Are lackadaisical tech practices putting your nest egg at risk?
For far too many Americans, this is the sad truth. Millions are blissfully unaware of the dangers lurking behind every digital corner.
It’s essential for everyone who consents to use the public Internet — and at this point, that’s pretty much everyone — to understand that there’s no way to completely reduce the risk associated with online activity. The threat landscape is constantly evolving; the world’s best cybersecurity experts can barely keep track of its permutations, let alone rank-and-file digital denizens without computer science doctorates.
To make matters worse, most of the risks common risks facing the average personal or small business user can plausibly be described as “bottom-line” risks. That is, they have real potential to adversely impact victims’ finances, whether directly (through drained bank accounts or digital ransoms demanded by ransomware publishers, for instance) or indirectly (by requiring costly mitigation). If you’ve ever experienced a serious digital security breach, you may know all too well how costly such unfortunate incidents can be.
If you’ve been fortunate thus far to avoid serious repercussions for your less-than-perfect digital security posture, your luck may not last. The good news: You can take near-term steps to reduce your exposure to common digital threats.
How, exactly? Start by avoiding these 14 costly tech mistakes. If you’re being honest with yourself, that probably means changing some things about your digital life. Whatever the associated inconvenience, think of it as an investment in your future — because, to the extent that avoiding these mistakes provides protection for your nest egg, it absolutely is.
- Keeping Apps’ Default Security Settings
One of the signature benefits of comprehensive cyber protection packages is enhanced app security throughout the user’s entire digital ecosystem. There’s no way to completely replicate the protection afforded by top cyber protection packages, of course, but one thing every user can do to boost app security is not simply to leave default security settings in place without first confirming that they’re adequate to protect careful users from common threats.
Just be sure that you understand how to change the security settings on your operating system and apps safely and without complication. For guidance on changing Windows security settings and user permissions, for instance, check out this handy how-to from TechWalla.
- Failing to Understand How Apps and Their Publishers Share Your Personal Data
Do you really, truly understand how apps and publishers use the personal data you’ve given them permission to collect and deploy?
Why is this so important? Because even trustworthy apps may have lax privacy policies that authorize them to sell or otherwise distribute user data to third parties that might not be so friendly. To some extent, such information-sharing is inevitable; virtually every Internet-connected app or platform harnesses user data in some way. But it’s incumbent upon you to understand precisely how your data gets shared and distributed, lest particularly sensitive bits (your Social Security number, your bank account information) fall into the wrong hands at a later date.
- Failing to Regularly Back Up Your Files
This is an easy step that every Internet user can and should take to protect their most cherished digital possessions. Get in the habit of backing up all of your user files on a regular basis, and keep multiple backups in multiple locations to spread the risk around. Ideally, you’ll have a master backup on physical external media, kept under lock and key in a secure location, plus at least one master cloud backup — more on the latter below.
- Failing to Keep Thorough, Secure Cloud Backups Covering Your Entire Digital Footprint
Is your entire digital footprint backed up — really, truly backed up?
Probably not. Even if you intuitively understand the importance of backing up your data on a regular basis, you may fail to do so on a regular basis. At least once per week is ideal; remember, there’s no need to watch like a hawk as your cloud backup platform quietly updates your secure reserve.
Why not simply use the automated backups built into your computer’s operating system or apps? There’s nothing inherently wrong with backing up your data in this fashion; indeed, doing so may be the path of least resistance. But relying on automated, program-specific backups is not in and of itself sufficient to achieve comprehensive coverage. You need a highly regarded third-party system that ensures no data falls through the cracks — and no surprises arise if and when you need to recover from unexpected data loss.
- Using Weak or Easily Guessed Passwords
How secure are your passwords? If this tongue-in-cheek password hygiene video strikes a little too close to home, it may be time to think about upping your credentials game.
Whole books have been written on password best practices; we won’t get into the nitty-gritty here. Suffice to say that your passwords should be:
- Longer than eight characters
- Completely unique, meaning no repeated phrase, letter, or number combinations
- Incorporate upper and lowercase letters
- Incorporate numerals and special characters
- Avoid easily guessed information, such as your name or your hometown
It goes without saying that password hygiene is particularly important around highly sensitive or mission-critical accounts. You’ll want to devote more effort to ensuring your bank account passwords are unique and tough-to-guess, for instance, than that cloud subscription service to which you signed up on a whim and given little in the way of personal data.
This distinction leads nicely to the next common tech mistake that could threaten your nest egg…
- Avoiding or Weakening Two-Factor Authentication
Two-factor authentication (2FA) is the most common type of multi-factor authentication — the practice of using more than one credential to gatekeep accounts and information.
You may already use two-factor authentication. If your bank asks you to enter a secure code sent via SMS after entering your password, for instance, you’re on the 2FA bandwagon.
