7 things you can do today to be more cyber secure

Improving cybersecurity doesn’t have to be complicated or time-consuming. In fact, some of the most effective defenses against would-be thieves and hackers are simple to implement. 

1. Use 2-factor authentication whenever possible.

As the name implies, 2-factor (2FA, or sometimes called 'mulit-factor') uses two factors to log into an account: something you know (i.e., password or PIN), and something you have (i.e., phone or debit card). This adds a security layer in the event someone steals one or the other of these. Virginia Tech requires 2FA to log into most university accounts and services, and more commercial vendors are offering or requiring 2FA — so if it's an option, use it! 

2. Keep your software, apps, and operating systems up to date.

Companies are constantly updating their products to improve performance and to address or “patch” security vulnerabilities that are discovered. Older versions of software or operating systems won’t have all the necessary patches, leaving you more vulnerable to a cyber attack. Most devices provide the option to enable automatic software and app updates.

3. Think before you click on links or respond to an email or text.

Scam artists frequently employ tactics that cause panic (”your account has been disabled!”), make offers too good to be true (“Get a free $1,000 gift card…just click this link!"), or otherwise try to prey on your emotions ("I am a prince who really needs your help"). If you get an email that you’re not expecting, or if something seems “off,” don’t respond, don't click links, and don't open any attachments. Follow advice for how to spot a phish, and proceed accordingly. 

4. If you work from home using a personal computer, set up a separate user profile for the work version of “you.”

This keeps your work environment — including file protection settings, browsing history, accounts, and other work material — separate from your home environment. Doing so can also help you stay better organized and prevents a family member from accidentally moving or editing your work.

5. Be careful using public WiFi.

Many public Wi-Fi spots are not secured — meaning that data sent over them is not encrypted — putting users at risk. It’s best not to use public WiFi for transactions that involve personal information such as a user ID, password, or banking information. If you can’t avoid using public WiFi, consider using a virtual private network (VPN), which essentially creates a secure connection over top of a network.

6. Be careful what you share online.

It is incredibly easy for others to learn things about us through social media: where we live, frequent hangouts, even hints to our passwords (you know those "get to know you" quizzes that ask where you grew up and your favorite vacation spot?). Opt out of displaying your location and make personal accounts private to limit who can see your profile to help protect your privacy. And heed the advice you’ve heard over and over: if you aren’t okay with the whole world seeing it, don’t post it on social media.

7. When in doubt, report the incident.

If you suspect you’ve been hacked, stop using the affected device, disconnect it from WiFi and data networks, and report the incident. Report phishes to your email provider (tip: if the phish appears to come from a Virginia Tech person, also report the incident to the IT Security Office (ITSO)). Report suspected malware or other issues affecting Virginia Tech computers or accounts to the ITSO. If your home computer or phone has been hacked, it's a good idea to change your passwords and enable 2FA. You may also need to contact your bank to enact a fraud alert, or even wipe your phone or hard drive. You may also consider reporting the incident to a federal authority.