In its most recent podcast, global cybersecurity company Kaspersky Lab offered some highly doable “New Year’s resolutions” to keep users safe online.

The year 2018 saw high-profile data breaches that affected millions from across various industries. While the European Union finally implemented its General Data Protection Regulation to protect users and their data, many companies still fail or at least delayed reporting breaches that compromised information security.

Here, Kaspersky lists down organizations and even end users can do to protect their accounts online.

1. Choose IoT (Internet of Things) devices wisely

Kaspersky Lab recommended users to think thoroughly in terms of using and living with highly vulnerable IoT devices. The cybersecurity company said that if such devices are not adding value or quality to one’s life, now is a good time to get rid of them or disconnect them from the internet.

“We’ve done a lot of research around IoT devices and the security flaws that they inherently have. If you do genuinely use them, then keep them,” said Dave Buxton, head of Social Media for UK, Australia, New Zealand, and South Africa. “If you’re not using them or the stuff is just there doing nothing, think about getting rid of them.”

“It’s a matter of preferences. If you got one as a gift, try it out if you like it but make sure you change the password if you can. Put it on guest network, not your main network so you can mitigate the security impact on you,” said Jeff Esposito, global head of Regional Social Media.

2. Be wary of online sale

Everybody knows people are looking for deals and offers they can get at the beginning of the year. Kaspersky Lab suggests users be careful with opening links of sale events as some of these could be something more than meets the eye.

“Cybercriminals always use launch events as a stimulus for their phishing campaigns. It happens every year. Sales are going on and stores are getting rid of old stuff, offering great deals as much as 60 percent off. People get carried away and just click on the links without paying attention really well on the legitimacy of the links and we know what happens next. Check those emails and make sure you’ve been a bit more fastidious with internet hygiene,” said Buxton.

3. Secure a new device

Devices received during the holidays must be immediately secured.

“Brand new devices that one gets as gifts could also get stolen or which might be accidentally dropped on the floor. If these are not protected or insured, then you’ll have to buy another one. It’s worth considering getting insurance for such expensive items,” said Esposito.

4. Update new devices

Kaspersky advises that if brand-new gifts do not have updated operating systems, a good new year’s resolution is to update them right away to address the device’s current vulnerabilities. The cybersecurity company said most devices, especially those out of the box, are usually at least a few months behind in terms of updates. Setting updates as soon as getting these tech gifts to install either overnight or automatically is ideal.

Pro tip: If buying a device for a friend or family member, a valuable idea is to get it out of the box, update it, and then put it back into the box.

5. Get an anti-virus for the Android device, whether free or paid

Kaspersky Lab says this is a reasonable resolution as getting one really doesn’t take a lot of footprint in terms of memory or CPU usage. It keeps one’s device protected.

6. Shore up your Wi-Fi

The cybersecurity company encouraged Wi-Fi users to ensure their router has the most up-to-date security settings.

“You can Google your router’s IP address, you can even look at the back of the router, and check all details there. And if you haven’t changed your password or username yet, get on that as well,” said Esposito. “Make sure family and friends are doing the same thing, too. The router is your gateway in and out of the Internet, so to speak, so make sure it’s protected,” added Buxton.

7. Lock online accounts better

Kaspersky Lab says if one is using any type of online account, whether it’s Gmail or Facebook or Twitter, it’s a nifty New Year’s resolution to set up a good type of two-factor authentication or 2FA. In simpler terms, 2FAs are two separate pieces of information that verify one’s identity.

“Consider getting a third-party authenticator app to verify versus a text message or you can use security keys. Sometimes we have to use different ways because certain networks do not have everything enabled. These don’t cost anything. And it’s one way to stop getting your private sites stolen,” said Esposito.

8. Include online accounts when doing spring cleaning, especially social media accounts

“MySpace was massive back in the day but now, nobody uses it anymore. If you’re not using it anymore, you likely won’t be using it in the future so just deactivate or delete it entirely. Get rid of the stuff you no longer use. Even email accounts that do nothing but collect spams,” Buxton said.

9. Get a password manager to help with account passwords

Old social media or email accounts most likely bear passwords as old as 12 years old and these have to go. The cybersecurity experts say passwords don’t have to be hard — one can use a password manager that can generate a brand-new key for each online account.

“Apple is very good with this as it stores passwords using their iCloud keychain. In a sense, you almost don’t need a password manager if you’re using purely Apple devices. But for other devices, free password managers are still not available. Kaspersky has its own reliable Password Manager. LastPass is also a good option. Contrary to common misconception, password managers are not complicated. Just set up one tough password, add 2FA onto it, and just let Kaspersky or LastPass or any password manager help manage your account for you. It’s that simple,” explained Buxton.

10. Tidy up apps on devices

Kaspersky Lab reminds users to evaluate whether they really need all the apps on their phone or not.

“There are apps you don’t need on your devices but are still collecting your data and maybe sharing your location and making money out of it,” said Esposito.

Buxton recommended to look up privacy details of the apps on one’s device to understand what these do. He said there are some dedicated sites that simplify privacy rules and written in layman’s terms so one can easily understand what these are really about.

11. Make sure to keep oneself safe online

The cybersecurity company says some people might feel paranoid reading that AV (anti-virus) is dead. Generally speaking, a good anti-virus solution still keeps one safe online. One can even get it for free.

“That’s one thing to help you keep secure on the web. If you want to go ultra-paranoid about safety, start thinking about going through the VPN route. But for most people, the normal Joe or Jane on the street — having an AV solution on their devices is good enough,” said Buxton.

Image by Biljana Jovanovic/Pixabay