Skip to content

Build Your Cybersecurity Toolbox

The tools in your cybersecurity toolbox can protect you from online threats.

If you want to do something right, you need to have the right tools. That’s true for pretty much everything in life. After all, it’s pretty challenging to build a birdhouse with flour and a mixing spoon, or to bake a cake with a hammer and a screwdriver. Protecting yourself online also requires the right tools. You can build a cybersecurity toolbox full of things that will help protect you. But unlike a regular toolbox, where your hammers and wrenches sit out of the way until they’re needed, the best cybersecurity tools live on your devices (or in your head!) and are working all the time to keep you safe from the internet’s constant threats.

In this article, we recommend “tools” that you can put in your cybersecurity toolbox to help keep yourself safe.

Virtual Private Network

A virtual private network (VPN) sounds fancy and complicated. But in reality, they’re quite easy to use and provide a lot of protection.

A VPN is a software program you install on your device. It hides your IP address (which also hides your location), encrypts your connections, protects your data, and lets you be more anonymous online. It acts as a shield between your data and anyone trying to steal or track it. If you use free public wifi or just don’t want advertisers or your internet service provider tracking you all over the internet, you need a VPN in your cybersecurity toolkit.

Read our article “What is a VPN?” for more details on how VPNs work and how they can be helpful. Or if you’re ready to get started, check out the VPN Simplifier to find the right VPN for you.

Password Manager

You’ve probably heard by now that password security matters. Make passwords long, strong, and completely random; don’t re-use passwords for more than one account; it’s all common advice. But when you follow all of it, you end up with a head full of random passwords you can’t remember, or a notebook full of passwords written down that you have to leaf through and then type in.

A password manager does exactly what the name implies: It manages your passwords. For you, it means that you can have those long, strong, and random passwords (most password managers will even generate them for you) and not have to remember them at all. Instead, you only remember a single password that gets you into your password manager. Install it on your devices and it only takes a few clicks or taps to fill in your password. Now you can have secure passwords on everything for much less work. It’s a win-win!

If you combine a password manager with the next tool, two-factor authentication, you’re giving your accounts the strongest protection against hackers and unauthorized access.

Two-Factor Authentication

Two-factor authentication adds an extra step to your logins. Not only do you have to put in your username and password, you also have to enter a secret, randomly-generated code before you can log in. Sometimes called 2FA, multi-factor authentication, or MFA, this extra step protects you from hackers who get your password through a data breach or social engineering or crack it on their own. If your password isn’t enough to let you in, it isn’t enough to let them in, either!

Two-factor authentication isn’t something you download or install (unless you choose to get your randomly-generated login code through an app, in which case you’ll have to download the app). You can add its protection to your cybersecurity toolbox by turning it on when it’s available. At this point, most accounts offer 2FA or MFA options. Look for them in your security settings.

We highly recommend getting in the habit of using two-factor authentication for everything. But at the bare minimum, protect the things that would hurt you the most if hackers got in. That includes any financial accounts, social media, and any account that has your payment information (such as online shopping) or personal information (such as insurance websites).

Antivirus

Computer viruses are still out there stealing information, damaging devices and files, costing money, and more. And despite the name, they can infect tablets, phones, and just about any device with an internet connection. By adding an antivirus software to your cybersecurity toolbox, you can defend your devices (and your information and finances) from these malicious bits of software.

Which antivirus software you choose depends on a lot of factors, including how many devices you need to protect, what kind of devices they are, how many customization options you want, and more. We put together a guide to choosing the best antivirus software for you. Whichever antivirus software you pick, there’s really only one wrong choice – and that’s not picking one at all. Without an antivirus, your devices are vulnerable to all kinds of malicious software. That includes things like spyware, which you may never know is on your device if your antivirus doesn’t pick it up.

Once you’ve installed your antivirus of choice on all your devices, take a few minutes to poke around the settings and enable automatic scans. However hands-on you want to be, it’s always a good idea to have your antivirus scan your device at regular intervals and deal with any suspicious files it finds. You can always run extra scans manually if you feel like your device needs it. But having them done automatically makes sure that even the rare virus that sneaks through your antivirus’s defenses can’t lurk in your device for long.

