When we looked at the results from our latest state-by-state comparison of the riskiest online security habits, a few things surprised us. Like techies scoring lower than average Americans. But what jumped out the most was how over-confident Americans in general are about their online security behavior. With that in mind, here are five ways to fix some of the riskiest behaviors we found in our latest survey.
- The problem – Password practices can be risky on a number of levels. Whether it’s sharing them with friends, between applications and social media, or between personal and work accounts, password sharing makes it easier for hackers to steal your credentials for malicious purposes.
- The riskiest – Three out of four New Yorkers share passwords between business and work accounts. Between age groups, Gen Zers are more likely to share passwords than Gen Xers, millennials and Boomers.
The fix – Use a unique password for all the applications and services you use most regularly, and never use the same passwords for work and personal use. If you’re tracking passwords on paper, keep them locked in a safe. Or, better yet, use a password manager app so you never run the risk of sharing passwords across devices, apps and internet sites.
- The problem – Poor cyber-security often leads to identity theft. Failing to wipe a device before discarding it is one problem. So is sharing personal information on social media and video streaming sites. The more hackers know about you, the easier it is for them to impersonate you online.
- The riskiest – Nearly 41% of Californians have had their identity stolen. And twice as many people who use mobile banking apps have been victims compared with those who don’t. Across industries, those in technology, banking and automotive are most likely to become victims of identity theft.
The fix – Cover your tracks wherever you go. Erase the contents on a device before discarding it. Beware of the personal information you reveal on social media. And be careful when using banking apps and websites. Use two-factor authentication (2FA) when using the app. If you're using the bank's website, go directly to it by typing the URL into your browser, or use a bookmark that you trust and have used before. Be careful when searching or googling the bank's name, which could return a spoof site in the top results.
- The problem – We knew phishing was a problem. In fact, it may be even bigger than our results indicated. About a third of respondents reported falling victim to a phishing scam. But that’s about the same number who said they actually knew how to spot one. You can’t protect yourself from threats you don’t see coming.
- The riskiest – Nearly 50% of Texans believe they’ve been targeted in a phishing scam while two-thirds of Alabamans said they’ve provided personal information to phishing scammers. Those who use auto-bill payment are twice as likely to report falling victim to phishing scams.
- The fix – Knowledge is power. Learn the tricks of the phishing trade, like bogus URLs and emails that ask you to confirm personal and banking information. Remember, bank logos can be easily faked. And banks won’t typically reach out to you for information they already have on file. If someone claiming to be from a bank contacts you by phone, call them back on an authentic customer service number from one of your banking statements.
- The problem – A lot of respondents said they’re backing up. And that’s a good thing. But they’re not always backing up the way they should. Since data disasters take many forms, you need to back up both locally and in the cloud to ensure you’re protected from a range of scenarios. And backups should be stored in an encrypted format or data may be vulnerable to a data breach.
- The riskiest – Nearly 80% of Americans back up. But 60% back up only to the cloud or to a local hard drive, not both. And 22% back up manually, which can lead to the most common form of data loss of all: human error.
The fix – Use an automated backup solution that backs up to a local target and to the cloud. This ensures you can get data back fast if you experience a local hardware failure. And it enables cloud recovery for more widespread, regional outages.
- The problem – The cloud is not always as secure as people assume. The best way to protect data in the cloud is to store it using advanced encryption, with at least 128-bit AES encryption for data at rest. But a lot of people don’t know the level of security for their cloud data, if there’s any at all.
- The riskiest – Half of respondents either have no encryption for their cloud data or they don’t know whether or not it’s encrypted. This is especially true with free cloud storage services, many of which use no encryption. Remember, online cloud storage is not the same as cloud backup.
- The fix – Make sure the data you store in the cloud uses at least 128-bit encryption for data at rest, or 256-bit for especially sensitive data.
Want to read the complete 2020 state-by-state results? You can download a copy here from our partners at Webroot. If you have any questions about improving your cyber security habits, feel free to reach out to us.