Top Cyber Security Quick Guides

Short and simple. Just how we like it. Our Quick Guides are now available in one location. Read the guides from your browser or download them at your convenience.
Guides are always being added so be sure to check back often!
Smart Home Guide-1
 

Quick Guides

blocks

Click on each item to jump to the section!

 
 

1. Security Awareness Implementation Guide

Download Guide (PDF)

It All Starts With Onboarding…

It’s crucial to instill the importance of security from the very beginning. New hires are often targeted by cyber criminals because they don’t know many co-workers and are more likely to follow direction from someone who pretends to be an executive.

What's in It for Me?

People are more accepting of learning when it’s personal. So, make training personal and teach them how to protect themselves at home, they will soon apply the same behavior at the workplace.

Stay Away From Just Ticking the Compliance Box

If they don't understand the importance of security, they won't take it seriously. And don’t make it a once a year thing, it should be a continuous effort all year long.

Get the Boss (Or Leadership) to Buy-In

Show how security training aligns with organizational goals and specific targets. Remind them that they have a huge target on their back. 

How to Convince Your Boss to Invest in Security Awareness

Getting the Employee to Buy-In

Establish a supportive presence by creating a circle of influencers that will act as ambassadors of the training program

Your Ambassador Program

Don't Judge People When They Make Mistakes

Create an open culture where everyone can ask questions without fear. Whenever mistakes happen, use them as teachable moments and not to cast judgement.

Take a look at our Geek to English Dictionary

Engage and Follow Up

Training is not “set and forget”. Ask employees for feedback and be open to constructive criticism.

Keep it Simple and Real

Don’t assume employees have a technical background, so use simple terms and real life examples they can relate with. And don’t make it childish, adults don’t appreciate content appearing like it was taken from a kids TV show like “Dora the Explorer”.

Face-to-Face is Still a Thing

Training in a classroom is still a thing and very effective. This is usually more expensive, however if you have the budget then don’t rely only on automation, do offline training once a year in addition to your online training.

Make it Easy to Consume

Employees think like consumers, you don’t want them to disengage, so make training frictionless. For example, it should be accessible through their phones with a single click.

Tap Into Existing Resources

Collaborate with HR or the marketing team to create unique content and embed it into existing communication channels. For example, create posters and hang them in the coffee area, write a blog post, or publish a newsletter.

Avoid Surprises

Many people don’t like being surprised at work. So, if you are planning on running a phishing simulation for example, let people know in advance and explain the goal. It may keep them on their toes as they look at every email as suspect.

Get Your Message Across Fast

People are busy, so be short and to the point. Find a balance between continuous awareness training without overwhelming or boring your team.

 
Building SA

How to Implement a Security Awareness Program

Visit our one stop resource page with all of the tools you need to build a successful security awareness program.

Take Me There!
 
 

2. Work From Home Cyber Security Employee Guide

Download Guide (PDF)

Mindset

Find a Place and Make it Your Office

Do not share it with others while you are working.

Don't Leave Confidential Information Laying Around

Lock your work device when you are not next to it!

Don't Email Your Printer

Don't email documents to your home printer or to your personal email just to make it easy to print.

Don't Use WhatsApp, Facebook, LinkedIn, or any Other Personal App to Communicate

Only use the tools approved by your organization

Always Call and Verify

Your colleagues are not sitting next to you anymore so call them and verify any request to share confidential data or transfer funds even if they sent it from their email.

Alexa: I'm Listening...

Don't have work sensitive conversations near IOT devices like Siri, Alexa, or Google Home in case they're listening.

Do Not Share Devices or Passwords

Devices are not to be shared with other family members and they must have a unique password and a lock screen timeout. 

You are NOT Technical Support

Don't try to resolve technical issues yourself. That could lead to even greater risk. Instead, call your helpdesk.

Don't Let the Browser Remember Your Passwords

If you save passwords to your browser, stop immediately. Use long and complex pass-phrases and don't reuse them.

Technology

Some of the next steps are technical so ask your IT team for assistance. Don't try to do it yourself, that could lead to even greater risk.

Don't Use a Personal Computer for Work

If your company provided you with a dedicated computer or a virtual desktop, use it only for work.

A Wired Network is Better

If possible, connect your work computer to a wired network instead of WiFi.

Using WiFi? Secure It!

If you are using WiFi, it needs to be encrypted using WPA2 or WPA3 and your WiFi name should be hidden.

Separate Your Work Computer From All Other Devices

Create a guest network to separate your work computer from all other devices.

