in pop-up windows. Your system running considerably slower. Friends and family telling you that they’ve been getting emails or social media friend requests from you at an odd rate. There are a lot of signs that you’ve been hacked.
While it can be easy to ignore many of these signs as a fluke or misunderstanding, you really need to take them seriously.
If something about your system or experience feels off, you should consider, and in some cases assume that your accounts or computer has been compromised. Don’t ignore your instincts. In 2018, nearly 70% of discovered data breaches had been ongoing for at least one month when detected. Failing to act on what were obvious indicators of a hack (in hindsight, at least) was a major reason why.
In The End…
As we spend more and more of our lives online, it only makes sense that we take a more central role in our own online security. That starts with the things we can do ourselves.