How to Be Safe Online: 8 Cyber Hygiene Tips to Keep You Safe

Man with a book leaning on Internet security shield icon and books
Click here for a summary of this article
Summary: 8 Cyber Hygiene Tips to Keep You Safe Online

Cyber hygiene is all about adopting good practices online that protect you from hackers and cybercriminals. Much like how you shower and brush your teeth in the morning, you should have a cyber hygiene routine, as well. This involves being critical about whom to share your data with and using cybersecurity tools to protect your devices and network.

Here’s a quick overview of our 8 tips for good cyber hygiene:

  1. Check that your operating system is up to date so that you’re protected against the latest security vulnerabilities.
  2. Install antivirus software to routinely scan your system for malware.
  3. Use a firewall for added protection against malware and other viruses.
  4. Protect your network with a VPN, which encrypts your traffic and hides your IP address.
  5. Use a password manager to securely store your passwords and generate secure passwords whenever you register to a new website.
  6. Learn to spot and avoid phishing emails and unsecured websites to protect your data from being stolen.
  7. Routinely scan your computer for unnecessary files and clutter, and keep your hard drive clean.
  8. Stay alert and be vigilant! Consider other security tips, like using 2-factor authentication and constantly question whether websites, links, downloads, and contacts are safe to interact with.

For more information on these cyber hygiene tips, check out our full article below.

When we talk about cyber hygiene, we don’t mean brushing your teeth while on Zoom. No, cyber hygiene means thinking proactively about the steps you can take to keep yourself, your devices, and your data safe online. Poor cyber hygiene can result in you losing personal data and other security incidents.

By integrating these cyber hygiene practices into your daily routine, you can improve your cyber security, prevent data loss, and fill in any security gaps on your desktop and mobile devices.

What is Cyber Hygiene?

Much like you’ve established a personal hygiene routine to keep yourself healthy and looking presentable, you should also follow good cyber hygiene habits. This means establishing a routine to protect your devices, your sensitive data, and your networks from attacks. This is becoming more and more important, as phishing emails, malware and viruses, fake websites, and unprotected networks are everywhere.

With good cyber hygiene practices, you’ll be better protected against the risks that the internet poses to your privacy and security. We’ve put together 8 basic cyber hygiene pointers to integrate into your routine.

Here’s a quick visual representation of the tips that you can hope to take away from this article:
Infographic showing eight steps to stay safe on the internet

T0 better understand the logic behind these tips, let’s first go over the risks of not practicing good cyber hygiene.

Common Cyber Hygiene Problems

You or your company may be encountering some common cybersecurity hygiene problems without even realizing it. With so many points of entry for malicious software, we see more and more people and organizations having to deal with security incidents.

Here are the most common cyber hygiene problems with a quick summary of each:

  1. Data loss: If you’re not securely backing up your data at regular intervals, data can be left vulnerable to attacks from malicious actors. Data could also be lost through corruption, leaks, and breaches.
  2. Security breaches: Just take a look at our News section, and you’ll see that data breaches are growing in size, severity, and frequency. Whether this is due to poor data storage, poor network security, or something else entirely, a security or data breach can be damaging for your business and its reputation.
  3. Out of date software: It’s essential to keep hardware and software up-to-date with the latest software patches. One of the biggest examples of outdated computer software in recent years was the WannaCry ransomware attack that cost the NHS £92 million in the United Kingdom and saw countless patients affected.
  4. Outdated cybersecurity software: New vulnerabilities are constantly discovered by malicious actors, even in software that has been around for years. To ensure that you’re not exposed to the latest vulnerabilities, you need to keep your security software (such as your antivirus and virtual private network) up to date.

So, how do you avoid cyber threats, phishing attacks, computer viruses, and other issues? Below, you’ll find 8 cyber hygiene best practices to improve your or your business’s security. We’ll explain all of these steps in detail, and then we’ll signpost you to the best cybersecurity tools to complement your new cyber hygiene routine.