Backup Tool

You’ve probably heard at some point that you should be backing up your devices. But you may not have thought of it as something that should be in your cybersecurity toolbox. But backing up your information is actually an important security step as well as an important step to make your life easier generally.

Much of cybersecurity is about planning for the worst case scenario. What’s the most awful thing that could happen, and what can you do to make it not quite as bad? A backup tool is one of those things that makes recovering from a worst case scenario not so bad. If your device gets locked with ransomware or a virus infects your files – or something more mundane happens, like your phone is stolen or your laptop breaks – a backup tool makes it easy to get all your information back. For more about why backup tools are so useful (and some recommended backup tools if you have a hard time choosing), we have an article on why backup is important.

Once you choose a backup too,l just like with your antivirus software, we recommend making it automatic. Set it to automatically back up your important information on a regular basis. Some backup tools will let you set continuous backup, so any changes are backed up immediately. If your tool doesn’t have that option or if you don’t want to turn it on, set it to daily or weekly. You may forget to back up your device, but the software won’t. And that way you’ll always have a copy of your information if the worst happens.

Your Web Browser

Yes, your web browser can help protect you online – but only if you take the time to make it part of your cybersecurity toolbox. Your first step is to make sure you’re using a browser that aligns with your values. If privacy and security matter to you, Mozilla Firefox is the best browser choice. (We talk more about why in this article and this article.) But even if you choose to keep using the same browser, you can still make it part of your cybersecurity toolbox.

Configure for Security

Every browser has its own set of default settings. But not all of these are your best options for privacy or security. Whatever your browser, you can adjust your settings to better protect your privacy.

Google Chrome: Click the three dots in the top right corner and select the Settings option. Scroll down to the Privacy and Security menu. Click Cookies and Other Site Data, then select “Block third-party cookies” to block tracking cookies. And under Safe Browsing, select Standard Protection and turn off “Help improve security on the web for everyone” to stop sending some of your information to Google. Or, if security is more important than privacy to you, you can turn on Enhanced Safe Browsing.

Mozilla Firefox: Click the three lines in the top right corner, then click Settings, then Privacy & Security. Firefox defaults to “Standard” privacy, but you can change it to “Strict” for stronger privacy protection. You can also tell Firefox to “Always” send a Do Not Track signal to websites.

Microsoft Edge: Click the three dots in the top right corner, click Settings, then Privacy and Services. The Tracking Prevention screen has three options – Edge defaults to “Balanced,” but for stronger privacy protection, select “Strict.” You can also go to the Privacy, Search, and Services option and turn off “Help improve Microsoft products” to keep Edge from sending your data to Microsoft.

Apple Safari: Click Preferences, then Privacy. Make sure the box beside “Prevent cross-site tracking” is checked to keep sites from tracking you. You can also click “Manage Website Data” to remove trackers that are already lurking on your browser. Checking the “Block All Cookies” box will block cookies, but that includes helpful cookies. You can also select “Hide IP address from trackers” to protect your IP address.

Add Extensions

You don’t have to limit yourself to just the options your browser gives you for security and privacy. Browser extensions give your browser extra functionality. And some of that functionality can help protect you.

We wrote a whole article on the best browser extensions to protect your privacy and security. That article suggests some great options no matter what browser you use. If you want to make your browser part of your cybersecurity toolbox, check out that list and consider installing some of them.

Start building your cybersecurity toolbox now for better protection.

Your Home Internet Router

Your home internet requires a modem and a router to function. The router connects the devices at your house to your home network. It’s where your wifi signal comes from and it’s the part you plug your computer into if you’re hard-wiring a connection. The modem gets the internet signal from outside your house and translates it into something your router (and therefore your devices) can use. How this happens is really complex and also not really relevant to this discussion. The important part is that anything on the internet has to go through your modem and router to get to you.