The danger comes when the temptation to cut corners wins out — when you intentionally avoid accounts that require 2FA, or you undercut the inherent protections afforded by 2FA when, say, you give your phone or email password out readily. Should the ability to receive 2FA codes fall into the wrong hands, all it takes to access your accounts against your will is the passwords to those accounts. If they’re easily guessed, well — you know the rest of the story.
- Disabling Your Operating System’s Firewall
The good news: Most computer users don’t know the first thing about their operating system’s firewall. They leave it in place, working as intended.
The bad news: Computer users who know just enough to be dangerous, as the expression goes, often monkey with their system firewalls in a misguided effort to improve operating performance or speed.
The bottom line: Don’t disable or alter your operating system’s firewall unless you absolutely know what you’re doing. You’ll cause more problems than you solve.
- Putting Off Needed Software and System Updates
How often do you update apps installed on your hard drive? Your operating system? Your Internet browser?There’s absolutely no need to delay any of these updates for any length of time. We’re all busy, but updating your system’s nuts and bolts on a regular basis — and/or as soon as you’re prompted by the programs themselves — is the best way to maximize protection against ever-evolving digital threats. That, in turn, reduces the risk that you’ll be victimized by any given threat.
- Using Insecure Websites for Sensitive Tasks
Here’s a simple rule of thumb: If the website does not have an SSL certificate, don’t enter any personal information anywhere on it. Banks and other financial institutions are required by law to follow stringent data security practices, but this isn’t always the norm for non-financial websites that collect and retain potentially valuable or sensitive data. Remember, it only takes one identity theft incident to wreak havoc on your personal finances.
- Failing to Install, Use, and Update Anti-Malware Protection
If you use a Windows or Android device, you need anti-malware protection — end of story. Don’t listen to anyone who tells you otherwise.
Finding and vetting top anti-malware programs is an art unto itself. Read up on what you should look for based on your specific needs, then choose the program that checks as many boxes as possible. Plan to pay for protection; “free” anti-malware programs aren’t worth the tradeoff.
- Failing to Maintain Proper Email Hygiene
History is littered with examples of costly email hygiene mistakes. Among other basic precautionary steps, you’ll want to:
- Use your email suite’s spam filter
- Automatically send promotional and social media-related emails into separate folders that don’t clutter your main inbox
- Never respond to requests for personal information, even if you trust the sender
- Never click on suspicious links within emails — again, even if you trust the sender
- Set your email suite’s security settings to refrain from loading images in emails, as these can sometimes serve as vectors for viruses and other malware
In short, be very, very careful with your email suite. More system compromises happen via email than any other vector.
- Failing to Follow the “Principle of Least Privilege”
If you run a business of any sort, always follow the “principle of least privilege.” In a nutshell, this means assigning employees and third-party process owners the bare minimum permissions necessary to get their jobs done — not a wink more. This is especially important for extremely sensitive applications and accounts; if and when a security issue arises, you’ll need to know precisely who has access to these closely guarded segments of your digital presence.
- Failing to Research and Vet Third-Party Service Providers That Have Access to Your Data
Always do your due diligence. In the digital world, this means researching and vetting third-party service providers that request access to your data — or that have access to your data by virtue of relationships with service providers that you already use. (This goes back to the importance of reading service providers’ privacy policies closely.)
When in doubt, decline permission. Better safe than sorry.
- Clicking Sketchy Banner and Pop-Up Ads
Banner and pop-up ads grow more aggressive by the month. They’ll do everything short of grabbing your finger to entice you to click — and, very often, they succeed. You’ll want to do everything in your power to resist; very often, these ads serve as vectors for sketchy adware and grayware that clutters your system and surreptitiously records your personal data.
Are You Doing Enough to Stay Safe Online?
If you’re being honest with yourself, the answer to this question is probably “no.” When it comes to all-too-common tech mistakes, this apparently exhaustive list is actually just the tip of the iceberg. Millions of American tech consumers make at least one of these mistakes every year or ongoingly — and millions more are prone to other foul-ups not listed here.
What’s a conscientious digital denizen to do? For starters: Recognize that, no matter the lengths to which you go, you’ll never completely eliminate the risks of using the public Internet, mass-produced hardware, and the software without which our lives would feel badly incomplete.
It’s simply not possible. The threat landscape is too variegated to make sense of even in snapshot form, and the daily — hourly — advent of new threats makes keeping up a fool’s errand.
Still, by implementing the tips we’ve discussed herein and taking pains to boost your security posture, you can avoid some of the most common digital mistakes and reduce your exposure to serious threats — threats to which many of your online compatriots remain dangerously oblivious.
As we’ve made clear, enhancing your security posture and reducing your exposure to common digital risks isn’t just good for your online safety and security. It could also be a boon for your bottom line. That’s something everyone can get behind, no matter how savvy or naive they happen to be.