Keeping Your SMB Bring-Your-Own-Devices Secure

If you have a small or medium sized business, it is likely that you have staff who are bringing their tablets, phones, iPads, and laptops to work every day. However, all of this puts your business to risk as they can also bring malware into your network.

On top of this, any of these devices can be lost, misplaced, or stolen. Since its extremely likely that your staff are using these devices for their work, think about all of the information that could be on there about your company…and it happens because Joe in accounting left his cell phone on the counter at a local coffee shop, and a hacker picked it up.

Also, think about this: depending on how successful your company is, there also might be a list of clients found on the devices, or at least a few. Now, someone has access to your clients, and what is stopping them from contacting your competitors and sharing your sensitive company information…for a price, of course.

Hacking also often involves the act of phishing where an employee will open up an email and then click on a link or open an attachment. When this happens, malware is unleashed, and the device and network is at risk.

Here are some tips to keep devices secure that you can share with your staff:

  • Only use apps that have been purchased from a reliable source like iTunes or Google Play.
  • Do not reuse passwords and use a different password for each login that you have.
  • Keep all apps and operating systems updated. Any update that comes in should be downloaded and installed immediately. Don’t choose to update later, as this is a great opportunity for hackers to get into a vulnerable app.
  • Start using anti-virus software. These apps can be found in iTunes or in the Google Play store.
  • Be cautious when installing anything with a “free download.” Sometimes viruses and malware can be found there, and they can get out onto your network before you know it.
  • Choose the feature where device passwords are protected and wiped clean after a certain number of log-in attempts.
  • Make sure that all staff understands that free Wi-Fi spots are not secure. So, they should be using a VPN anytime they are trying to connect to a free Wi-Fi network.
  • Phishing scams are becoming more common than ever before, so make sure that your staff knows how to recognize scams like this.
  • Don’t trust email addresses that you don’t know and don’t trust any email that claims it is coming from the CEO or Board of Directors unless it’s an email that you can verify.
  • Do not use any device that is jailbroken. This opens it up to too many viruses.

Understanding MDM

Mobile device management software, or MDM, should be used. This software helps to protect devices, and it is a safety net for any type of business or personal device. For instance, if a mobile device is lost and the person who finds it tries to enter the passcode a certain number of times, the device will lock out the person doing it. You can also set it so that the entire device is erased if there are too many login attempts. MDM also offers firewall protection, encryption, and antivirus capabilities. Additionally, it can monitor the system to add another level of security. There should be a policy in place that every employee must use this software on their device, or they can’t use it.

Utilize Additional Experts

“Do it yourself” information security for small business in theory might seem to save a few bucks. But in the long run it might cost your small business a lot more. Engaging experts such as Managed Security Service Providers, or for smaller businesses, also known as a Virtual CISO’s (chief information security officer), can run the most comprehensive vulnerability scanning software among other ethical hacking tools, will make sure bad guy hackers can’t get in and make a mess of all you have worked for.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Is Your Privacy a Concern with Biometrics?

When people started using biometric identifiers, many believed that it was all of the security that we needed. However, that was around 15 years ago, and we are still having security and privacy issues. As biometrics become even more common, the chances of hacks are becoming even more common!

Years ago, biometrics was used primarily to fingerprint criminals. Government agencies then started using biometrics to identify federal and state employees, and corporations soon followed. Now, everywhere we look, we can see the use of biometrics in action.

One of the ways that we commonly use biometrics is to access electronic devices, and many of us use biometrics to clock in at work. With all of this use, however, do we have something to worry about?

How Biometrics Have Grown

We are definitely expecting the use of biometrics to skyrocket over the next decade. In fact, estimates are that we could see more than 500 million new scanners being installed. Everywhere we look, there is some type of camera or scanner, but most consumers don’t seem concerned. In fact, a recent survey shows that around 80% of people are more confident in biometrics than they are with passwords…but this is a false sense of security that could pose a big problem.

You Are Not as Secure as You Might Think

 Think about this for a minute; if your password gets stolen, you get a notification that you need to change it. This can be done over and over again with a new password. However, with biometrics, if a hacker accesses your information, there is nothing you can do. They have it forever, and you can’t change your eye scan nor your fingerprint.

