Internet Safety Tips for Businesses and Individuals

Ensuring internet safety has become more crucial than ever. Learn four simple ways to protect yourself, your family, and your business from online threats. Updated on October 1, 2024 With cyberattacks on the rise, the need for vigilance and strong security measures cannot be overstated. Nearly half of all breaches in 2024 involved sensitive personal data, which can include tax identification (ID) numbers, emails, phone numbers, and home addresses. Intellectual property (IP) records came in a close second (43% of breaches). This highlights the growing risks in the online space and emphasizes the importance of adopting effective internet safety practices. Whether you’re running a business or browsing the web at home, following essential safety tips can help protect your sensitive data and minimize the threat of cybercrime. The annual Cybersecurity Awareness Month campaign dedicated to raising awareness about digital security offers 4 simple steps every person can take to stay safe online:

• use strong passwords;
• turn on multifactor authentication (MFA);
• recognize and report phishing;
• timely update software;

Let’s refresh your knowledge about these measures and learn the best practices for implementing them effectively.

Why Internet Safety is Important

Proper Internet safety practices protect individuals and organizations from various online threats, such as cyberattacks, identity theft, and data breaches. As personal and professional lives become more digital, the risks associated with mishandling information online increase. Cybercriminals exploit vulnerabilities to steal sensitive information, invade privacy, and disrupt systems. Proper online safety practices, such as using strong passwords, enabling two-factor authentication, and staying vigilant against phishing attempts, can significantly reduce these risks. Furthermore, organizations must prioritize internet safety to protect their data, employees, and customers. A lack of proper cybersecurity measures can result in severe financial losses, reputational damage, and legal consequences. By adopting robust security policies and regularly educating employees on best practices, businesses can mitigate the risks of cyber threats. Staying informed about the latest online safety guidelines and threats helps everyone navigate the digital world securely.

Use Strong Passwords and Password Managers

Compromised credentials are responsible for 15% of data breaches, which makes them one of the most common attack vectors, according to the IBM Cost of Data Breach Report. To minimize the probability of compromising your credentials, use strong passwords. Strong passwords help keep your information safe, protect your emails, media, and other content, and prevent someone else from getting into your account. What makes a strong password? It is unique, memorable, long, and includes any combination of letters, numbers, and symbols. Let’s take Google password security practices as an example. According to Google, your password should be:

• strong (include any combination of letters, numbers, and symbols, upper/lower case letters);
• unique (you should have different passwords for each of your important accounts);
• memorable (but nearly impossible for someone else to guess);
• long (at least 12 characters long. A lyric from a song, a meaningful quote from a movie, a series of words that are meaningful to you, an abbreviation are good to use).
• secure (don’t write it down and store it in a secure password manager software).

Along with this, your password should not be:

• weak (simple words, phrases, and patterns like "password123", “12345”, “qwerty”, “let me in”, etc aren’t good to use);
• reused (never use passwords you’ve used before);
• easy to guess (the name of your child or pet, birthdays, the name of your street, your phone number are not suitable).

If you have trouble with managing multiple passwords, use a trusted password manager. Such tools can help create strong passwords for your online accounts, keep them in a safe place, and protect them with special built-in security.

Turn on Multifactor Authentication (MFA)

With enabling MFA, you provide a combination of two or more authenticators to verify your identity before accessing the account. In short, instead of asking you just for a password (which can be reused, cracked, or stolen), MFA verifies your identity by asking for several pieces of information. For example, Microsoft multifactor authentication works by requiring two or more of the following authentication methods:

• something you know (password);
• something you have ( a trusted device like a phone or hardware key);
• something you are (a fingerprint or face scan).

IBM also adds a behavioral factor or

• something the user does (an IP address range or location data from which a user typically logs in to an application).

Thus, users who enable MFA are significantly less likely to fall victim to cybercriminals because any malicious attempt will need to overcome several authentication requirements to gain access to your account.

Recognize & Report Phishing

Phishing attacks rely on social engineering tactics by using spoofed or impersonated email addresses (e.g., an attacker might create an email that looks like it comes from Microsoft, your insurance firm, back, etc, or send an email from an address that looks familiar, yet contains a little difference bill.gates@microsotf.com instead of bill.gates@microsoft.com). Tricking users into thinking a message comes from a person or entity they either know or trust, criminals send an email with a malicious link, attachment, or request for information. The email appears trustworthy due to a familiar text and a known email address, so a victim opens the email and clicks on the attachment, triggering a malicious program that compromises the system. Phishing is the most common attack vector and the second most expensive threat, estimated at $4.76m in 2023, so it demands significant efforts to be addressed and minimized. As a matter of fact, the success of every phishing attack is directly related to people’s awareness. The 2023 Proofpoint State of the Phish Report states that user reporting was responsible for blocking 1 in 10 phishing attacks, which leaves much to be desired. At the same time, 44% of people think an email is safe when it contains familiar branding. With this, Microsoft branding or products were found in over 30 million malicious messages sent in 2022. There’s a lot to think about.

Tips to recognize phishing

Planet 9 provides several tips to recognize and fight phishing:

• Never click on links or attachments found in an email if you’re unsure about the sender or their motives.
• Be cautious of the generic language of the message, such as “Hello Bank Customer”. If you are concerned about the email’s legitimacy, call the sender directly.
• Beware of rushing emails that implore you to act immediately. If you receive a suspicious email that appears to be from someone you know, reach out to that person directly.
• Watch out for suspicious links. Hover over the link to determine the site’s real address hidden behind the link.

More on phishing read in the article #BeCyberSmart: Common Tips to Fight Against Phishing, which was dedicated to the 2021 Cybersecurity Awareness Month campaign.

Update your Software

Vulnerabilities within software code can lead to unexpected outcomes and cause program errors including failures of security controls. Developers resolve these issues through software updates. Software providers release updates, often referred to as "patches", “hot fixes”, or "service packs." These updates primarily focus on repairing security vulnerabilities and improving protection against potential cyberattacks that could exploit these weaknesses. Additionally, software updates may address and fix software defects, enhancing the overall quality of the product. For instance, Apple regularly releases software updates, which include updates and upgrades for macOS and its built-in apps. You can install these updates either manually by downloading the necessary updates from AppStore or automatically by setting this option in system settings.

Internet Safety in the Time of Artificial Intelligence (AI)

In today's digital landscape, internet safety is intricately tied to the rise of artificial intelligence (AI). AI technologies enhance our online experiences by providing personalized content and efficient services. However, they also introduce multiple AI-related cybersecurity concerns, such as misinformation, deepfakes, and cyber fraud. The ability of AI to generate convincing yet false information can mislead users and create challenges in discerning truth from deception. Furthermore, the rapid evolution of AI outpaces regulatory frameworks, leaving a gap in protection against misuse. This necessitates a proactive approach to internet safety, where users must adopt best practices, such as verifying sources, using strong passwords, and staying informed about the latest security threats. Organizations must also prioritize cybersecurity measures, integrating AI-driven solutions that enhance threat detection and response. As we navigate this technologically advanced landscape, fostering a culture of awareness and vigilance will be essential to safeguarding personal information and ensuring a secure online environment for all. To stay updated on the recent cybersecurity and compliance-related topics, keep reading our blog. Feel free to contact the Planet 9 team for help with your security and compliance challenges. We’ll be happy to assist!