Resolve to Follow These 8 Steps for Better Data Security in 2017

The start of the new year is a great time to revisit best practices and improve the fitness of your online security.

Some, but not all, sites and services will remind users automatically after a set period of time to change their passwords. It’s important to regularly change passwords on every site you use to help lower risk.

Sure, it’s easy to use your cat’s name and your birthday as a password that you easily remember. Using that same password across multiple sites, however, is not something you should ever do, as it raises your risk profile. Data breaches happen, but put all your online accounts at risk should one be breached.

So you’ve followed the first two steps, changing your password and not reusing passwords, but there are still risks. An attacker still potentially can steal a password in a data breach or through a phishing scam. That’s why using some form of multifactor authentication is helpful. Many popular online sites including Google, Facebook, Twitter and LinkedIn have some form of multifactor authentication, providing a second layer of account protection that you should be using.

Even if you’ve followed the first three steps and your password fitness is top-notch, you’re still at risk from potential exploits that could be lurking in unpatched applications with known vulnerabilities. Some applications, such as Google’s Chrome, automatically stay updated, but many others do not. So, be sure to exercise those fingers and check for any updates regularly and often to make sure you’re patching everything (operating system, browsers and all applications).

If you’ve made it this far, congratulations: You have a fit password posture and your operating system and applications are up to date. But there are still other risks. Not all sites or WiFi access points are secure, potentially exposing users to risk by sending information in the open and unencrypted. In 2017, choose to use a Virtual Private Network (VPN) more often than not. With a VPN you’re creating an encrypted tunnel that will limit the risk of snooping.

Phishing attacks often come in via email, tricking users into clicking on seemingly legitimate looking links. Before clicking on links in 2017, right click or copy/paste the link into a separate browser window first to see what the link actually is and where it is going. Better yet, avoid clicking on unknown or suspicious links in email altogether, if you can.

On Facebook, Twitter and other popular online sites, users often will grant access to third-party applications. Sometimes users use Facebook, Twitter or Google (often via the OAuth protocol) to log in to other sites. Some of those logins and third-party apps may hold onto that permission or authorization for longer than the length of a session. To say digitally fit and secure, visit the list of third-party authorized apps in your Facebook, Google and Twitter accounts and remove those that you no longer use or need.

Finally even if you’ve followed the previous eight steps, there are still other things that can go wrong. Among the biggest security risks that emerged in 2016 was ransomware. In 2017, resolve to stay digitally fit and secure, and have a continuous backup plan for your account information and all your data.