2021 Cybersecurity Spring Cleaning Checklist
Have you forgotten about cybersecurity in the midst of the pandemic? Unfortunately, digital scammers and thieves never take time off. So now that it’s springtime, and tax season, it’s a great time to give your “cyber footprint” a spring cleaning. In this article we’ll show you how to declutter physical and digital data and accounts, strengthen your passwords, and more.
Review your passwords
Your cybersecurity approach is nothing without a strong password. If your password(s) are easy to guess or have already been exposed in a data breach, you’re essentially leaving the front door open for thieves to walk right in and gain access to your accounts and sensitive personal information. So, what makes for a strong password?
- Length: Use at least 8 characters, though more is even better!
- Complexity: Do not use common passwords like Password123 or system default passwords. Use a variety of upper and lowercase letters, numbers, and special characters.
- Passphrases: Avoid dictionary words and common phrases. Don’t incorporate information that can be easily obtained on social media such as your birthday, pet’s name, etc. Complex passwords can be hard to remember but using a passphrase can give you the best of both worlds by being difficult to crack but easy to remember. To create your passphrase, think of a phrase you can remember but that isn’t very common. As you type it out, make it complex by changing the capitalization of some letters, turning a letter into a number, using “@” in place of an a, and so on. For example, “A beautiful day in the neighborhood” could become “@[email protected]
- Uniqueness: Use different passwords for different accounts instead of reusing passwords. That way, even if one of your passwords is compromised a hacker wouldn’t be able to reuse this password to get into other accounts with the same login credentials.
- Multi-Factor Authentication: Whenever possible, sign up for MFA, which requires a password plus another identifying factor such as a fingerprint or one-time access code. One-time access codes can be easily set up using security apps such as Google Authenticator or Duo.
- Password Managers: Never write passwords down or store them electronically in a document file or email account. If anyone were to gain access to that information, they would have the “keys to the kingdom”! Instead, consider a password manager, which can store passwords secure as well as help you create strong unique passwords.
Declutter your inbox
Email is an everyday part of our work and personal lives, but it can also be a huge source of stress. If your inbox is overflowing, you’re not alone. However, a messy inbox can be a security risk. Declutter and protect your email account(s) by following these tips:
How many email accounts do you have for work and/or personal use? Make a list and close any that you no longer use.
- Create folders within your inbox for messages you want to keep, to-do items, and other categories that make sense to you, like family or travel. File messages accordingly and delete emails you no longer need.
- Don’t use email to store personally identifiable information, sensitive banking details, or login credentials. If you find this type of information in your email, send it to the trash folder and then empty the trash.
- Review your list of saved contacts and delete any you no longer need.
- Unsubscribe from any email lists you don’t want to read or create a rule to automatically send the emails to trash. Beyond the unnecessary stress, having too many emails might cause you to rush through them and inadvertently click on a malicious email.
- Don’t open email attachments you weren’t expecting to receive or that are from unknown senders. Calling the sender to verify the email is the best way to determine legitimacy. Don’t reply back to the email! If the email is hacked or from a nefarious sender, you will just be conversing with the hacker!
- If a link or the message it’s contained in seem suspicious, hover your mouse over the link until the full address appears. This will show you the URL, and you can verify that the address looks legitimate. Be aware – some addresses purposely look VERY CLOSE to a legitimate address, but are slightly different. i.e. www.fedexservices.com instead of www.fedex.com
- Secure your devices with a password, PIN, biometric, or pattern. Wherever you check your email (on a computer, tablet, smartphone, watch, etc.), make sure the device is password protected so that a thief can’t access your email after stealing your device.
Scan your social media accounts
As you should with email, take stock of your social media accounts.
- Delete any pages or accounts you no longer use.
- Check the privacy settings for each of your accounts and make applicable changes to better protect what you share.
- Review the photos and videos you’ve shared and remove or delete anything you no longer want to share.
- When you encounter suspicious accounts, block and report them to the platform.
- Even if your accounts and posts are set to private or “friends only,” remember that what you share could still end up having a wider audience than you intended. So, don’t post anything you wouldn’t want to share in public.
- Social media direct messages can be a fun way to communicate but beware of messages from people or accounts you don’t already know. Social media is a popular venue for phishing, even within other features outside of just direct messages. So, don’t click on unsolicited links!
Delete unused apps
How many apps have you downloaded on your smartphone or tablet? Take a minute to delete any you no longer want or use. Deleting apps reduces clutter, frees-up storage capacity, and also removes any stored personal data on them, further protecting your information from ending up in the wrong hands.
P.S. If you delete an app it does not mean you have closed the account. Make sure you delete your account from the app before deleting the app itself. In some cases, you may have to log on to a website to close an account. Otherwise, the company you have an account with will still have your personal (and possibly payment) information.
Keep your desk clean
A tidy desk doesn’t just promote focus, it also offers security. For example, do you have account statements with personally identifiable information or sensitive account information laying out where it is visible or easily stolen? Burn or shred papers you no longer need and keep everything else organized in a file cabinet with a lock. If you don’t have a personal shredder at home, look for local “Shred Days” in your community or pay a small fee to have your sensitive documents shredded at an office supply or shipping store.
Back up important data
Backing up your data offers protection from loss, a broken device, theft, malware, ransomware, and other losses of data. With a separate backup copy, you may be able to get your data back quickly, easily, and without assistance. Prepare for any data loss situation by taking the following steps:
- Prioritize your most important files for backup.
- Keep your backup file, device, or account password protected and encrypted when possible. Backups come in many forms, including hardware, software, and cloud-based backups.
- Do not back up data to the same device. If that device is destroyed or compromised, your backup will be as well.
- Make sure local files are backed up (and securely cleansed) from any device before discarding or reusing. This includes files across phones, tablets, laptops, desktop computers, and even other smart devices around the home. For example, modern at-home printers may also have data that is worth cleansing before throwing them away or giving them to someone else.
- Check with your employer if there is already a backup policy in place for your work data.
Keep your devices updated
- Don’t ignore prompts to update operating systems or apps. The latest update comes with the latest security measures to keep your device and data protected.
- Install anti-virus software and keep it updated and running regular scans.
Don’t use systems or software that hasn’t been updated.
Learn more about cybersecurity awareness at Union Bank!
As your longtime community bank in Vermont and New Hampshire, we are here to support the security of our customers and community. Read more about our Cybersecurity Awareness and contact us if you have any questions about your Union Bank accounts! You can reach us by phone (800.753.4343), by emailing [email protected], or by visiting any branch location.