Most of us live a very digitally led life. We're all connected to the internet, own a phone, laptop or maybe even more devices. We browse and shop online, interact with a number of apps and often access sensitive information. With so much of our lives connected to the internet, it's imperative your personal data is more secure than ever. Keeping your data secure doesn't require an IT degree and as it turns out, there are a number of simple ways to look after your personal data security.

1. Use strong passwords

This one is a no brainer, but it's easy to get complacent and have the 'it will never happen to me' mentality, but passwords are the key to keeping your personal information safe. Consider the following tips when creating your passwords:

  • The key to a strong password is the length (go for more than 8 characters), a mix of upper-case and lower-case letters, symbols and numbers.
  • Do not use any easy to guess information in your passwords such as a pet name or birthday.
  • Do not use the same password twice
  • Refresh your passwords once a year
  • Download a password management tool. It's a secure way to store your account logins and means you won't have to memorise all those passwords!

Tip: A 12-character password takes 62 trillion times longer to crack than a six-character password

2. Browse and shop online securely

Shopping online can make life much easier, however this easy convenience can also come with risks if the site you're shopping at is not secure.

  • The easiest way to tell is to look for "https" at the beginning of a website's address. The S in HTTPS actually stands for "secure", so if you don't see the "s" at the end of "http," then the site is not encrypted and your data will not be secure. The padlock symbol you may have seen in your browser indicates the site has a valid HTTPS certificate.

    Unfortunately, cybercriminals are not dumb and will also use HTTPS websites to gain your trust. Be careful not to fall victim to online scams or malicious software and avoid clicking on links that offer information or incentives that are too good to be true.
  • When shopping online aim to pay with either a credit card or a payment service such as Paypal. Your debit card links directly to your bank account, so if someone were to hack your information they would have easy access to your funds.

3. Limit your public Wi-Fi use

Free public Wi-Fi can be handy when you're on the go day-to-day or travelling overseas, and while you might trust the place offering free Wi-Fi, no public Wi-Fi network is completely secure.  Public hotspots are the perfect feeding ground for hackers, so if you do connect to a free network never access your banking site and if possible, use a trusted (Virtual Private Network) VPN app.

4. Virtual Private Network

If you read the last tip and have no idea what a VPN is, a VPN is a service that protects your privacy online by encrypting your data - essentially hiding your IP address, browsing activity and personal information making your identity anonymous online.

A VPN isn't just for connecting to public networks though. Many people also use a VPN at home to prevent apps and websites from collecting data or while working remotely to protect sensitive information.

Tip: All VPN services are not created equal. Opt for a paid service rather than a free one to ensure the highest level of security.

5. Watch out for scams

We'd all like to think we could easily spot a scam, but in 2021 Australians lost more than $4.3 million to phishing scams alone. Phishing is one of the most common cyberthreats and works by the scammer either gaining your trust to provide them sensitive information, tricking you to click on a malicious link or opening an attachment that attacks your computer.

Using an anti-virus or anti-malware service can help prevent phishing attacks and it's recommended to install anti-virus software to protect against cyber-attacks.  However, one of the best ways to avoid phishing scams to is to do some self-education and learn to recognise the signs of a potential scam. As a general rule of thumb:

  • Don't open emails, links or attachments from senders you don't know
  • Look at the sender's email address. If they claim to be contacting you from a legitimate company does their email address match or does it look obscure?
  • Legitimate companies will never email you to ask for personal or financial information.
  • Check for bad grammar and spelling. Communication from a reputable company will always be well written

Tip: Generally people over the age of 65 lose the most money to phishing scams. Talk to your parents and grandparents about how they can avoid being targeted.

To learn more about different types of scams, check out our articles 5 tips to protect yourself from being scammed and Disaster scams and how to avoid them

6. Update and back up your devices

Has a software update ever popped up on your phone or computer and you've cancelled it because the timing was inconvenient? While most updates are now scheduled to apply in the middle of the night, it's important to check you're using the latest versions of the operating system and applications on all your devices.

While software updates commonly keep your devices running smoothly, they can also prevent security issues and improve security features, making you less of an easy target.

Now your device is updated, you should also back it up. If you're not sure what this means, backing up your data refers to storing or archiving a copy of your information in the event your data is lost and needs restoring. Data can be lost in a number of ways such as a system failure, ransomware attack, theft or you've simply lost your device. If you have lost data before, you know the pain and frustration of losing photos, videos and documents you'll never get back, so aim to back up your data at least once a week.

Tip: If you're new to backing up your data, try a cloud based service such as Google Drive, Apple's iCloud, IDrive or Microsoft OneDrive.  

7. Two-factor authentication

Its likely you're already using two-factor authentication to access some of your accounts, but if you're not sure what it is, two-factor authentication requires two or more forms of identity to verify you are who you say you are in order to access an account.

The first factor is generally a pin or password and the second is often biometrics (fingerprint, face or retina recognition) or a code sent via SMS or email.

Two-factor authentication provides an additional layer of security to prevent unauthorised users from accessing your account. For example, if a cybercriminal happen to gain access to one proof of identity, such as your password, they would not be able to gain access to your account without the second form of identity.

While it isn't always going to be fool proof, a two-step verification process will give you more security than just using a password alone. In fact, according to Microsoft, multi-factor authentication can "prevent 99.9 percent of attacks on your accounts".


This information provides general advice only. We do not provide advice about this product based on any consideration of your personal objectives, needs or circumstances.

Published: Monday, 22 Aug 2022