But that also means that if you make a few small changes to your router, it can be a huge benefit to your cybersecurity toolbox. When your cable company or ISP set up the router, they probably left it on the default settings. By taking a few steps like changing the default network password, changing the default admin information, and enabling WPA2 or WPA3 encryption, your router can act like a shield to protect you from some hackers and threats.

Get more information about how and why to configure your router in our article: 8 Settings to Change on Your Router Before You Even Turn it On.

Credit Management

At first glance, your credit doesn’t seem like something that connects to cybersecurity. After all, credit is about your ability to open a new credit card or get a loan, and cybersecurity is about avoiding hackers and scammers online, right?

It turns out, though, that one of the things cybercriminals are often after is your credit. If they steal enough personal information about you, they can steal your identity, open up new lines of credit in your name, and leave you with the bill. So by adding credit protection to your cybersecurity toolbox, you’re putting defenses around something criminals want.

(If you want even more ways to protect your credit, take our Credit Safety Challenge.)

Monitor Your Credit

At the very least, you should be monitoring your credit. Many people don’t know their identity has been stolen until they see something weird on their credit report. If you aren’t checking your report regularly, that could be months or even years down the line – or, as happens to many people, when you get unexpectedly denied for a loan or mortgage. By checking regularly, you can spot and deal with any problems quickly.

The three credit reporting bureaus, TransUnion, Equifax, and Experian, are required to give you one free credit report per year. AnnualCreditReport.com is the authorized federal website to get those reports. Apps like CreditKarma or online accounts with the bureaus can get you details between your free reports.

It’s also important to monitor your existing credit. See what kind of alerts are available on your existing credit cards or accounts. They are probably available in your online account under “Settings” or “Security,” or you can call the institution and ask. Watch for alerts about activity that you didn’t do, and respond immediately to secure your accounts.

Freeze Your Credit

All of the credit bureaus offer something called a “credit freeze,” and it’s a great tool to keep in your cybersecurity toolbox. When your credit is frozen, your information won’t come back in a credit check, so anything that requires a credit check (like most new credit accounts) won’t go through. This can be slightly inconvenient. You will need to un-freeze and then re-freeze your credit every time you need to use it. But it will also prevent anyone who isn’t you from fraudulently using your credit.

If you have children, you should also do this for them! Kids don’t need to use credit, but criminals will gladly use their clean credit history. Freeze their credit to protect them. But make sure to protect and hold onto the PIN you’ll get that will let you un-freeze their credit. Once they need to apply for student loans or an apartment, they’ll need their credit available again.

Spam Blocker

Have you ever looked at your ringing phone and seen a caller ID that reads “Scam Likely,” or gotten a weird text message from a number you don’t recognize? It’s not an uncommon occurrence for many people. That’s because spam calls (and spam texts) are still a huge vector for scams, phishing, and other attacks. Many phone carriers are pretty good at tagging the calls with that “Scam Likely” or “Likely Fraud” message. But the phone still rings – and the texts still get through.

There are tools out there that you can add to your cybersecurity toolbox to defend yourself and your phone against these kinds of attacks. Software programs like Nomorobo and RoboKiller/TextKiller are designed to spot and block spam and scams before they ever get to you. Installing one of these on your phone (and even your family’s phones) can help keep you safe. Plus, you won’t have to deal with any more annoying spam texts and calls!

Regular Updates

Yes, behavior counts as a tool you can put in your cybersecurity toolbox. And one behavior that doesn’t take a lot of effort but has a huge impact is making sure everything is updated. Apps, software programs, operating systems, and more – if there’s an update available, update it to the newest version! Even devices like routers, modems, and printers need periodic firmware updates.

Why does it matter? Because nothing is perfect, and most programs have a bug or two that could give hackers a back door to access your data or spy on you. And because sometimes hackers find new techniques that let them into previously-secure programs. Developers fix those problems with updates. Many updates contain security patches or fixes that will help keep your data secure and criminals out. If you skip those updates, you’re leaving yourself vulnerable to attack.

Many apps, programs, and devices have an auto-update option. Turn it on where you can. And it’s also a good idea to set a regular reminder to check all your apps and programs and install any updates that weren’t updated automatically.

