10 Simple Ways to Improve Your Online Security

Updated: May 29, 2024

Cybersecurity threats are on the rise. Follow these tips to protect your online security and digital privacy.

Online security has become critically important in an age when we increasingly work, shop and play on the Internet, as well as use cloud (aka online) and mobile apps to perform daily tasks at every turn. Between computer viruses, identity theft, loss of privacy and a quickly expanding range of added high-tech threats, sound digital security habits are becoming more and more critical with each passing year.

“Online security issues are becoming increasingly common and widespread,” explains Jesse Rothstein, co-founder and CTO of cybersecurity firm ExtraHop Networks in Seattle. “Working professionals, companies and organizations of all kinds, including governments and schools, are increasingly having to strike a balance between maintaining data security and digital privacy as well.”

The stats bear out that cybercrime has quickly become one of today’s fastest-growing forms of criminal activity:

  • Cybercrime is expected to cost the world $10.5 trillion annually by 2025.
  • 82% of online security breaches are now due to human error or compromise, according to a Verizon security report.
  • A whopping 688 new malware (malicious software) threats are currently released every minute, per a McAfee report.

You aren’t helpless, however, when it comes to your online security. “The more you exercise good digital security practices at every turn, the better chance you’ll have of keeping cyberthreats at bay,” says Rothstein. It’s essential that you stay up to date on common online scams, ranging from malware to phishing to wire fraud and identity theft.

You can more readily maintain your digital privacy, protect your identity and safeguard your devices and sensitive information by using stronger password security, installing a growing host of smartphone security and privacy applications and following all the online security tips below.

1. Use anti-virus software

A host of free (AVG, Avast, Avira) and paid (McAfee, Norton, ESET, Webroot) software programs can help you spot, detect, quarantine or cure infected software or operating systems of viruses and/or malicious program code. Similarly, a growing number of anti-spyware packages (such as those from Trend Micro, Sophos and Bitdefender) can help you keep unknown parties from tracking your activities and actions, and stop those annoying pop-up notices. Many of these packages also offer the option to filter email attachments and Web browser results to enhance online security.

Remember, in addition to installing these packages on your desktop and mobile devices and running nightly or weekly scans, it’s important to also keep current on software updates (hint: turning on automatic updates can help), as threats are constantly changing and evolving as well.

2. Employ stronger passwords

When creating a password, don’t use common passwords with words from the dictionary or easily guessable choices like birthdays, anniversaries or wedding dates. Instead, utilize a 12-character minimum combination of uppercase/lowercase letters and symbols, and also consider substituting numbers in where appropriate. For example, you might try basing your password on a phrase that you’ll easily remember, such as “positive thinking,” which could become “P0s1t1v3Th!nk!ng” in computer speak. You’ll also want to make a habit of using different individual passwords for different apps and sites, not writing down passwords or storing them in files, and changing your passcodes regularly every 60 to 90 days.

3. Be suspicious of unsolicited emails and links

Examine any emails or incoming communications that you receive for misspellings, grammatical errors or other concerning discrepancies, and do not reply to dubious communiques. Don’t click on suspicious or unsolicited Web links, files or email attachments either. When in doubt, confirm the legitimacy of these communications by making a phone call or sending an email to verified sources in your address book (not to any of those contained in the email or communication itself). In addition, you’ll also want to hover your mouse cursor over any Web links that you’ve been forwarded to see where they propose to send you, and avoid clicking on those that direct you to unknown sources.

4. Exercise caution when sharing

Social networks and online video streaming apps encourage us to put more of ourselves out there, and more frequently, at every turn. But remember: Anything you post online can and often will remain visible to unknown third parties. Noting this, it’s best not to publicly share personal information via these channels, such as your address, birthday, phone number or where your children go to school. In addition, tempting as it may be to post about your vacation, especially while you’re away, avoid tagging yourself at distant locations in photos or videos. You’ll also want to take caution when interacting with others online, as people and things you encounter won’t always be honest or forthcoming, especially online. Reminder: Don’t forget to activate the data privacy and safety settings built into many popular social media services (which limit, at least to some degree, what others can see) as well as turn off geotracking capabilities that can monitor your movements.

5. Surf the internet more safely

laptop/notebook keyboard with colorful backgroundYosi Azwan/Getty Images

Only visit secure websites, and download software from verified, secure or official channels, such as the Apple store or Google store. You’ll also want to make a point of signing out of all mobile or online apps, networks and devices when you’re finished using them, so others cannot access or install unauthorized software onto your system. In addition, make it a point to delete old and unused programs, applications and add-ons (such as outdated or largely ignored Web browser extensions) from your devices, as they may contain loopholes or software backdoors that cybercriminals can manipulate.

You may also wish to leverage the built-in screening options many popular software programs, operating systems and devices offer to limit Internet connectivity, purchases and interactions to only trusted exchanges as well. Insider tip: It’s often a wise idea to just say no when asked by Web browsers or password managers if you’d like them to remember your login or personal information, as they present another potential point of high-tech compromise.

