15 cybersecurity rules to stay safe online

Firewalls between old buildings

This article is a short summary of the most important security-related points that every user should know and keep in mind to stay safe. This is not an absolute list that would guarantee you complete safety, these are just the most basic tips. You should understand that having your disks encrypted and firewalls turned on is nothing if you write down your passwords on a piece of paper and leave it on your office table.

Security is a journey, not a destination.

Secure browser

Use a browser that cares about privacy. Here are a couple of examples of popular ones:

• Brave — privacy-focused browser, which automatically blocks online advertisements and website trackers in its default settings.
• Firefox — open-source browser, has built-in blocker of social trackers, tracking cookies and fingerprinting. Good choice for everyday internet surfing.
• Tor — has even more layers of protection than Firefox. Might be not so convenient for regular use because it deletes your cookies, cache and browsing history after you close it.

Browser containers

Container - is like a separate browsers with their own cookies and saved passwords. You might have one container for work, second for personal use and third for banking. They’ll never be able to share data between each other.

There is an addon for Firefox: learn more

Safe messenger

The rule is the same here — choose the one that cares about user’s privacy.

• Signal — uses encryption by default
• Telegram —has self-destructing messages, encryption can be used in secret chats

Don’t trust emails

Any unexpected email you receive must be considered as a potential security threat. Keep in mind following steps:

• Check sender’s email twice
• Check sender’s email one more time
• Do not open any links until you are 100% sure you trust the sender
• Disable auto loading of images in your email client settings: instructions for Gmail. (What is a tracking pixel?)

Don’t expose your real email

There are services that keep your email address private when filling out online forms. They do this by creating an email alias and forwards messages to your real email address to keep it hidden from companies you don’t trust.

Example: Firefox Relay

Two-factor authentication

Two-factor authentication (or 2FA) is an authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism. Usually, the first evidence is your password and the second one might be one of these:

• SMS on your phone number
• email
• code from an Authentication application

Today almost all services support it, so enable it everywhere you can.

Monitor password leaks

Use a service that’s monitoring whether your account has been compromised by any data breach. For example, Firefox Monitor.

WiFi and LAN network

If you can choose between wired and wireless network — use wired.

Most likely, you can’t connect all of your devices to the wired network. Set up a strong password for your WiFi and make it hidden.

Lock your devices

• Screen should automatically lock if you away for 3 - 5 minutes
• Set up a strong password for all of your devices
• Enable data erase feature: all data on your device will be wiped out after 10 failed passcode attempts. Having 6-digit pin code means there are 1 million possible combinations and it’s almost impossible to find the correct one in 10 attempts.

Disk encryption

Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people.

• Windows: Turn on device encryption
• MacOS: Use FileVault to encrypt the startup disk on your Mac

Firewall

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. It should be turned on:

• Windows: Turn Microsoft Defender Firewall on or off
• MacOS: Block connections to your Mac with a firewall

Airdrop (For MacOS and iOS users)

Restrict your discoverability to “Contacts Only”.

Applications settings

Once you’ve installed a new application on your device or created account on a new website, the first thing you have to do is go through each parameter in its settings and configure it in the most secure way. Most likely, you’ll find that the new service has enabled some features that you don’t need:

• sending usage statistics to the developer
• sending newsletter, digests, updates, etc to your email
• starting on OS startup

Antivirus

Install a free version of any antivirus software on your machine. Or execute one-time scans regularly using a tool like Dr.Web CureIt

Keep software up to date

It’s important because updates bring fixes of found vulnerabilities. Until the patch is not applied, hackers are able to use them.

General tips

• Always remember about your privacy
• Pay attention to data breach announcements
• Review settings of each app or website you use
• Keep your passwords in a safe place. Physical notepad is not a good idea

Thank you for reading. Stay safe and share security guidelines you follow in comments!