8 Steps to Improve Your Cyber Hygiene

We’ll assume that you’re starting from scratch. You want to improve your cyber hygiene, and you need to know what tools and techniques to use and where to download the software you need. Let’s begin.


1. Update your operating system software

When operating systems like Microsoft and Android release an update, they often include fixes and security patches for vulnerabilities found in earlier versions. Older operating systems (like Windows XP or OS X El Capitan) stop getting updated after reaching a certain age.

This can cause security issues, as cybercriminals regularly come up with new techniques to infiltrate your personal devices. When you keep your operating system up-to-date, you automatically opt-in to your operating sytem’s improved cyber defenses.

How to check system updates on Windows

To check if your system is up-to-date, you’ll have to go into your computer’s settings. If you’re on Windows, you can find this information by following 3 simple steps

  1. Click on the Windows logo on the bottom left corner of your taskbar, or click on the Windows logo or ‘Win’ button on your keyboard.
  2. Click on the gearwheel icon that says “Settings.” If you can’t find this icon, simply start typing in “Settings” using your keyboard.
  3. Once in the Settings window, click on the button that says “Updates & Security.” This should lead you to a new page.
  4. In this new window, clickCheck for updates.” Windows should guide you from here and show you a list of updates (most of which your computer will download automatically).

If, for some reason, your computer isn’t showing you the Settings window, simply click on the Windows icon again and start typing “Update.” You should be shown a “Click for Updates” button, which will let you skip steps 3 and 4 above. If you have Windows 10, that process should look a little something like this:

Windows 10 system update

Windows 10 updates your operating system automatically, so if you use this version, you shouldn’t need to worry about updates. If you have an older version of Windows, things could look and work slightly differently. Note that Microsoft has discontinued updates and support for Windows 7 and Windows XP.

How to check system updates on Mac

Things are a little different on Mac, though Macs are generally less susceptible to many of the viruses that affect Windows computers. Here’s how to check system updates on your Apple device:

  1. Click on the Apple logo in the upper-left corner of your screen.
  2. Besides System Preferences, you should see “1 update” (or more, depending on when you last updated) if there are updates available.
  3. Click on System Preferences, then check if there’s a notification besides “Software Update.” If there is, it’s time to update.

2. Use one of the best antivirus software

Installing antivirus software on your device is crucial to good cyber hygiene. In fact, it’s one of the most important cybersecurity tools you can use to be safe online.

Most antivirus software nowadays can check for harmful files, malicious software, and suspicious webpages. For example, antivirus software Intego will block any suspicious files when you download them. This type of software is very easy to install, and if you choose one of the best antivirus software, you won’t even notice it running in the background.

So, how do you choose an antivirus? As with most cybersecurity tools, you should consider the features included, pricing, privacy policy, and system usage. Each factor is as important as the last; there’s no point using a cheap antivirus app if it makes your computer run so slow that you can’t perform daily tasks.

We highlighted our picks of the best paid antivirus software and the best free antivirus software. Topping these lists are Avast (free) and Kaspersky (paid).


3. Install a firewall to protect your devices

Network firewalls are security software that protect your computer from viruses, worms, Trojans, all kinds of malware (including killware), and hackers — to some extent. Firewalls scan everything that enters your computer and can identify whether it’s harmful or not. When something is deemed dangerous, that file is quarantined and then deleted.

Most new computers are equipped with a firewall, though it’s important to check if it is actually switched on by default. You can check this in the settings of your device.

Does Windows have a firewall?

If you have a Windows 10 computer, you can find these settings by typing “Firewall” into the search bar of your start menu, as shown in the below screenshot:

Windows firewall

While Windows computers come with a firewall preinstalled, you can also install one yourself. Companies specializing in online security like Norton, Kaspersky, and Bitdefender offer their own firewalls.

What’s more, this software is often bundled together with an antivirus, which could save you money. However, bear in mind that if you choose to use a firewall other than Windows, you’ll have to turn your Windows Firewall off.

Do Macs have a firewall?