Attacks are Here

 Hackers are continuing to get smarter, and they are finding more ways to steal your info. There are more and more attacks that include biometric information, too. Just a couple of years ago, a report from the Office of Personnel Management showed something quite frightening.It reported that millions of government employees had their fingerprint scans stolen. I was actually a victim of that crime as a member of the US Coast Guard Auxiliary.  It is believed that the Chinese government was behind this, and it wasn’t a simple little attack. Many of these people had all 10 of their scans taken, and all of them are still vulnerable, today. Remember; you can’t just change your fingerprints! With this type of a hack, identity theft protection will not help here. But, it’s still good to have that type of protection.

How to Fight Back

Though there are plenty of people who don’t feel very secure with this, it is very important for those who choose to use a biometric scan to know that companies and government agencies must be held responsible with their biometric information. These organizations must do all they can to ensure that these scans remain secure.

Let’s look at Touch ID from Apple. Most people think that the image of your fingerprint is actually stored on your phone. This isn’t the case, though. Instead, it only stores a mathematical representation of your fingerprint. This means that it is totally impossible for someone to create a copy of your fingerprint from this representation. On top of this, there is a chip in these devices that include Secure Enclave, which is an advanced security concept, which protects fingerprint data and passcodes.

This is what companies and the government needs to do when using biometrics, too.

When there is any technology that requires biometrics, consumers must be sure that they are insisting that their information and scans are safe. You don’t have to be afraid, but you do need to be safe, just like you would be if you were doing online banking.

Now that you know all of this, do your loved ones a favor and share it with them. The more people who know, the more we, as a population, are educated and prepared.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

A Look Ahead: What Challenges Might We Face with Cyber Security in the Next Year?

I was recently talking to a friend. She called me because there was a big issue at work: a ransomware attack. Basically, a hacker installed software that locked down the entire network, and then demanded that her boss pay $8500. Ultimately, against my recommendations, the only choice they determined they had was to pay the money, and in the process, they learned a very valuable lesson about the importance of backing up company data.

This is only one of the things that we are going to be facing in the upcoming year. Here are some more that everyone should be aware of:

More Ransomware

We are definitely going to be seeing more ransomware attacks. These cyber criminals are getting even more greedy and they know that the data they are holding for ransom is very valuable. So, expect even higher priced demands.

More Built-In Security

For those in the security industry, there is going to be a lot of work ahead. There are new challenges coming up all of the time, and there are still the old issues that haven’t been solved. People in the industry will have to go way beyond home computers and cell phones. With so many products connecting to the internet, there are millions of ways for cyber criminals to launch an attack.

Intelligence-Based Security

We also can expect to see more artificial intelligence-based security approaches, since the technology we have now just isn’t doing the job. There needs to be more advanced analytics and monitoring, and this will help to prevent more identity theft incidents than ever before. Artificial intelligence just keeps on getting more prominent, and we are seeing computers actually learning without any help from humans. If these computers start to learn enough, they can start helping criminal hackers too.

A More Vulnerable Internet of Things

It’s also a huge possibility that there are going to be big issues in regard to the Internet of Things. Often called “end points” more devices than ever before are connecting to the internet, and more people are using them. This makes us more vulnerable to attacks, so we need to lock this down. Before you buy anything that connects to the internet, you must do your research.

More Phishing, Too

We can also expect more phishing attacks. Hackers are certainly planning more of this, and honestly, these attacks are easy to pull off. Why would they stop?

Credential Theft is Here to Stay

Attacks that occur for the purpose of stealing banking credentials and payment cards will also continue. Don’t ever click on a link in emails, and don’t open any attachment before you open them.

Credential Stuffing

There are billions of stolen credentials floating around the Internet ready for the taking and hackers are plugging this data into well-known websites and gaining access to email, ecommerce, banking, financial, you name it. Change up your passwords.

Security with Smartwear

We are also seeing new threats in regard to wearable devices. These can be bad news for consumers and businesses because they can easily be portals for infecting a home network. Keep these devices updated and change the passwords from the default if you can.

Governments Could be Targets

Cyber-attacks on governments will surely continue, too. These might be inside jobs, or they could be from foreign sources. Even if you think your devices and data is secure, the government might not be. This is another reason you need to have ID theft protection.