Use a VPN that Your Organization has Provided or Approved

Always Use Multi Factor Authentication to Log In

Use on all Apps, Computers, and Network Devices.

Apply the Latest Security Patches and Enable Automatic Updates

Windows 7/XP? Time to Upgrade!

If you are using an outdated system like Windows 7 or XP, ask your IT team to help you upgrade.

Antivirus, Firewall, Encryption

Make sure you have antivirus installed, your built-in firewall is enabled, and sensitive files are encrypted.

Backup

Consult with your IT team on how and where to back up your data.

firewall card

Want a Plain English Version of Tech Speak?

Visit our Geek to English Wizernary for simple and funny definitions.

Take Me There!
 
Work From Home Security Guide

Work From Home Safely

Take a look at videos, downloads, and tips on how to work from home safely!

Take Me There!
 
 

3. How to Protect My Zoom Meeting

Download Guide (PDF)

Enable Waiting Rooms

Control who can join the meeting. Users wait in a virtual waiting room until you approve them.

zoom1

Require a Password When Joining by Phone

This option is off by default...so turn it ON!
zoom2

Do Not Use a Personal Meeting ID

zoom3

Lock the Meeting When Everybody is in

zoom4

Enable Virtual Background

zoom5

A Few More Recommendations

  • Always require a password
  • Disable file transfer
  • Mute participants upon entry
  • Screen sharing - host only
  • Require a password for Personal Meeting ID (PMI)

 
 

4. How to Protect My Smart Home From Getting Hacked

Download Guide (PDF)

Change the Default Pin Code

If you have a Smart TV or Device, the default PIN code is probably 0000 or something similar. Change it!


Keep Smart Devices on a Separate WiFi Network

Setup a WiFi network just for your Smart Devices, so in case your TV was hacked they can’t connect to your computer.


Disable Streaming Services You are Not Using

If you are using Fire TV or other streaming solutions, then turn off Wifi on your TV because you won’t be using it.

Make Sure All Your Devices are Updated Regularly

If automatic updates are available for software, hardware, and operating systems, turn them on.

Don't Reuse the Same Password on all Devices

Choose a complex password for each device and make it unique.
 

Turn On Two-Factor Authentication

A code will be sent to your phone whenever anyone attempts to log in.

Don't Place Smart Devices with Cameras in Bedrooms

Or anywhere you feel uncomfortable in case they get hacked.

 
2fa card

Want a Plain English Version of Tech Speak?

Visit our Geek to English Wizernary for simple and funny definitions.

Take Me There!
 
 

5. How to Protect My Kids Online

Download Guide (PDF)

Do Not Sign Up for Free Premium Accounts, Game Tokens, Skins, or Weapons

This is phishing! Hackers will capture your password, steal the account, or your identity.

Beware of Fake Social Media Accounts

Hackers can create fake social media accounts with the same name and thumbnail of your favorite YouTuber...

If It Sounds Too Good to be True, Then it Probably Is

Hackers often use ads that promote huge discounts. These are scams. 

Enable Multi-Factor Authentication Wherever Possible

This prevents hackers from accessing your account remotely even if they know your password.

Do Not Reuse the Same Password for All Accounts

If you're using the same password for different websites, then all of your accounts are at risk. 

Use Strong Passwords

Use a phrase as your password, the longer, the better.

Sexting is Illegal Including Sending or Keeping Pictures

These nude photos are considered child pornography, whether they include a face or not!
 
Kids-Teens Safety-2

The Best Cyber Security Resource for Families

What are your kids doing online? Get the answer to this question along with downloads, videos, and guides to help keep you and your family safe online!

Take Me There!
 
 

6. How to Protect My Old Folks From Being Scammed

Download Guide (PDF)

What? Who is This?

No matter what, if you can an unexpected phone call, never give up any personal information. Hang up the phone and do some research and call the official phone number to inquire.
 

So, You are Saying it is Urgent...

There is no time bomb ticking! If your bank is calling you, they won't pressure you to do anything. Whatever it is, it can wait until you do some research and verify the authenticity of the request.
 

If it is Too Good Too be True, Then it Probably is!

If you think you stumbled across an amazing deal online, remember if it is too good to be true, it probably is. Don't click on the link, signup, purchase, or share personal information.
 

Yes, We Accept Gift Cards

Gift cards cannot be used to pay court fines, taxes, or medicine. Government entities "never" call people and demand payment.
 

6 Common Scams

1. Warning! Your Computer is Infected.

If any antivirus popup shows up urging you to call Microsoft, it's a scam! Don't click on any link or call any number. Just close the browser.
 