Yes, Macs come with a firewall by default. You might also be glad to hear that malware that affects Macs is on the decline. A report by Malwarebytes highlighted how the amount of malware present on macOS decreased by a huge 38 percent in 2020. However, to be completely protected, you should still be using a firewall on your Mac.

What might surprise you is that the firewall often comes disabled by default on Macs. If you didn’t know, then chances are you might’ve been browsing unprotected since you bought the device. However, enabling this bit of software only takes a few moments.

Here’s how:

  1. Click on the Apple logo in the upper-left corner of your screen.
  2. Click on System Preferences.
  3. Click on Security & Privacy in the next menu. It’s a little house and looks a bit like a keyhole or padlock.
  4. Choose “Click the lock to make changes” and do just that. You’ll have to input your Mac’s login details.
  5. Finally, click theTurn On Firewallbutton, and you’re finished.

Bonus: There’s another little-known, neat trick here to up your cyber hygiene. If you also click on Firewall Options and Enable Stealth Mode, you’ll help to shield your Mac while on public Wi-Fi networks.


4. Use one of the best VPNs for security and privacy

Aside from protecting your computer with software like an antivirus program, it’s also important to secure your internet connection. Wi-Fi networks, especially public ones, aren’t always safe. In fact, public Wi-Fi in places like hotels and airports can be risky, and even your home network can be manipulated.

Wi-Fi networks often fall victim to hackers, because an unsecured network is the ideal way for a cybercriminal to gain access to all your personal or sensitive data. Moreover, websites build a profile of their visitors by tracking all the pages you visit on your web browsers. They can use this information themselves or sell it to other companies. This type of profile can also be used in identity fraud.

Luckily, you can protect your connection with a virtual private network (VPN) which will keep you anonymous and ensure your data is protected. A VPN is a cyber security tool that will:

  • Cloak your IP address, making you harder to track
  • Encrypt all of your data so that you’re safer, even on unsecured networks
  • Allow you to bypass geographical restrictions and view region-locked websites from overseas or restricted videos

How Does a VPN Work Illustration

How does all this work? A VPN funnels your internet traffic through a protected VPN tunnel. Your data is encrypted, which means that it’s unreadable by anybody snooping on your network. This grants greater security to your financial and personal identifiable information. What’s more, you can install a VPN on all your devices that use the internet, even on your router.

In terms of the best VPNs for security and privacy, we recommend NordVPN as it rates consistently highest in our speed and security tests. NordVPN also provides user-friendly apps and advanced security options, including a kill switch and 256-bit AES encryption. You can also use split tunnelling for complete control over your privacy and data encryption.

Sign up for a subscription today, and get a 30-day money-back guarantee:

NordVPN
Our pick
Our pick
Deal:
Only $3.29 a month for a two-year subscription with a 30-day money-back guarantee!
From
$3.29
9.3
  • Excellent protection and a large network of servers
  • Nice and pleasing application
  • No logs
Visit NordVPN

How to install a VPN: A step-by-step guide

In case you’re new to using a VPN, here’s a quick guide on how to install a VPN:

  1. Choose a VPN and get a subscription. For the highest level of protection, subscribe to NordVPN (or read about its closest competitors, CyberGhost and Surfshark).
  2. Download the VPN software or use a mobile application. NordVPN supports Android and iOS smartphones via the respective app stores.
  3. Install the VPN by running the installation wizard and following the on-screen instructions.
  4. Run the VPN software and find a VPN server in your preferred country. If you’re interested purely in security right now, you can use a VPN server in your home country. However, you can bypass geo-blocks by using a VPN server in another country.
  5. Connect to the VPN server to change your IP address and be safe online, even when using an unsecured network.

How to install VPN software on your desktop, 6 steps infographic


5. Store your passwords securely with a password manager

Password notebook with a padlock on the front cover, representing password managerSome people use just the same password for every account. In fact, research suggests that up to 60% of online users have a single password for most or all of their accounts! This is a terrible idea — doing so puts you at risk of having your accounts taken over, as hackers only need to figure out your single password to access all your sensitive information.

What’s the solution? Create a secure password for every single account.