Smarter Cars

We also are going to see smarter cars; cars that are more connected than we have ever seen. There are close to 100 ECUs, electronic control units, in cars these days. Some of these are connected to the internet, too, so think of what this might mean. Technically, a hacker could do things like control the car’s brakes. Thankfully, manufacturers are adding more security, but consumers really have to do their homework, too, and understand their cars’ capabilities.

DDoS Attacks

Distributed denial of service attacks, or DDoS attacks, is when manipulation occurs to make something unavailable to people, like a website. We will certainly see more of this.

Disinformation Proliferation

There has never been a time when dis-information was so easily spread by so many, for so many reasons. When government officials at the very top become the primary spreaders of this information, such as dictators in Banana Republic’s and even those in the USA, you know we have a significant problem. Get your facts straight, publications like the New York Times or the Wall Street Journal have no reason to lie. Fact check before you share and spread misinformation.

Conclusion

Here’s the situation; we cannot fully protect ourselves from all of the fraud and scams that are out there, no matter how hard we try. With so many devices that are connecting to the internet, hackers have a ton of opportunity to take advantage of their victims. We need better security and more awareness, so as we move into the new year, keep all of this in mind.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Kids Home? Rethink Their Digital Security or it Will Bite You

If you had asked me a few months ago what I felt about “screen time” and kids, I would have told you that I wouldn’t give my kids their own devices or allow social media accounts until they were 15. But things have changed. Now, I’m happy to let the kids on the family tablet, and even allow them to use things like FaceTime, games, and email. Why? Because I want to make sure that they have some type of connection to the outside world.

However, this didn’t happen without some ground rules, not only to keep the kids safe, but to make sure they don’t totally fall headfirst into cyberspace. Here’s some tips:

No Social Media

Oh you didn’t think I was gonna give you a pass did you? No, my 14-year-old is still not on social media, and she doesn’t complain about it, she doesn’t miss it, and she’s better off for it. First of all, it’s a time suck, it’s often a cesspool of BS, misinformation, disinformation, and just plain mean-ness.

Sure my kids might get the occasional TikTok video from one of their friends, but they don’t have the app, they’re not spending any time on it, and while they might learn a TikTok dance or two, they’re certainly not recording one and posting it online.

Teach Your Kids to Respect Digital Devices

There are a number of ways that you can do this, including setting a rule that they must ask permission before they use the device or go online. By doing this, you are making them conscious of their actions.

Set Rules on When They Can Have Access to Certain Apps or Devices

Another thing you can do is make sure that you set rules about when your kids can access certain devices or aps. For instance, maybe make a rule that they must use devices in common areas, or they can only use game apps after dinner. Whatever the case, you should be checking in on what they are doing.

Create a Schedule

Only allow your kids to use devices when you are available to help or when you know they can’t get in trouble. Allow them to watch Netflix while you are in an online meeting but bring the remote with you.

Create an Agreement

Also, think about a “tech agreement” for your kids. If they break the rules, there will be consequences, just like they have with other rules in your home.

Discuss Online Privacy and Tone

One of the most important things to do is discuss online privacy and tone. Kids don’t always realize that what goes on the internet can stay there forever. Suggest, perhaps, telling your kids not to do anything they wouldn’t do or say with grandma in the room. It works.

Tell Them Your Expectations

Talk to your kids about what you are comfortable with…or not…when they are online. For instance, if you don’t want them talking to strangers, there are email programs that allow you to approve and email that is sent and received. There are similar chat programs.

Is it Time to Talk About Pornography?

This might be the perfect time to talk about pornography, too. Experts say conversations about this should start around kindergarten. To minimize the chances your kid will access it, use parental controls or kid-friendly browsers.

Understand that Kids Will be Kids

Finally, take a deep breath and realize that kids will be kids. As long as they are being safe and polite, allowing them access to these things might be the best way to get through these nationwide quarantines.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

How to Prevent your Devices From Spying on You

You might not realize it, but your electronic devices may be tracking you. They know what you are doing, what you are reading, and the things you like to do. In almost every case, you give these devices permission to collect this info when you start using them. Here are some tips to help you prevent your devices from spying on you:

Laptops

Macs

If you are using a macOS computer, you can limit the information you are sending to Apple by choosing the Apple menu > System Preferences > Security & Privacy. Click the “Privacy” tab, and then you will see options about what apps can use and share data. If you click “Analytics,” you can do even more. Also, keep in mind that if you install a new app, you have to do those updates, too.

