Skip to main content Why Microsoft Security AI-powered cybersecurity Cloud security Data security & governance Identity & network access Privacy & risk management Security for AI Unified SecOps Zero Trust Microsoft Defender Microsoft Entra Microsoft Intune Microsoft Priva Microsoft Purview Microsoft Sentinel Microsoft Security Copilot Microsoft Entra ID (Azure Active Directory) Microsoft Entra Agent ID Microsoft Entra External ID Microsoft Entra ID Governance Microsoft Entra ID Protection Microsoft Entra Internet Access Microsoft Entra Private Access Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Workload ID Microsoft Entra Domain Services Azure Key Vault Microsoft Sentinel Microsoft Defender for Cloud Microsoft Defender XDR Microsoft Defender for Endpoint Microsoft Defender for Office 365 Microsoft Defender for Identity Microsoft Defender for Cloud Apps Microsoft Security Exposure Management Microsoft Defender Vulnerability Management Microsoft Defender Threat Intelligence Microsoft Defender Suite for Business Premium Microsoft Defender for Cloud Microsoft Defender Cloud Security Posture Mgmt Microsoft Defender External Attack Surface Management Azure Firewall Azure Web App Firewall Azure DDoS Protection GitHub Advanced Security Microsoft Defender for Endpoint Microsoft Defender XDR Microsoft Defender for Business Microsoft Intune core capabilities Microsoft Defender for IoT Microsoft Defender Vulnerability Management Microsoft Intune Advanced Analytics Microsoft Intune Endpoint Privilege Management Microsoft Intune Enterprise Application Management Microsoft Intune Remote Help Microsoft Cloud PKI Microsoft Purview Communication Compliance Microsoft Purview Compliance Manager Microsoft Purview Data Lifecycle Management Microsoft Purview eDiscovery Microsoft Purview Audit Microsoft Priva Risk Management Microsoft Priva Subject Rights Requests Microsoft Purview Data Governance Microsoft Purview Suite for Business Premium Microsoft Purview data security capabilities Pricing Services Partners Cybersecurity awareness Customer stories Security 101 Product trials How we protect Microsoft Industry recognition Microsoft Security Insider Microsoft Digital Defense Report Security Response Center Microsoft Security Blog Microsoft Security Events Microsoft Tech Community Documentation Technical Content Library Training & certifications Compliance Program for Microsoft Cloud Microsoft Trust Center Security Engineering Portal Service Trust Portal Microsoft Secure Future Initiative Business Solutions Hub Contact Sales Start free trial Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Marketplace Rewards Software development companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap

Tags

Content types

Topics

The COVID-19 pandemic has changed our daily routines, the ways we work, and our reliance on technology. Many of us are now working remotely, students are attending classes virtually, and we’re relying more on social media and social networks to stay connected as we define what our new normal looks like.

As we spend more time online, it’s important to remember that the basics of online safety have not changed. These guidelines provide a strong foundation for digital security, but as we think about the “new normal” and how the internet is woven into the fabric of our lives, extra steps may be necessary to further reduce risk.

So, in addition to the security policies implemented by your work or school, here are a few more practices we recommend you—and your family and friends—adopt to further increase personal cybersecurity resilience.

Keep devices secure and up to date

  1. Turn on automatic security updates, antivirus, and firewall. The reality of cyberthreats is that they often prey upon the devices that are the easiest to compromise: those without a firewall, without an antivirus service, or without the latest security updates. To reduce this risk, turn on automatic updates to ensure your devices have the latest security fixes, enable or install an antivirus solution that runs continuously, and configure a firewall. Modern computers have many of these features available and enabled by default, but it is a good idea to check all three are correctly set up.
  2. Don’t forget networking devices. Device safety includes your networking devices, too. As with computing devices, make sure that you check for and apply all updates for your networking devices. Many devices use default passwords, which means attackers have an easy list to try. Make sure to check your networking devices are not using default admin passwords or ones that are easily guessable (like your birthday). It’s also good hygiene to update your Wi-Fi credentials to strong passwords with a mix of upper- and lowercase letters as well as symbols and numbers.
  3. Use Wi-Fi encryption options for access. Wireless access points offer the ability to require passwords to gain access to the network. You should take advantage of this feature to ensure only authorized users are on your home network.

