How to stay
safe online:
practicing good
digital hygiene

Author: David Grady

More than eight in 10 U.S. adults go online at least daily, and about three in 10 say they are online “almost constantly.” So understanding how to stay safe online and ensuring you practice good digital hygiene — both at work and at home — are essential. 

Threats to online security are everywhere, and anyone can become a victim. The Verizon 2021 Data Breach Investigations Report examines the different methods threat actors use to breach security and provides insight on how to stay safe online and the importance of practicing good digital hygiene. 

Make digital hygiene routine

How to stay safe online starts with good digital hygiene. A single compromised device can result in a threat actor obtaining information that can be used to access other devices or accounts. For example, poor digital hygiene at home means that a compromised device could lead to an attack on business assets. Files may be stolen, re-used passwords cracked, or home email accounts hacked — giving the attacker the information needed to gain access to the victim’s corporate network.

An attack could be as simple as accessing the victim’s corporate email with the same password that is used for personal email. A more complex scheme could involve blackmailing an employee with personal photos or information stolen from a home computer.

Good digital hygiene at home is critical because a lax attitude toward security can carry over into the workplace. Employees who don’t take online security at home risk bringing their relaxed attitude to their workplace, or even forgetting about security best practices.

Tips for how to stay safe online

Attacks come in a variety of forms and understanding how to stay safe online is essential. Here are some tips on how to stay safe online and practice good digital hygiene.

Email security

  • Never provide information by email, phone, text or any other method to an unknown person. Always verify the requestor’s identity before passing on information.
  • Carefully evaluate domain names and email addresses for misspelling (for example, “@Verizon” not “@Ver1zon”).
  • Double-check embedded links by first hovering over them, so you know what they are pointing to.
  • Only open attachments from known senders, and if they’re expected.
  • Always check the “reply to” address before you reply.
  • Scan all email attachments for viruses, even attachments sent by known persons.
  • Educate yourself on current scams. Keep in mind that Microsoft won’t call you because your computer is infected. And it’s fairly safe to assume that no one has left you a million dollars.
  • Be wary of any email about a recent disaster or asking for donations.

Web browsing security

  • Be careful where you browse. Just because a link appears in Google, or was sent by a friend, does not mean it is safe. If you need to access an unknown site, do some research first.
  • Check your web browser settings for proper security, including third-party cookies, web history and add-on settings.
  • Don’t store passwords in web browsers.
  • Don’t install untrusted or unknown plug-ins.
  • Even known safe sites are prone to compromise, so always scan downloaded files for viruses.
  • Keep your anti-virus up to date, and don’t be fooled by fake anti-virus pop-ups.

Social media security

  • Don’t accept friend requests from people you don’t know.
  • Harassment is harassment, whether it’s face-to-face or online. Always report it.
  • Be careful what you post online.
  • Understand your account security settings and who can read your posts.
  • Don’t share personal information that can be used against you.
  • Never put anything in writing that you would not want the whole world to read. Remember, social network sites can be hacked and your private messages could be made public.

Home security

  • Use WPA2 encryption on wireless networks.
  • Change default router names and passwords.
  • Don’t broadcast your Service Set Identifier (SSID).
  • Create a guest network for visitors (but still use a strong password).
  • Use the Access Control List (ACL) function to prevent rogue connections.
  • Encourage employees to use their online security training at home, along with anyone who may be using their home network.

Device security

  • Keep all systems up to date with security patches.
  • Keep virus scanners up to date and never disable them.
  • Encrypt and protect all of your devices with strong passwords.
  • Be aware of suspicious system behavior.
  • Don’t plug in unknown USB devices, accept devices from strangers or share storage devices with friends.
  • Keep personal USB storage devices encrypted. Securely wipe and physically destroy old devices.
  • Avoid connecting to public Wi-Fi. If using it is necessary, do not conduct sensitive transactions.

Physical security

  • Never leave your device unattended in public.
  • Never be so engrossed in looking at your mobile device while in public that you do not notice your surroundings, such as physical hazards or potential thieves.

Learn more about how Verizon can help you to stay safe online.

David Grady is an ISACA-Certified Information Security Manager (CISM) and Chief Cybersecurity Evangelist at Verizon Business Group.