Your Digital Security Checklist
Run through this list of quick, effective actions that can help you improve the security of your devices and data all year long.
Managing the security of personal data can feel like you’re moonlighting as your own IT manager. Personal and family computers, phones and tablets are all part of the system, as are apps and internet accounts. The boom in internet-connected devices like thermostats and voice assistants offers fresh opportunities for hackers to get into your system. Keeping everything secure can seem daunting.
But it doesn’t have to be a full-time job. A handful of simple actions can go a long way toward mitigating the worst-case scenarios, such as identity theft or financial fraud. Making a few resolutions about ongoing behavior can add another layer of security.
In this spirit of fixes and resolutions, we’ve compiled the following checklist to provide more security with less effort.
Check your finances
- Set up alerts†. Huntington offers a number of alerts to let you know when your account has a low balance, a withdrawal was made, or other activity happens. Confirm It alerts send an email, text or call when a charge on your debit or credit card looks suspicious. Don Boian, Cybersecurity Outreach Director at The Huntington National Bank, also recommends the “card not present” alerts. A credit card transaction without the physical card could just be an automatic bill payment, but “you're looking for the ones that show up where you go, ‘Hey, wait a minute, I didn't do that,’" Boian says.1 And if you spot something fishy, lock your debit or credit card.2 Huntington lets you lock and unlock cards online or from your smartphone.
- Get your annual free credit reports and scan them for anything unfamiliar. By law, each of the three credit reporting bureaus (Experian, Equifax and TransUnion) must provide you with one free report per year, and you can space out your requests to get one every four months.3 There are several sites that will request a report for you, but be wary of any that charge fees—that could mean that you’re signing up for additional monitoring.4 When you get your report, make sure your personal data is up to date, then look for inaccuracies in entries about loans and credit cards.
- Consider freezing your credit. Whenever you apply for a new credit card or loan, the lender checks your credit with one of the three bureaus. If you freeze your credit, no one but you can pull your credit report, which makes it more difficult for identity thieves to open accounts in your name. Freezing your credit is free, but you have to contact each of the agencies individually. You’ll also have to unfreeze anytime you need credit—something to keep in mind if you’re in the midst of car or house shopping.5
SECURITY RESOLUTION: I will review my online account statements every month for transactions I don’t recognize, even small ones, as those may indicate fraud.6
Clean up your passwords
- Change any repeated passwords. It’s no longer a matter of if your information will be part of a big data theft, but when. The risk from stolen credentials isn’t limited to the company that is breached. “The hackers try all the [stolen] usernames and passwords from those sites on dozens of other sites,” says Boian. Unique passwords are your best defense. Start by setting them up on your major accounts—bank, credit card, email—then work your way through any other repeats a few at a time. [See this guide for more tips on making hard-to-guess but easy-to-remember passwords.]
- Consider using a password manager. These apps generate strong, unique passwords and fill them in when you log into a site from a computer or phone. “It can feel weird to not know your own passwords,” says Max Eddy, security analyst at PCMag, “but machines are just better at passwords than people are.”7 [For our advice about password managers, click here.]
- Sign up for two-factor authentication (2FA) on any accounts you can. 2FA is simpler than it sounds: It just means you have to enter something in addition to your password when you log in, usually a code you get from a text message or an app on your phone. Turning it on is typically a single setting in the account. It only adds a few seconds to your log in, but renders a stolen password nearly useless. [See this article for more on 2FA.]8
SECURITY RESOLUTION: Every time I set up a new account this year, I will use a unique password.
Update your devices and accounts
- Update the software on all your devices, including your computer, phone, router, voice assistant and security system. Updates often contain security fixes such as patches for recently discovered vulnerabilities or malware.9 The easy-to-ignore part of this is the home router, but remember it’s the gateway to your whole home system. “Keeping your router up to date is especially important,” says Whitson Gordon, a tech writer and former editor-in-chief of Lifehacker. “Most routers don't automatically update the way your computer and phone do.” You may have to dig into the settings to find the option to update. (If you’ve forgotten how to access your device’s settings, just search the make and model for instructions.) Any time you see a setting for automatic updates, turn it on. Then “always install updates when prompted,” says Gordon.10
- Make sure your computer backups are up to date. Should malware take down your computer or phone, you need a backup that’s current and easy to access, whether on a separate hard drive or a cloud-based service. If you don’t already have a backup system, get one now. Cloud services start at about $50 a year for unlimited storage11 and work in the background. If you do have a backup system, log in to make sure it’s still working and that you know how to restore files.12
- Check the privacy settings on your social media accounts. “You never know when a company might make a sweeping change that makes your information more public,” says Gordon.13 Log in and make sure the settings match what you want them to be. Other things to check while you’re there: Advertiser settings (whether or not the service can share your information with third parties) and location-tracking settings.14
SECURITY RESOLUTION: I will regularly delete old apps and software I’m not using anymore to both speed up my devices and reduce security vulnerabilities, while remembering to update my current apps, software and devices.15
Secure your home network
- Change the default password on your router, then do it for the rest of your devices. With just a quick internet search, hackers can find the preset factory login for just about any gadget. With that, they have free reign to install malware and hijack your device. For example, says Boian, “if you’ve got a connected security camera and don’t secure it properly, you've just given somebody the ability to fully monitor your house.”16 Login credentials are usually in the settings. Don’t forget to use unique passwords for all your devices.
- Set up a guest WiFi network. Your home network is only as safe as the least protected machine connected to it—and that could belong to a guest. “Once it finds the weakest link to get in the home, malware will start hopping to different connected things and seeing what other malicious things it can do,” says Gary Davis, chief consumer security evangelist for anti-virus provider McAfee.17 With most modern routers, adding a guest network is as easy as flipping a switch in the settings. Make sure everyone in the family knows about the guest network and directs visitors to use it.
- Turn on the firewall in your router and laptop. Your router is the first line of defense for every device connected to it; the firewall prevents unrecognized or dangerous incoming connections. It’s a simple switch in the settings and shouldn’t affect your internet speed. Activate your laptop’s firewall for added protection when you’re on other networks.18
SECURITY RESOLUTION: When I add any new device to my home network, I will immediately change the default username and password.19
Download the Digital Security Checklist
†Carrier’s message and data rates may apply
1 Boian interview, 12-19-18, p4-5
2 Boian interview, 12-19-18, p4
5 https://www.consumerfinance.gov/ask-cfpb/what-does-it-mean-to-put-a-security-freeze-on-my-credit-report-en-1341/ Also: Boian interview, 12-19-18, p5
6 Boian interview, 12-19-18, p6
7 Max Eddy Email, 12-18-18
8 All sourcing here pulled from original Password article: https://www.huntington.com/Privacy-Security/password-security
9 Max Eddy Email, 12-18-18; also Boian interview, 12-19-18, p9
10 Whitson Gordon email, 12-19-18
12 Boian Interview, 12-19-18, p15-16
13 Whitson Gordon email, 12-19-18
14 Boian Interview, 12-19-18, p11
15 Boian Interview, 12-19-18, p12
16 Boian Interview, 12-19-18, p13
17 Gary Davis interview, 12-14-18, p5
18 Boian Interview, 12-19-18, p14-15; also Davis interview, p5
19 Max Eddy email, 12-18-19; also Boian interview, 12-19-18, p12-13
If you have more questions, please contact us
We’re ready to help in person, online or on the phone. If you are sending an email, learn about our Secure Mail option.
To speak to a customer service representative, call (800) 480-2265.
Email ID Theft Department
For ID Theft involving credit products, please provide an affidavit with your secure email submission.