Secure your identity, guard your privacy

  1. Protect your digital identity. With more of our lives connected in the virtual realm, your digital identity becomes even more important to protect. Use strong passwords or, if possible, biometric authentication like your face or fingerprint, and wherever possible enable multi-factor authentication (MFA). Among others, Google and Microsoft both offer free MFA applications that are easy to set up and use.
  2. Keep your guard up in online chats and conferencing services. As we spend more time on virtual conferences and video calls, it is important to think about privacy. Consider these questions when trying new services:
    • Who can access or join the meeting/call?
    • Can it be recorded? If yes, do all participants know?
    • Are chats preserved and shared?
    • If there is file sharing, where are those files stored?
  3. Use background blur or images to obscure your location. One of the more popular features on video conferencing tools like Zoom, Skype, and Microsoft Teams is the ability to blur or change your background. This can be an important privacy step that you can take to maintain privacy between home and work environments.

Protect business data while at home

  1. Use the right file-sharing service for the right task. While working remotely, it’s easy for lines to blur between work and home. It’s important to ensure that your business data does not get mixed with your personal data. Remember to use business resources, like SharePoint or OneDrive for Business, to store and share content for work. Don’t use consumer offerings for business data while you are remote. Where possible, consider enabling Windows Information Protection to reduce the risk of unintentional (and intentional) enterprise data leakage via consumer services.
  2. Turn on device encryption. Device encryption ensures that data on your device is safe from unauthorized access should your device be stolen or lost.

Be aware of phishing and identity scams

Cybercriminals continue to exploit victims even through this global crisis. Based on what Microsoft has observed over the last two months, cybercriminals are utilizing new lures related to the coronavirus outbreak and are being indiscriminate in their targeting. As we move into this “new normal” of more virtual engagement, the same vigilance you kept at the office or classroom applies at home. Here are a couple of observed attack methods to keep top of mind:

  1. Identity compromise is still number one point of entry. Attackers are looking to steal your digital identity for monetization, spam, and access. Be on the lookout for unexpected websites and applications asking you to sign in with your credentials. The same goes for MFA requests. If you did not initiate the request, do not verify it. Report suspected sites and uninitiated authentication requests through your browser or applications.
  2. Phishing is still out there. Be wary of offers that are too good to be true, pressure time, or promise a free prize. These are the same bad guys from before, but now they’re using the outbreak and public fear to drive a different action. For more information on phishing attacks, read Protecting against coronavirus themed phishing attacks.
  3. Don’t fall victim to tech support scams. Tech support scams are an industry-wide issue where scammers use scare tactics to try and trick you into paying for unnecessary services that supposedly fix a device, operating system, or software problem. Please note that Microsoft will never contact you with an unsolicited offer to address a technical issue. And error and warning messages in Microsoft products never include a phone number to call. If you receive an unsolicited tech support call telling you there is something wrong with your computer—even if the caller offers to correct the issue for free—hang up and report the call to https://www.microsoft.com/reportascam. For more information on tech support scams, visit this page: https://support.microsoft.com/en-us/help/4013405/windows-protect-from-tech-support-scams.

With awareness and these few simple steps, you can better prepare yourself for this new world of secure remote work and social interaction. And as attackers evolve, we’ll be here to help you adapt and stay safe.

To learn more about Microsoft security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

Microsoft

Microsoft Security Team

See Microsoft Security Team posts

Related posts

Get started with Microsoft Security

Protect your people, data, and infrastructure with AI-powered, end-to-end security from Microsoft.

Learn how

Connect with us on social

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Marketplace Rewards Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States)
Your Privacy Choices Opt-Out Icon Your Privacy Choices
Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads