Trust&Protect Part 2: How to Keep Your Information Safe Online

Trust&Protect is our 4-part guide to financial safety designed to provide you with peace of mind. In the second part of our series, we discuss a few measures you can take to greatly reduce the vulnerability of your personal information online.  

Multifactor Authentication

A growing trend in security technology is multifactor authentication, often referred to as “MFA.” For those who don’t know what multifactor authentication is, it is an additional layer of security beyond username and password. These layers are typically presented as requiring at least two of these verification methods:

• A knowledge verification, such as a password or security question
• A possession verification, such as email or SMS/text code retrieval
• An inheritance verification, such as a fingerprint or other biometric authentication

You likely use a form of multifactor authentication to access digital banking accounts due to regulations in the financial industry. As cybersecurity attacks continue to increase, more and more systems are either requiring or have some type of multifactor authentication available to their users. Many payment apps, social media platforms and even streaming services offer multifactor authentication. Because this step alone can reduce your risk of identity compromise by as much as 99.9% over passwords alone, we highly recommend setting up multifactor authentication on every service that offers it.  

Use Strong Passwords

While multifactor authentication will greatly reduce your risk of cyber attacks over passwords alone, that doesn’t mean that you should simplify your passwords. Instead, passwords should be viewed as the first line of defense against a sophisticated threat that works in conjunction with MFA. You should avoid passwords that can easily be guessed or researched, such as

• Names, such as your own, your children or your pets
• Birthdays
• Your well-known interests, such as sports teams
• Places you travel
• Other common passwords, such as asdfjkl; or 123456

Instead, we recommend using pass phrases that use a combination of upper- and lower-case letters, symbols and numbers. Pass phrases are easier to remember and harder for hackers to guess. It is also good practice not to use the same password for all logins, because a hacked password on one system will leave other systems you use vulnerable. Some ways you can further protect your password include:

• Never send a password through email
• Do not share your passwords or leave them written down in an easily found place
• Do not use ‘remember password’ options on devices that other people use
• Be mindful of public wi-fi
• Choose a password that is at least 10 characters in length
• Look for the ‘s” in the ‘https://’ portion of the url. Sites that just have ‘http://’ are vulnerable or could be a phishing scam, which we will go over in Part 3
• Be careful of using your password through email links, as they could also be part of a phishing scam
• Do not reuse your password

Update Your Software

Cyber criminals are constantly searching for vulnerabilities in system software. In response, software companies are constantly upgrading their systems to keep their customers safe. This is why you should always update your device’s operating system as soon as they are made available. When you think about the amount of personal information on your cell phone, tablet or PC (such as credit card information, photos, personal information, etc) you realize how susceptible you would be if hackers were able to break into your device. Software updates are designed to help you keep that information out of reach from cyber criminals.

If your device allows for automatic updates, we recommend that you turn those on so that your device remains a step ahead. If your device does offer automatic updates, we still recommend that you periodically check for updates manually to make sure they aren’t being missed. It is also good practice to uninstall any applications that you are no longer using or are outdated. You can always reinstall the application if you need it later. 

Back Up Your Files

While backing up your files doesn’t seem like it would directly neutralize cyber security threats, it could, in fact save you a lot of money. In Part 3 of our series, we will discuss Ransomware and how it works in more detail, but the short story is that it is a type of malicious software that will permanently block the files on your device and hold them hostage until a ransom is paid. You can read our C&N Library article about Ransomware, too, which has some great information on how you can protect yourself from a Ransomware attack.  

If you continuously back up your files offline using a separate source, you can easily circumvent this type of attack and restore your files. You can then identify how your device was infected and take steps to restore your device at a much lower cost than paying the ransom. 

Cyber threats are not going away, so it’s important to know what steps you can take to reduce the risk to your personal information online. In Part 3 of our Trust&Protect series, we’ll help you identify common cybersecurity scams so you can recognize them before it’s too late.