Eleven CyberAware Tips for Cyber Security Awareness Month

đź‘‚ This post is available as a voice article on the Tenta podcast. Tune in for our round up of Tenta updates, technology, and privacy issues around the world.

You know what the scariest thing is this October? Not ghosts or ghouls — nope. The scariest thing is how insecure your private data online probably is. That’s why October is National Cybersecurity Awareness Month (NCSAM). As we wrap up the month of education about security awareness, we’re asking you to take a step back from the candy corn and do a little online security self-assessment.

NCSAM was created by the Department of Homeland Security and the National Security Alliance in 2003. The goal is educate the public about the many risks that are lurking around the internet, waiting to strike.

It’s much scary than a haunted house.

So here are 11 cybersecurity tips for ensuring that you and your loved ones are #cyberaware this fall — and every other season. Good luck out there!

1. Use a VPN when accessing public Wi-Fi.

Public Wi-Fi is notoriously insecure, open to thieves and cyber criminals who can either mimic the connection or tap into it to see and collect all of the information that people are sending over it.

In general, it’s best practice to not access any sites that include important, highly personal information — like your bank, for instance. We recommend you avoid public Wi-Fi all together, if you can. But if you absolutely must use it, utilize a VPN to protect you. VPNs encrypt your connection, making it more difficult or impossible for attackers to intercept your data.

2. Always have a unique password.

You know this one. Everyone knows this one by now, but it’s so important it’s worth saying: Use different passwords for every account. If you’re having trouble coming up with and remembering all of those passwords (because you’re human and who realistically could keep all of that in their head?), try using a password manager, like LastPass.

You’ll also be happy to learn that the recommendations for secure passwords have changed. Instead of a long string of random letters and numbers, it’s now recommended that you come up with three or four totally unrelated words in a string. So, for example, mug-ceiling-hippo-wasting would be a good, secure password. The bonus is that they’re easier to remember and easier to type.

3. Enable two-factor authentication.

Two-factor authentication is one more step that protects your devices, accounts, and data from the hands of thieves. Here's how it works. 2FA requires two forms of authentication in order to access an account. That's generally your password, and a unique code the site sends you. When you enable 2FA on an account, the site will either ask for your phone number or will instruct you to use an authenticator app. If you choose the latter, you'll scan a QR code from the site with that authenticator app to link the two. From then on out whenever you login, the site will ask you to for the unique code that it sends you, which will either be through a text message, or the authenticator app you have installed on your smartphone. The idea is that when you login with your password, you're telling the site, "Hey, it's me!" and site replies with "Oh yeah? Prove it." by sending you the unique code.

4. Make sure your lock screen is on and computer password is set.

Speaking of slightly-annoying-but-worth-it, make sure both your phone and your computer are secure by setting a password, PIN, or fingerprint to get in. That ensures that if the device is ever stolen or otherwise out of your possession, no one can actually access it.

Think it’s too much of a pain to do every time? Take a minute to think about everything you have on your phone. Your bank account. Personal photos. Maybe a dating app. All of your emails. And then reconsider.

Also, many phones now let people set places — like at home, the office, or even their hand — where the phone is automatically unlocked. Take advantage of that feature if it’s available to you and you find entering a PIN every time too annoying.

5. Don’t ignore software updates.

Software updates aren’t just about making your devices run more efficiently, although they’re definitely that. They’re also security updates. Software updates for often come with patches that the developers have discovered, protecting your computer from attackers. If you don’t do the update, though, you don’t get the patch. And cyber criminals depend on that for their business.

6. Never click links in unknown or odd emails.

Phishing — which is when attackers use email to target people for theft of personal information — is an increasingly serious problem. Oftentimes attackers will imitate the names or email addresses from a person the target knows. The least sophisticated ones are usually caught by spam filters, but others utilize people’s desire to please and to not displease the important people in their lives to trick people.

So if an email even looks slightly off, do yourself a favor and call or text the person who sent it and confirm. It’s worth it to not download malware onto your device.

7. Remember that nothing is “free.”

Most people experience social media and search engines as “free.” That’s true… If you only think of payment in monetary terms. But if you’re concerned about internet privacy, you should know that social media, search engines, and many other “free” apps and services charge you by collecting and selling your data. Is that a price you’re willing to pay? That’s up to each individual to decide.

8. Don’t sign in with Facebook.

We know it’s easy to use that “sign in with Facebook” option, but when you do that, you’re creating a daisy chain of logins. If one of those logins is compromised — say by a hack — then all of those accounts (and all of the information on them) are compromised as well. It’s worth it to sign in with your email and create a new, unique password for each account in order to avoid that happening.

9. Always use antivirus or malware software.

Antivirus and malware protection software are one of your first lines of defense if you slip up and something manages to slip through. It’s like locking your door. Will a thief walk in if you don’t lock it? Not necessarily, but why take the chance?

10. Don’t send private info over HTTP sites.

When you’re accessing a website, make sure that it’s using HTTPS protocol, not HTTP. If you don’t see that S at the end, don’t send any private information over that site. That S stands for “secure” and it means that info sent over that network is encrypted.

11. Don’t believe that “incognito” is the same as “private.”

Many people think that going into “incognito” or “private” mode on their browser means they’re safe from prying eyes. In reality, it just means that they’re safe from prying eyes that are looking at their device. Incognito or private browsing doesn’t protect you from your ISP, the government, or even your boss, if you’re on a work computer. So don’t confuse the two and if you want actual private browsing, make sure you’re connecting via an encrypted connection with a VPN.

Of course, this is just the start when it comes to internet privacy best practices. There’s a lot more we all could be doing to protect ourselves online. But stay tuned to this column for more online privacy tips. We hope to be your first stop for staying safe, always.

Share this post

About Tenta

Tenta is a next generation browser designed for privacy and security. Built-in true VPN, full data encryption, video downloader, secure medai vault, HTTPS Everywhere, Tenta DNS, and more.

View all posts by Tenta >

Install Tenta Browser Free!

Start protecting your online privacy today with Tenta Browser.

Download Tenta Browser Google Play Button