A person works on their laptop from a home office in Los Angeles on Aug. 13, 2021. (Chris Delmas/AFP via Getty Images)
California Attorney General Rob Bonta urged businesses and residents Oct. 26 to protect themselves from online threats as part of Cybersecurity Awareness Month.
“The California Department of Justice is providing tips to make digital security easier for all,” Mr. Bonta said in a press release Thursday. “Don’t wait for a data breach or cyberattack to think about protecting your data—the right time is right now.”
Several private and public entities in California have been victims of cyber attacks this year, including San Bernardino County, the University of California—Los Angeles, and several hospitals and healthcare facilities.
He suggested enabling multi-factor authentication for online accounts. This type of authentication requires a password and a second piece of information, such as a one-time code sent as a text message to a cell phone or email, to verify a user’s identity.
Requiring two-step verifications makes it more difficult for attackers to break into accounts, even if the hacker already has the user’s password, according to the attorney general.
He also suggested setting up unique and strong passwords for each online account.
“Don’t use easily identifiable information, such as a pets’ name or birthdays, in your passwords, especially for your financial or email accounts,” Mr. Bonta said, adding that a password manager was an easy way to keep track of passwords.
He also suggested updating operating systems, browsers, and other important applications regularly, and to take advantage of automatic updating. Having the latest security software, web browser, and operating system is one of the best defenses against online threats, he said.
These updates can eliminate software flaws that allow hackers to view activity or steal information, according to his office.
Installing antivirus software also protects devices from viruses that can destroy data, slow down or crash a device, or allow spammers to send email through accounts.
Antivirus protection scans files and incoming email for viruses and deletes anything detected as malicious, Mr. Bonta reported.
Updating antivirus software prevents the latest “bugs” circulating the internet and most include a feature to download updates automatically when a user is online, he said.
Mr. Bonta also suggested double checking privacy and security settings on all devices and applications, and to be aware of who can access information.
“Every time you sign up for a new account, download a new app, or get a new device, take a moment to configure the privacy and security settings to your comfort level for information sharing,” Mr. Bonta suggested. “You should regularly check these settings to make sure they are still configured to your comfort.”
The California Consumer Privacy Act also provides residents the right to opt out of the sale of their personal information online. Stopping the sale of data will minimize its proliferation, and the less data out there, the better, Mr. Bonta said.
Businesses that sell information have to post a “Do Not Sell My Personal Information” link on their websites, according to the attorney general.
He also suggests being leery about public Wi-Fi.
“Free public Wi-Fi is normally not secure, and information thieves know it,” Mr. Bonta’s office said in the release. “While using public networks, your passwords, account numbers, and photos may be accessible to hackers.”
He said most can minimize their risk by limiting the use of public networks, especially when accessing personal or sensitive information.
Other tips include encrypting devices—including laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage solutions—and to be careful about sharing personal information online by using privacy settings to limit the visibility of personal social media posts.
He also suggested avoiding taking online quizzes that could reveal the answers to security questions.
Companies doing business in California were also encouraged to train employees in data security principles, such as requiring strong passwords, and establishing Internet use guidelines. The attorney general also said providing a firewall to internet connections is recommended, especially when employees work from home.