If you were to advise a friend on how to avoid getting hacked, what would be the bare minimum they should do to protect their digital life? When I say bare minimum, I mean absolute bare minimum… This was a really hard exercise for me, because I have so much to say. However, I realize people get overwhelmed when security professionals start talking about everything that needs to be done and even then we usually say, it’s not enough. So here are my TOP 5 tips. Share this with your friends and help save a digital identity :)
Turn On Multi-Factor Authentication
If you haven’t enabled multi-factor authentication (MFA) and your account gets hacked, then you can bet cybercriminals will enable it for you! This will prevent you from trying to reset your password to recover your account. And good luck trying to even find the support number for some of the major social media sites like Google and Facebook. Just getting them to help you may take weeks.
So make sure you have it turned on (and verified) and use a strong password. It’s such a small price to pay now versus trying to recover your account later, not to mention the sleepless nights.
In this 1-minute video, we explain what MFA is, why you should care about it, and how to enable it.
I also included direct links to where the MFA settings are for common apps like Amazon, Facebook, LinkedIn, Instagram, Reddit, TikTok, and more. Some people just don’t know where this setting is, so we made it really simple. And whenever possible, use the Authenticator App instead of the Text Messaging option.
You can download this Multi Factor Authentication Cheat Sheet and many others from Here.
Learn About Common Scams and How To Avoid Them
This is where you become Wizer :). But seriously, some of the scams are so deceiving that without educating yourself, you may have no chance in avoiding them. We have so many Real Life Hacking Stories to share with you and how they could have been prevented. Each video is about 1-minute long - short and to the point. And you don’t have to watch all the videos, even though you may end up binge watching them over the weekend :). So where can you find them? Here, on the Wizer Security Awareness Website. You can watch many of the videos without even registering. If you want the business edition, you can sign up for free and start training your team and follow their progress.
Use a Password Manager
You shouldn’t use a weak password or reuse any of them. However, who can remember all these passwords, right? That’s why password managers exist. Not only does it act like a secure vault for your passwords, it also suggests long and complex passwords and auto logs you into websites and apps. So which password manager should you use? To answer that, I posted a question on linkedIn “Which Password Manager would you recommend to a friend?” I summarized all the recommendations and listed the top 6 password managers with the highest votes.
Here are some useful comments:
"For the Enterprise: LastPass or Keeper
For the average person: Bitwarden
For the ultra-nerd: KeePass" - Jorel Van Os, CISM, CEH
con: somewhat ancient UI,
pro: offline/non-cloud" - Marcel Wildenberg CISSP
"I have and do recommend Bitwarden. Open source and works flawlessly. It has sync options that does not store your passwords in the cloud." - Ron Craig
"...Bitwarden is open source, regularly reviewed, and can be locally hosted as well if you don't want to use their cloud. I like them so much, that I even paid the $10 yearly fee to be a premium member." - Terry Sheltra
Update Your Computer and Mobile Devices
You really need to keep both your computer and mobile devices up to date. That means updating to the latest OS version (I don’t mean buy the new iPhone…) and also the applications you downloaded. Luckily this can be automated (most of the time). This is important, because when App creators publish all kinds of fixes, cyber criminals are one of the first to read what they fixed. Why? Because they know many people don’t update their devices and now the cyber criminals now know how to hack the app or OS. That’s why you need to update your devices all the time so you don’t leave open doors to your devices.
If you are using a MacBook, go to “About this Mac'' and click on “Software Update...” it will check for updates and let you know if you need to install them. It’s also important to update your browser. If you are using Chrome, there is an “About Google Chrome” where you can find if you are using the latest version. Finally, do the same on your Mobile device. If you are using an iphone you can go to the App Store, click on your avatar at the top right and then click “update all” to update all apps.
If you are using a Windows OS you can do this by going to Start > Settings > Windows Update > Check for updates.
Back Up Your Digital Life
This one isn’t hard to understand why… if you get hacked and you lose your data, you need a backup so you can recover what was lost. There are many ways to back up data. And no, it doesn’t happen by default. If you haven’t backed it up, it probably isn't backed up. The best way is to have an offline backup. Basically, purchase a portable hard drive and copy and paste your data to that disk once a week or more and then unplug it from your computer. Why? Because if you leave it plugged in, then cyber criminals may delete your backups and encrypt them. That’s why we call it offline. Additionally, you can backup to the cloud, like Google Drive or iCloud. And make sure you backed up all the important files, don’t just assume everything will be backed up. As for mobile devices, you can do the same. Back them up to your external hard drive through your computer. If you are using an iPhone they have an automatic backup to the cloud but you will need to enable this option and it may require a monthly subscription.