2. Billy, Is That You?

If your grandchild or any other family member calls and asks you to wire money immediately because they are in trouble, it's probably a scam!
 

3. Look Out For Your New Medicare Card!

No official organization will call you and ask for your Medicare/Medicaid ID or any personal information.
 

4. The Miracle Cure!

Be wary of phone calls or ads that promise advanced cures, anti-cancer products, physical condition enhancements, etc. Always consult with your physician and only purchase from official stores.
 

5. Congratulations! You Are a Winner!

The catch is, in order to receive your prize, you will need to send money for taxes, shipping, or processing fees.
 

6. Knock, Knock! Who's There?

Don't do business with anyone that just shows up at your door and never pay in advance. Always wait until all the work is complete.
 
 
 

7. How to Spot Scam Ads

Download Guide (PDF)

Before We Start, Here Is What People Are Saying...

  • I bought Nike trainers and they never arrived...
  • I bought a shed for $139 and never received it. It was a scam on Facebook...
  • I was scammed twice. Unfortunately, I bought on the same day, a flashlight and weights. PayPal sucks, no help...
  • I was suckered twice. No more!! I will never buy anything off a Facebook ad again, ever!
  • I also fell for two FB ad scams. One was for a small belt sander for $39.95.
  • Facebook is driving me nuts with all the scam duplicate selling sites.

Top 10 Tips to Avoid Scams

1 .Don't blindly trust slick video content or pictures, many are simply taken from the original sites.

2. If the advertised price looks too good to be true, it probably is.
3. Don't buy from Facebook pages or websites you've never heard of before. That's like buying from a random person on the street.
4. Google the exact wording in the ad. Many scams can be found this way.
5. Google the product or the website name along with the phrase "scam."
6. Don't trust an ad just because it appears on a reputable site. Scammers post fake ads everywhere!
7. If you are constantly served the same ad, and the price is dropping, it's probably a scam.
8. If most of the reviews are within several days, then they are probably fake.
9. Look out for domains with extensions like ".site" or ".shop." Scammers prefer them because they are cheaper than ".com."
10. Watch out for ads that show popular products from crowdfunding sites such as Kickstarter, it's a common scam.
 
 

8. What is Cyber Insurance and How to Find a Good Company

Download Guide (PDF)

It's Not Instead Of...

Cyber Insurance is the last resort if all your other defenses fail you.
 

What Will They Pay For?

The provider will pay for data breach recovery including business interruption costs, data loss, your reputation, and much more.
 

Anything Else?

A good provider will include pre and post breach services like risk assessments, penetration testing, monitoring, employee security awareness training, forensic services following a breach, and much more.
 

So How Do You Find a Good Insurance Company?

  • Look at how many claims they have paid out.
  • Talk to friends and colleagues and find a broker.
  • Review their before and after breach services.
  • The details of the coverage and policy should be easy to read.
  • Cyber Insurance should always be purchased as a standalone service and within your own country.
 
Job Scam

Powerful Cyber Insurance Webinar On Demand

Experts discuss the details of Cyber Insurance. Answers to what it is, why you need it, what it covers, and how to find a good cyber insurance company can be found below!

Watch the Webinar On Demand
 
 

9. Small Business Cyber Security Checklist

Download Guide (PDF)

Backups are Extremely Important and are a Must Have

This is especially important in the case an attacker uses malware to lock you out of your computers.
 

Limit Access to the Internet as Much as Possible

For example, do not allow employees to browse the web from your POS terminal.
 

Educate Your Employees About Cyber Threats

If employees are not trained, then the risk they will get infected increases dramatically.
 

Lock Down Your Computers

Make sure employees have limited permission. For example, they should not have permissions to install apps.
 

Get a Firewall and Configure it Properly

This will limit who can access your business from the outside and will control how data exits your business.
 

Know What Apps and Computers are Installed and Ensure They are Updated and Patched

Unpatched computers and apps are open doors for cyber criminals.
 

Set Up Complex Password Policies

Make sure employees use complex passwords and do not access computers with admin accounts or share passwords.
 

Have Clear Termination Policies

Make sure terminated employees don't have access to business systems and emails anymore.
 

Check for Vulnerabilities That May Allow Attackers In

Attackers are also using vulnerability scanning on your network to try to get in, so you better be ahead of them.
 

Install Antivirus on All Computers and Devices

This will stop known viruses from infecting your network.
 

Set Up an Email Security Gateway

This will check incoming emails for viruses, malware, spam, and other types of attacks before the email arrives to your inbox.
 