To ensure your privacy, passwords need to be relatively long and complex, avoiding common words or phrases, and using a mix of letters, numbers, and special characters.

Long, complex user passwords are necessary because hackers don’t try to guess your password manually. Instead, they use brute-force software that tries numerous combinations in a short space of time. So the longer your password, the harder it is for the software to crack. Choose a password that’s too short, and the software could gain access in seconds.

However, this raises a problem: how do you remember your passwords when you’ve got so many, and they’re becoming so complex? After all, the average person has around 100 passwords, according to NordPass.

Our recommendation is to install a password manager to keep all your passwords in a secure place. These programs can also generate completely random passwords for you, guaranteeing a password that’s nigh-on impossible to crack.

How do you choose a password manager? Again review a software’s features, pricing, and privacy policy, as these will let you know which program will best suit your needs. If you want a recommendation right now, we found that 1Password scored the highest of all the password managers we tested. You can also visit our list of the best password managers (paid) and the best free password managers.


6. Avoid phishing emails and unsecured websites

CEO phishing icon, two hooks with email iconPhishing emails and unsecured websites are bad news, and they’re becoming more common than ever. You’ve probably received a phishing email or two in recent years, and the problem is extending to text messages and WhatsApp scams. The premise is simple: you visit a website that appears legitimate, but it’s a phishing site that’s designed to capture your data. This kind of sensitive data could be usernames, passwords, or even your payment card details.

Sadly, reading an email or clicking on a corrupted link without doing anything else can still be harmful. Opening an infected message can already spread and perpetuate the scam, with your own account being hijacked to send the message on to other contacts. For this reason, it is important to always check the subject and sender of an email to gauge if it’s legitimate.

What’s more, avoid opening or downloading email attachments, especially from untrusted sources. Never, ever run an executable (.exe) file from an email!

For websites, always check if the web address you are about to visit appears legitimate. Some scammers create duplicates of legitimate websites. Sometimes, the only difference is a single letter being changed in the web address. Other times, the entire website is actually a background image stolen from the real company, with a simple popup form that will steal your data. This is a common approach used by cybercriminals impersonating delivery companies like FedEx, DPD, DHL, Hermes, and so on.

Here are some quick cyber hygiene tips for spotting a dodgy website:

  • Carefully check the URL bar where the website address is displayed. Make sure that there’s nothing suspicious; for example, a single letter having been changed (e.g. “facebook.com” becomes “faceboolc.com”).
  • Look for any grammatical mistakes. Spelling mistakes, incomplete sentences, and other problems with the text are all common indicators of a poor-quality, untrustworthy website.
  • Check that the website has an HTTPS connection, which means it has a valid security certificate. It would be extremely uncommon for a scam website to be able to fake this security measure.

7. Keep your device clean and uncluttered

Browser cookies iconOnce you’ve had your computer for a while, it’s common to notice it slowing down. After prolonged use, you tend to collect installation files, photos, images, and other files that fill up your hard drive — and few of us ever really delete these on a regular basis.

What’s more, you tend to gather cookies, trackers, and other files that are practically invisible but which can have an impact on your machine and online experience.

It shouldn’t be surprising that a cyber hygiene checklist includes cleaning your computer to maintain system health. For this purpose, we recommend specialist cleaning software like CCleaner. With CCleaner, you can easily rid your hard drive of unnecessary files. The software is simple to use, and you don’t even need to change any of the default settings out of the box.

Screenshot CCleaner Cookies

This software can also empty your computer of “Cookies” — small files that remember when you visit a website and can help to load it more quickly in the future. You may wish to keep these, however, as removing cookies will mean you have to log back into all of your accounts across the internet. This is preventable by changing the settings for each individual browser you use in the CCleaner software suite, as shown in the image.

We recommend that you use cleaning software once weekly to keep your computer uncluttered. On the off-chance a malicious file has slipped past your antivirus or firewall, this tool could help to make sure it doesn’t lie in wait on your hard drive. While you can use CCleaner for free, the paid version lets you schedule automatic scans.

