Protecting your personal information is tough! But everyone is interested in this now which gives us hope that more awareness of problems will help motivate everyone to raise defenses.

A trend we have noticed in engagements across multiple sectors of the economy is an absolute thirst for information on best practices for protecting information at home. Every employee of every company, from the most senior executive to most junior intern, is now leveraging advanced interconnected technologies in amazing new ways at home. In doing so they are introducing new risks to their personal privacy, and, at times, introducing new risks to the firm they work for. This means it is almost always in the best interest of employers to help employees understand how to better protect their personal information.

The hard part is that every home IT configuration will be different, and it is very hard for a company to provide useful, actionable guidance to every employee. We have found the most important recommendation is to encourage employees to adopt an attitude of personal responsibility and continuous questioning regarding optimal home security configuration.

We recommend every employee of every company consider the following key actions:

  • Track the cyber threat. We wrote the book on that topic! Find it at This book captures lessons that will keep you thinking of ways to stop bad guys who want your personal information.
  • Use a managed DNS service at home and office: This can help prevent accidental navigation to websites that have been taken over by malicious actors and contain bad code. It can also help stop communications from malicious code in your systems back to their control sites (CTOvision has a review of managed DNS services you can use at home here).
  • Use two-factor or multi-factor authentication for every account, including every cloud service or email account you use at home: There is no such thing as a silver bullet in cyber defense, but this is one of the most important things you can do. If an account does not offer multi-factor authentication, consider closing it.
  • Use a password manager (like Dashlane): We all have too many passwords to remember. A good password manager like Dashlane can help you keep them all up to date and secure and can also make your online life easier.
  • Update your operating system and applications: Keeping your operating systems and applications patched reduces many risks. This includes updating your anti-virus/anti-malware applications. Those all have signature files that need to be continuously maintained.
  • Ensure you have changed the default password on every device you own, especially connected “Internet of Things” devices like security cameras, baby monitors, thermostats, but also all tablets, smart TVs and of course laptops and PCs.

Have questions/comments/suggestions for us? Let us know what you think.

And for more see our collection of Best Practices in Cybersecurity.

And for help in all the above visit our cyber risk and opportunity consultancy OODA.