Security & Safety Resource Center

When using a home router, ensure you have changed the username and password from the common factory set of admin/admin. Disable WPS, which is both insecure and susceptible to brute force attacks. If possible, use a secure router for work use only, and monitor traffic to ensure your child isn’t using it for Minecraft access.

Be alert to the kinds of information being collected to complete your transaction. If the merchant is requesting more data than you feel comfortable sharing, cancel the transaction. You only need to fill out required fields at checkout and you should not save your payment information in your profile. If the account autosaves it, after the purchase go in and delete the stored payment details.

A strong firewall to run all access through is key in a distributed work environment, and just good sense for traditional home internet usage. Don’t allow RDP (Remote Desktop Protocol) from the public internet; this is akin to punching a massive hole in your firewall. Use a VPN to further protect your network and prevent unauthorized access.

Working at home on personal devices (Bring Your Own Devices) and self-managed Wi-Fi networks present a massive security risk to you and your employer. To protect potentially sensitive information, enable Windows and macOS native encryption functionality and save encryption passwords.

Ransomware identifies the drives on an infected system and begins to encrypt the files within each drive. Ransomware generally adds an extension to the encrypted files, such as .aaa, .micro, .encrypted, .ttt, .xyz, .zzz, .locky, .crypt, .cryptolocker, .vault, or .petya, to show that the files have been encrypted—the file extension used is unique to the ransomware type. Once the ransomware has completed file encryption, it creates and displays a file or files containing instructions on how the victim can pay the ransom. If the victim pays the ransom, the threat actor may provide a cryptographic key that the victim can use to unlock the files, making them accessible.

A patch issue causing problems (or your own lack of IT urgency) can entice you to turn off automatic updates — no more annoying alerts! Months down the road, though, a hack through an unpatched vulnerability can infiltrate your system. Employ automatic updates and reboots so that you’re proactively dealing with issues before they become pervasive or incredibly damaging.

Your security is only as strong as the weakest link. Ensure that every company you work with — ISP, SaaS, Bluetooth-enabled consumer electronics, etc. — has the same strict security requirements as your home and work environment demand. Advanced security across the board can help protect you from provider-side vulnerabilities.

Review the permissions each mobile app has on your device. Ensure your installed apps only have access to the information they need and remove unnecessary permissions from each app. Consider removing apps with excessive permissions. Pay special attention to apps that have access to your contact list, camera, storage, location, and microphone.

Malware is commonly spread by users clicking on a malicious email attachment or a link. Don’t open attachments or click on links unless you’re confident they’re safe, even if they come from a person you know. Be particularly cautious of attachments with sensational names, emails that contain misspellings, or emails that try to entice you into clicking on a link or attachment (e.g., an email with a subject that reads, “You won’t believe this picture of you I saw on the internet!”).

A list of “banned” internet sites is next to useless in an age when new unsafe sites appear daily. To better protect your network, select a Wi-Fi solution that promotes safe browsing by filtering by IP address, location or URL to help block access to unsafe sites and prevent contamination by malicious content.

Wi-Fi access points should have built-in wireless intrusion protection to ensure unknown access points aren’t being targeted. By requiring intrusion protection at all access points, you make it easier to spot an interfering AP or shut down rogue devices that might pose a threat. The network will alert your IT administrator (you) if necessary.

When you connect a computer to the internet, it’s also connected to millions of other computers—a connection that could allow attackers access to your computer. Although cable modems, digital subscriber lines (DSLs), and internet service providers (ISPs) have some level of security monitoring, it’s crucial to secure your router—the first securable device that receives information from the internet. Be sure to secure it before you connect to the internet to strengthen your computer’s security.

When you first install a web browser on a new computer, it will not usually have secure settings by default, you will need to adjust your browser’s security settings manually. Securing your browser is another critical step in improving your computer’s security by reducing attacks that take advantage of unsecured web browsers.

W-Fi security and WAP2 can cause security vulnerabilities and expose your networks to increased risk of potential password phishing attacks. Choose wireless equipment that is certified to support WPA3, and demand Wi-Fi Certified Enhanced Open so you can protect your data with Opportunistic Wireless Encryption (OWE).

You can increase security exponentially by applying rules based on traffic type, location and application. By automating the enforcement of certain security rules, you can reduce the risk of security breaches.

Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software, including Total Defense, can be set up to update automatically.

Remote work and the IoT mean users and devices are everywhere and may not have the best security at all times. By assigning roles to users and devices (family members, roommates, individual devices, etc.), and limiting access based on these roles, you can minimize the number of SSIDs in use and differentiate between approved and non-approved devices and users. Look for Wi-Fi software that facilitates role-based access control.