Visit CCleaner

8. Stay alert when going online

Black Hat HackerWith the seven cyber hygiene tips outlined above, you can protect your computer and network from cybercriminals. However, there’s one final piece of advice — and that is to stay alert!

Hackers continue to come up with new ways to mask their true identities. They can pretend to be one of your contacts, a reliable company, or a well-known website. So a good cyber hygiene practice is to always be vigilant and be on the lookout for online scams.

Also, consider how you can put more barriers between you and those who would steal your data. Here are some final tips that you can follow to protect yourself online and improve your online security:

  1. Use common sense and caution when banking and trading online. While bank websites often have more data protection measures than other sites, your data could still be vulnerable. Always double-check the URL of the website you’re on.
  2. Use secondary bank accounts for checking out online purchases, and follow our other tips for online shopping safety.
  3. Upgrade your security by enabling two-factor authentication (2FA) on any accounts you can. Also called “multi-factor authentication,” 2FA requires you to verify any logins so you ensure unauthorized users don’t gain access to your personal data.
  4. Consider installing an adblocker to prevent tracking across websites. We compiled a list of the best adblockers for your reference.

Practice Cyber Hygiene to Stay Safe Online

Just like how we have personal hygiene practices, we should also be maintaining good cyber hygiene habits. Good cyber hygiene helps us avoid the wide-ranging risks we face daily. Hackers may try to steal our personal information or money through phishing emails, malware, and unsecured networks. But by following our tips, you can bolster your defenses against these online security issues.

So, we leave you with a quick roundup of our 8 cyber hygiene tips to stay safe online:

  1. Update your operating system and install security patches
  2. Install antivirus software
  3. Set up a firewall to avoid cyber threats
  4. Use a secure VPN like NordVPN
  5. Install a password manager and use complex passwords
  6. Watch out for malicious emails or websites
  7. Keep your computer clean
  8. Stay alert
How to Be Safe Online: Frequently Asked Questions

Got questions about cyber hygiene or the tips we’ve included in this article? Check out our frequently asked questions below for more information.

Cyber hygiene refers to the online safety habits that we can adopt to protect our computers and internet networks. By using new cybersecurity tools or changing our online best practices, we can protect ourselves from cybercriminals and avoid falling victim to identity fraud or financial crime. You’ll find more information and advice in our full article.

Good cyber hygiene is all about thinking proactively and implementing steps to improve your cyber hygiene. Ideally, you should be putting as many obstacles as possible between you and the hackers who might try to steal your data or cheat you out of money. You can use numerous cybersecurity tools and other software features to improve your online security and be safe online, including:

  1. Keeping your operating system software up to date
  2. Installing an antivirus software
  3. Installing a firewall or using the Windows built-in firewall
  4. Using one of the best VPNs
  5. Using a password manager and creating secure passwords for all of your accounts

 

In addition to installing cybersecurity tools, like a VPN, antivirus software, and password manager, you can also adopt good cyber hygiene habits that will help you to be safe online. Always be alert and vigilant when you’re browsing the internet, and remember the following tips:

  1. Be on the lookout for suspicious websites. If you’re wondering how to spot fake websites, you should first and foremost check that the URL bar has a padlock and is connected to a https connection rather than http.
  2. Avoid clicking on suspicious links in emails and text messages or downloading attached files. When you receive an email, question whether you even need to open it. If it’s not from a recognized contact and looks like spam, it may be safer to delete it immediately.
  3. Consider using 2-factor authentication on any of your accounts that support this feature.
  4. Make sure that you use a VPN on unsecured, public Wi-Fi networks.
Author
Cybersecurity journalist
Chris is a tech journalist with many years' experience covering the latest news in online privacy and cybersecurity. He's also a published author and works as a Product Manager for some of the most innovative software development companies.
Contributor
Tech journalist
Tove has been working for VPNoverview since 2017 as a journalist covering cybersecurity and privacy developments. She has broad experience developing rigorous VPN testing procedures and protocols for our VPN review section and has tested dozens of VPNs over the years.