Cyber Security and Privacy Settings


Best practices from the experts

Are you maximizing protection when it comes to your online activity? To help identify areas where you might be at risk, review the following checklist from the experts at K2 Intelligence.


Cybersecurity

I use passwords that are complex and between 8–15 characters long.

Examples of complex passwords include passwords that utilize combinations of uppercase, lowercase, numeric, and special characters (e.g. #,! $). Such passwords increase the amount of time an attacker has to spend guessing the password. Do not utilize dictionary words alone or easily guessable or obtainable information such as birth dates, maiden name, or pet names.


I use a different password for each application and/or site I access.

Attackers commonly are able to compromise several accounts because users tend to use the same password for all their logins. By maintaining different passwords for each application, the attacker will be limited in the number of applications they can breach.


I use multi-factor authentication for all accounts that offer this security measure.

By requiring multiple factors (typically a password plus a randomly generated 6-digit code sent via text message) to log in to an account, you increase the security of the account and make it more difficult for attackers to compromise.


I always keep my operating systems (iOS, Windows, etc.) up-to-date.

Updates have the latest security updates and patches. If you do not keep your systems up-to-date, you are exposing yourself to possible vulnerabilities identified in prior versions.


I never open attachments or click links in emails from senders I do not know.

Many attackers will embed malware in attachments, host malware on websites, or try to obtain sensitive information such as login details through user interactions with online forms. Think before you click and consider if the message, its instructions and/or attachments are legitimate.


I never use public Wi-Fi, or I use a Virtual Private Network (VPN) when using a public network.

When you connect to public Wi-Fi, you are joining a network of devices and users whose security and intentions are unknown and out of your control. A VPN allows for added security and creates a private network even when you are on public Wi-Fi.


I use full disk encryption for my mobile devices (laptops, tablets, and smartphones).

Full disk encryption is a technique that encrypts the entire drive, even the operating system. Utilizing full disk encryption helps mitigate the risk of confidential information being accessed by an unauthorized person. It helps to prevent an attacker with physical access to the device from accessing the data on the drive itself.


I changed my router’s default password after purchase/install.

Routers usually come preconfigured with a default network WiFi network name and password. Change these immediately upon setting up the router. In addition, always take advantage of the option to set up a separate guest network for users who are not part of your household or office.


Privacy settings

I limit what I post on social media. Especially when I am on vacation or away for an extended period of time.

Do not let adversaries know where you are and at the same time, where you are not. It poses a risk to your safety and to the security of your assets. Consider delaying your posts and not providing a live up-to-date status of where you are.


I do not allow applications to use my location.

Many applications default to automatically use location tagging which will pin-point where you are with your device’s GPS location. Do not let adversaries track you with this data.


I carefully limit which applications can access my contacts, calendar, photos, camera, and microphone.

When using an application, review the access it has to your personal data. Consider if this application really needs access and what it may be doing with your information.


I never click on the “Unsubscribe Me” links in spam and promotional emails.

Clicking on “Unsubscribe Me” verifies that you are a live person. It is better to label the mail as spam or junk mail. Malware/ransomware may also hide in these links.


Last updated: Friday, April 28, 2017

Copyright © 2020 American International Group, Inc. All rights reserved.

AIG Private Client Group is a division of the member companies of American International Group, Inc. (AIG). Policies are underwritten by member companies of AIG, including AIG PROPERTY CASUALTY COMPANY. This is a summary only. It does not include all terms and conditions and exclusions of the policies described. All references to claim settlement information are based on the loss being covered by the policy and are subject to change without prior notice. Please refer to the actual policies for complete details of coverage and exclusions. Coverage and supplemental services may not be available in all jurisdictions and are subject to underwriting review and approval. Services provided by third parties are not guaranteed by AIG Private Client Group and may be discontinued at any time.

Warnings
validation warnings here.