Stuck on New Year’s Resolutions? Here are 10 suggestions to improve your cybersecurity in 2020

5 min read
Jamie

Jamie is always hungry. He also writes about digital privacy in exchange for sandwiches.

A list titled 2020 with checkmarks next to each line.

With the new year and decade (!) almost upon us, it’s time to sit down and draw up a few aspirational New Year’s resolutions. You might want to hit the gym more, check a few travel goals off your list (even if it may be virtual), or stay in closer touch with friends and family.

We have a few cybersecurity-related resolutions that you may want to consider adding to your list if you haven’t done them already. Some of these will just take seconds, while some may end up taking forever (like updating your devices—we’re joking, almost).

Check out these cybersecurity New Year’s resolutions for 2020:

  1. Use HTTPS Everywhere
  2. Start using a secure messaging app
  3. Start using a privacy-oriented browser too
  4. Use strong passwords; store them in a password manager
  5. Use 2FA and MFA wherever possible
  6. Be wary of public Wi-Fi
  7. Be more careful about what you share online
  8. Delete accounts that you no longer need
  9. Think before clicking on that email link
  10. Update your devices

1. Use HTTPS Everywhere

If a website uses HTTPS (indicated by the green lock in the browser bar), that means the data between your browser and the website’s server is encrypted.

There are still plenty of websites that do not offer this basic HTTPS encryption, though, exposing your data to your ISP, your server’s ISP, your Wi-Fi router/operator, and any entity between your ISP and the server’s ISP.

With the EFF’s HTTPS Everywhere extension (available for Firefox and Chrome, and included with the ExpressVPN browser extensions), you can ensure all of the data traveling between your browser and a website’s server is encrypted. You can cross this resolution off in seconds.

 

2. Make the switch to a more secure messaging app

From WhatsApp to Snapchat, messaging apps provide an easy service to communicate with friends, family, and co-workers.

But without encryption, your messages could be read by the company behind the app, third parties, and governments that collect private data on their citizens.

Thankfully, several messaging apps use end-to-end encryption to prevent anyone except you and the intended recipient from seeing the messages’ contents. We recommend getting Signal (available on iOS, Android, and Desktop), because it arguably has the most secure messaging protocol of the lot, is end-to-end encrypted by default, and is entirely open source so its security can be vouched for.

Perhaps the hardest part about using these messaging apps is getting everyone else you message to use the same app you do. But your personal privacy and security are worth it.

 

3. Start using a privacy-oriented browser, too

Ideally your browser should be updated often to protect you from new threats.

We ranked the most popular browsers based on privacy and security, and while Tor Browser came out on top, we found Firefox and Chromium-based Brave to be better suited for daily use. Both are open source and have a variety of content and ad-blocking options.

 

4. Use strong passwords and store them in a password manager

You’ll have heard this before, but “password” is NOT a good password. Neither is your name, date of birth, nor your hometown. Make your passwords more difficult to guess—such as by using a random password generator—and store them in a password manager. That way, you’ll only need to remember the password for your password manager. Just don’t write it down.

 

5. Use 2FA and MFA wherever possible

One password is simply not secure enough anymore—you’ll want to double up your protection with another pass code. This doubling up of passwords is often called two-factor or multi-factor authentication and is quickly becoming a standard form of additional security required for your accounts. You probably already do this in some capacity with an SMS code sent to your phone or with an app.

 

6. Be more wary of public Wi-Fi

There may be a lot of public Wi-Fi hotspots to latch your device onto for free access to the internet. But that often means your online activity is at the mercy of the Wi-Fi provider, which, if unencrypted, could expose your traffic to anyone.

Aside from using a VPN to protect yourself on public Wi-Fi, make sure you’re not automatically connecting to these networks, use data if you can, and avoid submitting sensitive information like your credit card on public Wi-Fi networks.

 

7. Be more careful about what you share online

Sometimes it’s hard not to share what you’re up to on Facebook and Instagram or shout into the Twitter void. Be aware though that when you do, there is always a chance that someone can figure out what you’re doing, where you are, and who you’re with.

A lot can be done with that information, not least to phish you, or target you with a social engineering attack. Go through your photos and make them private on social media, or delete your posts altogether if you think it gives too much away.

 

8. Delete accounts that you no longer use

Facebook no longer sparking joy? Stopped using apps and services you signed up for? Just Delete Me has a useful aggregate of websites and services that helps you figure out if you can delete your various accounts. If you want to #DeleteFacebook or other social media and messaging accounts, we have a guide for it.

 

9. Think twice before clicking that email link

All the security in the world can’t help you if you fall for a phishing attempt. Learn how to defend yourself against phishing attacks and when to question requests for your passwords and credit card information.

 

10. Update your devices

Finally, and we know it’s a pain, updating your devices will help protect you from malware, software bugs, and zero-day exploits. Just update them, and while you wait, enjoy a break from the screen, too.

 

What are your New Year’s resolutions for 2020? Don’t tell us!

Jamie writes about current issues concerning digital privacy and security and is known to interview leading figures in tech. He also keeps an eye on changes in government censorship and surveillance.