The recent increase in high-profile cyber incidents, such as the September 2018 Facebook breach, has served as a wake-up call to the risks of data breaches and identity theft. Now is the time to not only make sure your own devices are configured properly, but to make sure your friends and family are aware of the many dangers the internet poses if we're not careful about the devices we use, the software we download, and the personal information we share online.
What Issues Should You Focus On?
Talking to your friends and family about configuring their smartphone security settings or oversharing personal information on social media probably sounds like a boring or even daunting task. However, it's important to share your knowledge with the people in your life who may not have the same resources. We recommend focusing on the following issues when educating your family and/or friends on cybersecurity risks:
- Sharing personal information – Make sure they understand all the various places their information can live on the internet and how easily it can be stolen by hackers for malicious purposes. See our blog post Protecting Your Online Identity
- Phishing and vishing scams – Educate them on how to identify and not fall victim to these types of scams, and what to do if they think they've become a victim. In particular, share with them some of the more commonly seen scams, such as U.S. tax season scams.
- Software updates and patches – Tell them that security issues are continually being found and fixed, and it's important to not let any of their devices become out of date. Make sure they keep the software on their computers, smartphones, and other internet-connected devices up to date where possible (it's important to note that some IoT devices cannot be patched). Have them enable automatic updates if possible.
- Endpoint protection and/or antivirus software – Have them check with their ISP to see if there is a complimentary or discounted license available to customers for this type of software. Make sure they keep the software up to date.
- Software downloads – Have them avoid unnecessary software downloads, and only download software from reputable sources. Although free games for kids may be fun, they could contain malware or viruses that can steal information off the device.
- Wi-Fi security – Make sure they secure their home Wi-Fi networks properly. Educate them on the risks of connecting to public Wi-Fi in places like airports or coffee shops. See our tips on securing your home Wi-Fi network and public Wi-Fi best practices
- Strong passwords and multi-factor authentication– Educate them on the characteristics of a strong password, and how to enable multi-factor authentication when possible. Make sure they create a new password on every device they own, and lock the device when not in use. See our password strength best practices
- Internet-connected device security – Mobile and smart devices are a common target for hackers to install malware that can control your device and be used for malicious purposes, such as stealing your personal information. See our blog post Protecting Your Data at Home and Being Smart About Your Smartphone
- Disposing of old devices – Make sure they don't throw away or recycle old devices without properly removing all personal data and using a secure recycling program. See the Federal Trade Commission's guidelines on mobile device disposal here. Have them contact their service provider to see if any other steps need to be taken to protect their personal data.
Online Safety Tips for Children and Teens
Each year, ACA Aponix participates in the U.S. Department of Homeland Security's Stop.Think.Connect Campaign to further educate our clients and friends on measures they can take to protect their information, family, and business from cyber threats. For our 2018 theme, Online Safety for Children, our team developed a series of resources to educate parents and caregivers about the cyber safety best practices they can use at home, school, and wherever children can get online. For more information, including links to download our guide and flyer, see our 2018 Cyber Awareness Month blog post.
For More Information
For more cyber safety tips and resources you can apply at home and at work, see our Cyber Awareness Resources page. If you have any questions, please contact your ACA Aponix consultant or email us at firstname.lastname@example.org.
About the Author
Sean Donahue, CISSP, is a Senior Principal Consultant at ACA Aponix, the cybersecurity and IT risk division of ACA Compliance Group. Prior to joining ACA, Sean served as a Senior Vice President with AIG Global Services. In that role, he led the team responsible for providing infrastructure services and solutions to several business units within AIG including investments, enterprise risk, and global finance. Prior to AIG, Sean was a client partner at ServiceMesh, a leading provider of enterprise cloud management software. Sean joined Goldman Sachs & Co. upon graduation from college, where he spent 17 years within the technology division leading infrastructure, operations, and development teams and initiatives across the trading, sales, and investment management businesses.
Sean earned his Master of Science degree in Management of Technology from the NYU School of Engineering and his Bachelor of Science degree in Information Systems from Salve Regina University. Sean is a Certified Information Systems Security Professional (CISSP).