Windows

If you use Windows, you can limit the info you share by going to “Settings,” and then clicking on “Privacy.” You can enable and disable settings for each app. Again, any new apps that you install must be taken care of separately.

Chromebook

Google collects a ton of data, so Chromebook users should pay attention. Got to My Activity, and then delete what you want. You can also turn off some of the data collecting by clicking “Manage your Google Activity,” and then “Go to Activity Controls.”

Phones

You can do similar things to stop data collecting on your phone, too.

iOS

If you have an iPhone, there is a Privacy setting in the Settings menu. Open it, and then click on “Analytics,” to see what you share with Apple. If you don’t want to share this, simply toggle it all off. You can go back to “Privacy,” and then take a look at what the settings are for every app you have downloaded to your phone.

Android

If you have an Android phone, you can choose Google, then go to “Personal Info & Privacy.” Choose the “Activity Controls” screen, and then pick and choose what you want to share. Again, you have to also go to change settings for each app, too.

Fitness Trackers

Your fitness tracker is also spying on you. Apps like Strava and FitBit can be controlled through the Settings and Privacy options on your phone. You can do more, though:

Strava

Click on “Menu,” if you have Android or “More,” if you have iOS. Choose “Settings,” and then “Privacy Controls.”

FitBit

With FitBit, tap your profile, and then your account name. Tap “Personal Stats,” and then “Settings” followed by “Privacy.”

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Your Kids Digital Lives Are in Shambles

If you have a teenager, you probably have a battle in play: do you or do you not manage your teens mobile devices. Though some parents see this as an invasion of their child’s privacy,(which, frankly, is stupid) there are many reasons why you should start managing what they are doing online.

Robert Siciliano Quora BreachSome of these reasons make a lot of sense. Mainly, what your kid does at age 17 and under, is your responsibility, or in essence, your fault if they screw up. If they send a nude photo, that’s child porn, and that will come back to bite YOU and them.

And, the research data is out there, for instance, a teenager who has limits on how long they can sit on their phone will be better prepared to get into the real world because they can focus and unplug. Many people believe and research strongly suggests that too much screen time leads to addiction, which could definitely negatively affect the life of the child. There is also the fact that spending too much time on one activity, such as watching endless YouTube videos, causes other responsibilities to suffer. This leads to poor time management skills.

Time management is crucial for a child to develop in the younger years. Even the CEO of Microsoft believes that people are spending too much time focused on the screen. Microsoft actually did a study that showed the average attention span of a human is only about 8 seconds; shorter than a goldfish.

What does this tell you as a parent? It means that it might be time to teach your kids how to better manage their time and to avoid distractions from their cell phones. The best results start when they are younger, but it could still be worth it trying to enforce this as they get older. If not, you could see that your kids are being passed by others as they get older; others who know how to focus their attention.

Most parents don’t enforce these types of things because they don’t want to fight with their kids over it. They know that there is going to be a battle, and they are probably fighting their kids about other things, too, so they don’t want to add onto that.

If you are thinking about doing this, but having second thoughts, don’t think about it as a punishment for your child. Instead, think about it as time that they will have to focus on other things. You also might want to try it yourself and spend more time with them. Though you might not even realize it, many adults have issues with too much screen time, too, and this change could be positive for your entire family.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

5 Digital Security Tips That You Should Always Beware Of

Hackers are out there, and they have their eyes on YOU! So, you are the first line of defense against them. Do you know how to make your smart phone or computer more difficult for hackers to access? Here’s five tips to help:

Password Information

  • You would think that these days, everyone would know how to create and use a strong password, but people don’t. Every online account you have should have a strong, long password made of a combination of symbols, letters, and numbers. You should also use a different password for each account.
  • A good, strong password is at least 8-12 characters in length. It is also made up of both upper case and lower-case letters, symbols and numbers. Make sure it doesn’t spell anything, either. Example: “yi&H3bL*f#2S” However a phrase will do to. Such as iLike1ceCream!
  • Activate two-factor authentication on every account you can. This way, even if your password gets into the wrong hands, the hacker can’t get in unless they also have access to your smartphone.