6. Set social network and app permissions

Avoid compromising your digital privacy and online safety by freely allowing social media services and mobile applications to access your information. Checking and setting privacy settings built into popular social networks such as Facebook, LinkedIn, Twitter, Instagram and Snapchat can allow you to control what personal information is visible to others and who can see your posts. Likewise, when prompted by mobile apps to give permission to access your contacts, files, camera, microphone or location, opt out wherever possible, from inside the app or using your device’s settings menu.

While some apps need these permissions (for example, a voice chat app needs mic access), many will collect and sell this information on to other firms or use the information for marketing, research or other unwanted purposes. You can and should regularly review individual app permissions from within your smartphone or tablet’s operating system and/or settings menu to ensure that you’re not unwittingly oversharing. Taking time to ensure that you’re safely sharing can keep you from being hacked on Instagram, Facebook and other social media services, and keep your personal information out of others’ hands.

7. Take advantage of multifactor authentication

Although it often adds a step or two to online or mobile sign-ins, using multifactor authentication—which provides a second layer of security—can also help you protect your digital privacy. When it’s turned on, you’ll effectively receive another prompt (typically a code texted to your smartphone or an email confirmation query) after entering your email and password to log in to a site or service. In effect, the process of multifactor authentication (or two-factor authentication) involves double-checking your identity using two or more forms of ID verification. This secondary form of authentication, which could even be a fingerprint or a voice recording, simply serves as another way of confirming that you’re actually you. Activating and utilizing it is often a recommended way to protect sensitive and valuable accounts or information, especially as sites and services will notify you when an entry attempt is made, authorized or otherwise.

8. Avoid storing sensitive info on cloud services

As popular as cloud online storage options and file sharing services (which store your files and folders on remotely located computer networks) such as Box, Dropbox, OneDrive and Google Drive have become, don’t forget: Any information you share on the internet via these and other solutions, regardless of privacy settings, has the potential to be hacked, downloaded or otherwise compromised. As a result, you’ll want to make it a point to not keep sensitive information (i.e., a list of passwords or scans of your driver’s license or passport) stored on, or shared via, these services.

Speaking of: It’s often a good idea to run regular backups and archive your files locally (such as on a portable external hard drive you can tuck away in your safe), in case your computer comes down with a virus or encounters technical issues. However, even if you store these items on your own computer, it’s best to keep them in encrypted and password-protected formats as well, to prevent unwanted access.

9. Don’t give away unnecessary information

Many websites, services, and applications will ask for personal information such as your birthday, address and age. However, giving it out is often unnecessary, and this data is frequently shared with unknown third parties. So unless there’s a compelling reason to do so (does Best Buy or eBay really need to know when to send you a happy anniversary card?), save yourself the trouble and maintain your digital privacy by inserting fake information instead. Similarly, when registering for new sites or services, you can also avoid sharing sensitive data by substituting in information from popular communications tools (for example, your secondary Gmail email account set up for subscriptions, or your Google Voice phone number). (This can also help you cut down on and filter spam calls or emails.)

The key here is to play everything close to your vest and consider: Is there really a legitimate reason others might need this information? If not, remember: You can still verify that you’re 21 or older without sharing your real birthday, or provide a phone number that forwards to you without giving out your actual digits.

10. Be warier with wireless (WiFi) networks

Blue technological sense background image composed of particles and linesWeiquan Lin/Getty Images

To better safeguard your home internet connection, update the default password on your wireless router to one of your choosing. Likewise, you can also enjoy stronger online security by installing a personal firewall or virtual private network (aka VPN, such as those offered by ExpressVPN, NordVPN and Surfshark) to encrypt information and disguise your internet activity and location. You may additionally wish to set up a separate network for guests as well. Outside the home, don’t use unsecured WiFi networks, and in general, be wary of public networks (which hackers can often compromise) when sending sensitive information. This may mean purposefully making it a point to disconnect from them and use your smartphone’s direct broadband cellular internet connection when, say, checking your bank account or logging in to your favorite stock trading program. Speaking of: Consider disabling automatic WiFi and Bluetooth connectivity on your mobile devices while traveling to keep them from inadvertently signing in to these networks or connecting with other, unknown devices.

Strengthening your digital security doesn’t have to be difficult when you make a point of being more cyber aware. At the same time, improving one’s online security and digital privacy posture does require us all to get in the practice of exercising better high-tech and online habits. “When it comes to cybersecurity, you’re only as strong as your weakest link,” reminds Rothstein. You should also be extremely careful while using the Hotel Wi-fi. “In today’s online and remote working world, there are many potential points where digital attackers can strike as well, and they only need to get past your defenses once to cause trouble. Keeping this in mind, it’s important to put technology in place to protect yourself. But it’s also every bit as important to be more informed and aware of how you’re using technology and make good choices in your everyday online security habits as well.” As the world moves toward full integration of Web3 and the metaverse, online security and digital privacy will only become more important.

Get Reader’s Digest’s Read Up newsletter for more tech, cleaning, travel, humor and fun facts all week long.


  • Jesse Rothstein, co-founder and CTO of cybersecurity firm ExtraHop Networks in Seattle
  • Cybersecurity Ventures: “Cybercrime to Cost the World $10.5 Trillion Annually by 2025”
  • Verizon: “2022 Data Breach Investigations Report”
  • TechRadar: “Over 600 new malware threats are detected every minute”