• CyberGuardian Security Checklist

  • Ord-erCyberGuardian Security Checklist ItemBook SectionPrior-ity GroupWhen To Do
    1Freeze your credit at the 4 credit bureaus and check your credit report frequently at each. R. Financial SecurityVHOnce, then Frequently
    2Set up two-factor authentication (2FA; MFA) at all your important online accounts (government, banks, investments, credit cards, …..).G.2. Two Factor Authentication (2FA)VHOnce, then annually
    3Be suspicious when receiving unexpected emails, texts, or phone calls, especially when accompanied by requests for personal information or money. Don’t click on links or attachments.     J. Email
    K. Texting
    P.4. Vishing (Spam Calls)
    4Keep software (operating system, web browser, apps, …) up to date on all PCs and smartphones using only the native auto-update feature. O. Personal ComputersVHAlways
    5Encrypt your devices and cloud storage.O.3. Disk (Storage) EncryptionVHContinuously; Monthly monitor
    6Maintain a remote, multi-version backup of personal computer and smartphone files.S.3. Backup StrategyVHContinuously; monthly monitor
    7Protect all devices with cybersecurity software, including antivirus and firewall. Keep it updated.D.8. Antivirus Software to the Rescue
    F.7. Firewalls
    8Use long, unique, memorable passwords for all online accounts and use a password manager to manage them.G. PasswordsVHOnce when you get new device, register at a new web site, etc
    9Use Public Wi-Fi only with a secure VPN. Avoid online financial transactions on public Wi-Fi.F.3. Public NetworksVHAlways
    10Set up non-Administrator accounts for yourself and other users on your PC. O.1. Separate Accounts for Multiple Users on PCsVHOnce
    11Minimize sharing of your personal information on the internet to protect your privacy.D.2. Online PrivacyVHAlways
    12Set up your home router securelyF.2. A Secure Home Router is a MustHOnce, then annually
    13Set your devices to lock after a short time of inactivity.O.2. Physical Access ControlVHOnce when you get a new device
    14Change all potentially compromised passwords when a major breach occurs.D.9. Major Data Breach?HAlways
    15If virus-infected, run antivirus and/or consult a professional .D.8. Antivirus Software to the RescueHAlways
    16When web browsing to a new site, examine the address bar details to ensure security.H. Web BrowsingHAs needed
    17If scam victim, change passwords, run antivirus, call police, contact credit bureaus & financial companies. Consult a professional, if necessary .D.10. Are You a Victim?HAlways
    18Don’t send important personal information in email.J. EmailHAlways
    19Frequently monitor financial accounts and set up automatic alerts.R. Financial SecurityHDaily
    20Avoid sending important personal information in text messages.K. TextingMAlways
    21Avoid entering online contests/surveys, mailing in warranty cards and excessive posting on Social Media. D.7. ScamsMAlways
    22Turn off unnecessary “local” communications features (e.g. Bluetooth, AirDrop, network sharing) when in public places.E.6. The Outside WorldMWhenever
    23Use touch/facial recognition (if available) and a non-obvious pass code for all devices.P.1. Physical Device SecurityMOnce
    24After migrating to a new computer, carefully erase all files. Consult a professional, if necessary. O.4. How do I securely dispose of my old personal computer?MAlways
    25After migrating to a new smartphone, carefully erase all files. Consult a professional, if necessary.P.8. Migrate from Old to New Smartphone (Securely)MAlways
    26Set up a pin access code with your phone service provider.P.5. Telephone Account AccessMOnce
    27Set up a guest network in your home WI-FI router for visitors who might request access. F.2. A Secure Home Router is a MustMOnce
    28If you are investing in a smart home, create a second, separate Wi-Fi network for your IoT devices.Q.8. Dealing with “Leakage”MOnce
    29Secure your web browsing by encrypting your DNS requests.H.2. Securing Your DNS InteractionsMOnce
    30Minimize tracking of your browser activity by going incognito or installing a blocking extension. H4. Minimizing & Avoiding Personal TrackingM Whenever
    31Avoid clicking on ads when browsing – you may be clickjacked! H.4. Minimizing & Avoiding Personal TrackingMWhenever
    32If email security is very important, consider an enhanced email service.J.1. Consider Paying for Your Email ServiceMOnce
    33Get involved if your young children are online.M. Parenting Do’s & Don’tsMAlways
    34Review sharing and privacy settings for all social media accounts at least annually. I.1. Social MediaMOnce
    35Ensure that the firmware in your IoT devices is up-to-date. Q.8. Dealing with “Leakage”MAnnually
    36Get an IP Pin annually from the IRS at irs.gov to protect your tax submissions from fraud.R.1. Protect Your IdentityMAnnually
    37Quarterly, check your personal exposure on the Dark Web at https://haveibeenpwned.com . Change passwords as needed.D.5. The Dark WebLOften
    38Protect your employer’s business with secure home computing. N. Working from Home SecurelyLAlways
    39Set up personal email address aliases for your important online accounts.J. EmailLOnce
    40Minimize sharing of your cell phone number.G.3. Minimize Sharing Your Phone NumberLAlways
    41Only use your own cable connected to a traditional (120V) plug if charging device in a public place.E.6. The Outside WorldLAlways
    42Create a smartphone lock screen with alternate phone number and email.P.1. Physical Device SecurityLAlways
    43Delete unnecessary, personal files on all devices periodically.S.1. What to Keep and How Long to Keep It?LYearly
    44Minimize use of contact sharing.P.4. Contact SharingLAlways
    45Minimize use of location sharing.P.3. Location SharingLAlways
    46Create a printable record of personal cyber details ( Kick the Bucket letter) for your family (heirs).T. Kicking the BucketLOnce; update as needed
    47Periodically clean up stale personal data on websites.H.6. Clean Up Stale Digital Haunts and Personal DataLYearly
    48Establish accounts at major, official websites before a scammer does it for you.H.5. Shoppers BewareLOnce
    49Establish accounts at major social media apps before a scammer does it for you.I.1.1 Plant Your Flag!LOnce
    50Reduce stored emails.J.2. Reduce Stored EmailsLYearly
    51If smished, forward the message to 7726 to report it.K.1. Have You Been Smished?LWhenever
    52Gamers should document suspected hacking and report it to developers. L. GamingAlways
    53For excessive robo calls, contact phone service providers for blocking services.P.7. Guidance to Minimize Vishing (Spam Calls)LOnce
    54Don’t use your voice assistant to find numbers for important calls.Q.7. Voice Assistant “Leakage”LWhenever
    55Use smartphone “Pay” apps for more secure payments.R.4. Making Payments Securely in the 21st CenturyLWhenever
    56When concerned about misuse, request collected personal data from offending company.D.2. Online PrivacyLWhenever