Set Up a Virtual Private Network (VPN)

This will ensure that if anyone connects to your network, they will not be able to see the data you are sending over the network.
 

Don't Do It Yourself

  • Hire someone.

  • Not every business is the same, so identify any risks that can cause harm to your business.

  • Have a plan for what to do if your business does get hacked.
 
 

10. New Employee Cyber Security Do's and Don'ts 

Download Guide (PDF)

Don't Take a Selfie With Your Badge Showing and Post it on Instagram

Cyber Criminals can clone your badge, change the photo, and pretend to be you.
 

Don't Post a Video Blog of a Day at the Company

That's like allowing criminals inside the company walls. The office space is full of confidential information.
 

Don't Share Your Password With Anyone

Even with the IT Department. Only you should know your password.
 

No One Will Ask You to Buy Gift Cards

That's a common scam. There is no special celebration that requires you to secretly get gift cards for everyone...
 

Be Aware of Scam Emails

Because you still don't know many people, you are more likely to follow direction from someone who pretends to be an executive.
 
 

11. Safe Shopping 2020

Download Guide (PDF)

If it's too good to be true, it probably is.

Be aware of unrealistic discounts or coupons, many of them are scams.
 

Avoid buying from sites you don't know.

Purchasing from known sites reduces the risk of being scammed.
 

Don't scan QR Codes.

Criminals can place their own sticker over the legitimate one so that when
you scan it, you will be redirected to a fake site.
 

Don't use free WiFi to check prices.

Criminals can connect to your device. Instead, use mobile data or a VPN
 

Verify You're on the Correct Shopping Cart Page.

You may be on a fake page that looks like the official one.

Pay With a Credit Card.

You may be paid back if you quickly report fraudulent transactions. Don't use a debit card.

Even Better...Pay With a Gift Card

Gift cards are not tied to your bank account and have a limited amount.

Only Use Websites That Start With "HTTPS:"

Ensure the "s" is in there and there is a lock next to the URL.

Watch Out for Emails About Shipping Issues.

Don't click on any links. Instead, manually go to the official site and check if there are any issues.

Avoid Posting Online What You Purchased.

Scammers may try to follow up with you pretending to be the merchant.

Not Sure About a Site or Link?

Run the URL through VirusTotal.com to check if it's fine.

Received a Gift Card? Make Sure It's Legit.

If someone sent you a gift card, thank the person who gave it to you to make sure it is legit BEFORE you click on it! 

Don't Accept Electronic Gifts Such As USB Memory Sticks.

They can be full of malware. 

 

12. 2 Factor Authentication 
Cheat Sheet - 11 Apps

Download Guide (PDF)

3. Instagram

Settings > Security > Two-Factor Authentication

 

4. WhatsApp

Settings > Account > Two-Factor Authentication

 

8. Amazon

Your Account > Login & Security

 

11. TikTok

Settings -> Security

 

13.  Hit by Ransomware...Now what?

Download Guide (PDF)

Where do you find help?

Not on Google! There are ads waiting to scam you even more...Cyber Insurance or Incident Response companies can help you.
 

Should you pay the ransom?

This is a business decision! Can you afford to be down? It depends on how prepared the organization was in the case of a ransomware attack.
 

One dollar before a breach equals $9 after a breach.

Either way, you’re paying. It’s how much you want to pay up front and how much you are willing to lose if you are not prepared.
 

Is it legal to pay?

Depends. If the threat actor is on the OFAC list (Google it...), then it’s illegal to pay.
 

Will you get your files back if you pay?

Depends. Organized crime has a “reputation” to maintain, so they usually give back your files. Lone Wolves (individuals) may not.
 

You paid the ransom. Now what?

It’s important to continually monitor and fix your environment. They could still be there watching and waiting in the background.
 

Should you get cyber insurance?

It’s a good idea, it won’t prevent a breach but will help to organize and clean up the mess.
 

How do you pay?

Attackers may give you a tutorial on how to pay. DON’T FOLLOW IT. You’ll end up losing even more. Instead, consult with a professional.
 

Be prepared, aware, and ready!

Make sure you have the basics covered -backups, passwords, ransomware incident and response plans. Be WIZER And train, train, train!
 

Leave it to the pros.

When you are hit, you are likely to be emotional, so bring in professional incident responder.
 

These Security Awareness Guides Were Brought to You By

Wizer Logo

Wizer is a security awareness platform that focuses on security culture.
Want to learn more about us? Check us out here:

Wizer Training Platform