The tumultuous events of last year prove we need to be more vigilant about online security than ever before.

By Zeid Nasser

The United States accused Russia of hacking its presidential elections. Yahoo admitted 1 billion user accounts had been compromised. While Twitter announced it was blocking government ‘spy centers’ from accessing its data. All these alarming stories from 2016 reveal a new reality that requires each of us to immediately take action to guard against cyber dangers.

The advice from experts is simple: managing passwords properly, enabling verification measures, automatically updating software, and keeping backups. Of course, they also recommend purchasing anti-virus and anti-spyware software.

Let’s start with the most common mistake of using the same password across email, social media, bank, and other accounts. This is very dangerous because it leaves a user exposed to identity theft and fraud. Did you know that password databases are sold to other hackers, or published freely on the dark web? Don’t make it that easy for them—use different passwords on different accounts, and change them regularly, perhaps once every three to six months. Also consider using some sort of password generator software.

You should also be aware of phishing, which is a term that refers to inadvertently giving up your personal data, including passwords, to fake websites or in response to fake emails pretending to be from your bank or other businesses you deal with.

Regarding verification, email services and social media companies offer two-step verification, which means a log-in from a new device or new IP address will not simply open your account, but will also require that you enter a pin number that you receive as a text to your mobile. So even if hackers steal your password, they won’t get the text message that arrives on your mobile. This could be a full-proof solution.

Another important tip is to keep your operating systems and software, on both PCs and mobiles, updated to ensure you get the latest security patches. Enabling automatic updates makes this process easy.

Keeping in mind that we live in a mobile-first world, there are additional procedures required to protect your phone. Use a six-digit passcode and look into programming your phone to delete all its data if someone tries to guess your passcode too many times.

All the steps above are simple and require minimal time and effort. Other actions may require more commitment, time, and some cost; but are also being recommended by security experts.

Did you know that your PC’s hard disk drive can be set to automatically encrypt itself when it’s turned off? The idea is to avoid someone gaining access to your web browser data and passwords or to your stored data if the laptop is stolen.

Another suggestion is to automatically backup your PC to an external storage device. As for your phone, obtain secure cloud storage space and set it to automatically backup every new file to the cloud. Though cloud storage could be vulnerable to hacking, we just have to trust that companies like Google, Microsoft, and Apple will get their security right.

Once all these measures are applied, you could even test the security of your devices by running intrusion detection software; but perhaps that would be too much to ask the majority of users. It is, however, an option for security-obsessed users.

Last year taught us that we must prepare for the inevitable fact that we will all be hacked at some point. But we can avoid or minimize the damage. Think of it as good housekeeping at the beginning of the year. Clear out the old, dangerous digital behavior, and I’m wishing you all a digitally secure new year.