Understand the Cloud

  • Yes, the cloud is pretty cool, but it is still vulnerable. The cloud, essentially is just internet connected servers that sit in climate controlled secure facilities. These are generally secure. However, if your device doesn’t have the best security, the data in the cloud becomes vulnerable through your device. Example: your bank which is cloud based, is unlikely to get hacked, but your PC is. If you don’t use security software, or if you don’t update your software, cloud security doesn’t matter much.
  • Since the cloud is a huge source of data, a lot can go wrong. So, should you rely on the cloud to protect you or should you protect yourself? Feel good that in general whatever cloud serve you are using is secure. But if you are downloading pirated content and shady software, then cloud security will not protect you.

New Devices Don’t Mean Safe Devices

  • Many believe that if they have a new device that it is perfectly safe. This isn’t true. Androids and Macs need antivirus just like PCs need antivirus. And right out of the box, all devices operating systems, browsers and software should be updated.

Antivirus Software is Great, But Not Perfect

  • Yes, it’s awesome to have good antivirus software, but it’s not the only thing you have to do to keep your device safe. Think of your antivirus software as an exterminator. Like a pest control expert in your home, they get out the vast majority of insects when you call them. However, they can’t 100% eradicate every single egg, larvae, and bug. Free antivirus software is the same. It does a great job for the most part, but it won’t get everything. Free antivirus doesn’t come with a firewall, antispyware, antiphishing or other fundamental security tools. A paid service will generally accomplish this.
  • Ask yourself this: would you want your bank using free antivirus software? Then why do you?

Updating Your System

 It can get annoying when your system alerts you with a pop-up to update your software, but don’t hit “remind me later.” In most cases, this update contains important security patches that you need to install to be safe. It’s best to allow automatic updates on every device.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Smart and Easy Ways to Protect Your Digital Life

Even if you don’t realize it, your identity is all over the internet. Whether you posted to an internet forum in 1996 or you ever had a MySpace page, this information is still out there, and you have to protect it. Here are some simple and easy ways that you can protect your digital life:

  1. Change Passwords – The first thing you should do is make sure you are regularly changing passwords. Make your passwords difficult to guess, and a mixture of letters, numbers, and symbols. Also, make sure that you are protecting your account when resetting passwords. For instance, you should have to answer “knowledge based authentication questions” before making a change.
  2. Take a Look at Account Activity – Many companies allow users to check out their recent activity. Google, Facebook, and Twitter are three examples. If something seems out of place, report it, immediately.
  3. Close Accounts You Don’t Use – Do you have an old MySpace page? Did you start a Blogger and never use it? If so, go and delete those accounts before they get hacked.
  4. Don’t Share Too Much – What do you share online? Are you getting too personal? Hackers can use personal information, such as your birthday, or even favorite sports team, to get into your accounts. This is especially the case if you choose to use this information in your passwords or in your password reset or knowledge based authentication questions.
  5. Use a VPN – With all of the talk about internet security making headlines, the safest way to access public Wi-Fi is through a VPN. A VPN, or virtual private network, encrypts your information.
  6. Don’t share account passwords – STOP THE MADNESS! Though you might think it’s cute to share a social media account with your spouse, it’s also dangerous. The more people who have access to your accounts, the higher the chances of getting hacked.
  7. Choose Trusted Contacts – Make sure to choose a couple of friends or family members as trusted contacts. That way, if you get kicked out of your social media accounts, they (meaning their email or mobile#) can help you get back in.
  8. Update All of Your Software – Finally, make sure that you are updating all of your software such as your OS, apps, or even Office docs when prompted. Don’t let those updates wait. Many of them contain important security updates, too.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Getting Rid of an Electronic Device? Do This First…

A shocking study by the National Associated for Information Destruction has revealed some terrifying information: 40% of electronic devices found on the second-hand market contains personal information. This information includes usernames and passwords, personal information, credit card numbers, and even tax information. Tablets were the most affected, with 50% of them containing this sensitive information, while 44% of hard drives contained the info.

What does this mean for you? It means that all of those old devices you have laying around could put you in danger.

Deleting…Really Deleting…Your Devices

Many of us will haphazardly click the ‘Delete’ button on our devices and think that the information is gone. Unfortunately, that’s not how it works. You might not see it any longer, but that doesn’t mean it doesn’t exist.

To really make sure your device is totally clean, you have to fully wipe or destroy the hard drive. However, before you do, make sure to back up your information.

Back Up

Whether you use a Mac or a PC, there are methods built into your device that will allow you to back it up. You can also use the iCloud for Apple, or the Google Auto Backup service for Androids. And of course you can use external hard drives, thumb drives or remote backup.

Wipe

Wiping a device refers to completely removing the data. Remember, hitting delete or even reformatting isn’t going to cut it. Instead, you have to do a “factory reset,” and then totally reinstall the OS. There is third party software that can help, such as Active KillDisk for PCs or WipeDrive for Mac.  If you are trying to clean a mobile device, do a factory reset, and then use a program like Biancco Mobile, which will wipe both Android and iOS devices.

Destroy

Wiping will usually work if your plan is to resell your old device, but if you really want to make sure that the information is gone for good, and you are going to throw the device away anyway, make sure to destroy it.

Many consumers and businesses elect to use a professional document shredding service. I talked to Harold Paicopolos at Highland Shredding, a Boston Area, (North shore, Woburn Ma) on demand, on-site and drop off shredding service. Harold said “Theft, vandalism, and industrial espionage are ever increasing security problems. Today’s information explosion can be devastating to your business. Most consumers and businesses may not know that they have a legal responsibility to ensure that confidential information is not disseminated.” The reality is, if security is important to you or your company, then shredding should be as well.  

The goal, of course, is to make it impossible for thieves to access the data you have and/or discard.

Recycle

If you want to recycle your device, make sure that you only use a company that is certified and does downstream recycling. Know that recycling offers NO security for your information. They should be part of the R2, or Responsible Recycling program or the e-Stewards certification program. Otherwise, your data could end up in the wrong hands. Also, if you recycle or donate your device, make sure to keep your receipt. You can use it when you file your taxes for a little bit of a return.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

10 ways to beef up Digital Security

#1. Keep everything up to date. You know those annoying popups telling you updates are available? Do you ever click out of them? Don’t. Always update at the time these appear.

2D#2. Two-step verification. Two-step verification or authentication should be set up for all your accounts that offer it. A unique one-time code is sent to the user’s phone or via e-mail that must be entered in the login field.

#3. Unneeded browser extensions? Review your browser extensions. Uninstall the ones you don’t use. Too many extensions can slow down your computer.

#4. Encryption. Encryption software will scramble your e-mail and other correspondence so that prying eyes can’t read them, but you and your intended correspondent can. If you must use public Wi-Fi (like at a coffee house), install a virtual private network to encrypt transactions.

#5. Lock screen protection for your mobile device. Your smartphone has lock screen protection in the form of a password to prevent a non-authorized user from gaining access. If you leave your phone lying around or lose it, you’re protected if you have a password. Otherwise you are screwed.

In the same vein, your laptop should have protection from non-authorized users. Set up a password that allows access to using the device, including after hibernation periods.

#6. Check active logins. Some accounts allow you to check active logins to see if any unauthorized users have been in your accounts, such as Twitter, Facebook and Gmail.

#7. How easy can someone impersonate you? Could anyone phone your bank or medical carrier and give the correct information to bypass security, such as your “favorite pet’s name”? Who might know this information? Well, if it’s on your Facebook page, anyone who can view it. How much of your personal information is actually online?  Many accounts allow a “secondary password” Ask them.

#8. Simple but powerful layers of protection.

  • Don’t have login information written down on hardcopy.
  • Cover your webcam with tape (yes, cybercrooks have been known to spy on people this way).

#9. Sharing your personal life with the whole world. Set all of your social media accounts to the private settings you desire. Do you really want a potential employer to see you hurling at your late-night party? Make sure images that you post are not geo-tagged with your home address.

#10. Web tools. Check out the various toolbars that you can add to your browser to beef up security. Be selective and check ratings.

Robert Siciliano, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.