A Friend

Yes, your friends can be part of your cybersecurity toolbox, too! But only if you let them. Talking to someone else is actually a great way to defend yourself against scams. Many scammers work by trying to get you into an agitated emotional state. They want you to send them your money or information before you have a chance to think rationally.

You can short-circuit this strategy by having a buddy system. Talk to a friend about certain things. This could be a sibling or best friend that you call if something sounds weird or makes you emotional, or a personal rule that you don’t send money to anyone without talking it over with your spouse. However you set it up, the key is that no matter how urgent it seems or how persuasive the person on the phone or sending you messages is, you talk to your friend first.

Since your friend hasn’t been listening to the person you’re talking to and isn’t feeling the stress, urgency, excitement, or fear, they’ll be better able to look at the situation objectively. If something is actually off, they’re more likely to spot it. The other key to this: If you explain the situation to your friend and they tell you it sounds like a scam, listen to them!

This works even better if your cybersecurity buddy can also call you if they think something feels off.

Your Best Tool: Your Own Brain

We’ve talked about a lot of different tools – software, hardware, and otherwise – that you can add to your cybersecurity toolbox to defend yourself online. But your best tool is actually one that you’ve had all along: Your own brain.

Education and awareness are the foundation of keeping safe online. If everything else we’ve mentioned are tools in your cybersecurity toolbox, your brain is the box. If you know what kind of threats are out there and what hackers, scammers, and cybercriminals are up to, you’ll have a much better chance of spotting (and avoiding) them when they target you.

It’s also important to be aware of your own risk. If you are a flip-phone user with a single desktop, the kind of threats you’re likely to face are different than if you’re a frequent traveler with multiple phones for personal and business use, and those threats are different than if you’re an average internet user with kids who love social media or online games. Using tools like the Consumer Reports Security Planner, the WhatIsMyIPAddress.com Breach Check tool, and your own awareness of how you use technology and what kind of threats might target you, you can get a better idea of where your risks are and what you might need to put special effort into defending.

The best thing about this tool is that it’s easy to share. You can have conversations with your loved ones about the dangers you’ve heard about and the security steps you’ve learned to help them protect themselves.

Start Building Your Toolbox Today

The #1 reason employees click phishing links is because they were distracted. When people are focused and on the watch for warning signs, they’re often pretty good at spotting them. But nobody can be perfectly focused and on guard all the time. That’s why it’s important to use these other tools to build up some additional defenses.

If you were assembling a real toolbox, you could go to a hardware store and buy everything at once. But that gets expensive fast, and it’s easy to overwhelm yourself. Tech geniuses out there will probably have no trouble implementing all these tools right away. But for the rest of us, it’s okay to start slow. Pick one or two things to focus on. (We highly recommend turning on two-factor authentication and using a password manager as great places to start – with the two of them together, you don’t need much else to secure your accounts.)

The key is just to keep going. Don’t let the fact that you can do a ton of things keep you from doing any of them. Start small if you need to. And remember, your best tool is your brain. If researching and downloading a new software or figuring out how to configure things seems like too much, start with education. The WhatIsMyIPAddress.com blog or the Easy Prey Podcast are great places to start. There’s nothing wrong with building your cybersecurity toolbox slowly. The only wrong way to do it is to not do it at all.

Related Articles

All
  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking Basics: Learn How Networks Work
  • Online Privacy
  • Online Safety
  • Uncategorized
Jill Knesek talks about CISO challenges and solutions.

CISO Challenges in a Changing Security Landscape

The role of a Chief Information Security Officer (CISO) is constantly changing. The shifts in technology and…

[Read More]
Michael Lyborg talks about the promises and risks of business automation.

Business Automation is Great – But Some Things Should Be Left to Humans

As we see an increase in cyberattacks, it’s more important than ever for companies to be able…

[Read More]
How to Spot Fake Emails.

How to Spot Fake Emails and Avoid Danger

The good news is that you don’t have to become a cybersecurity pro to protect yourself from...

[Read More]
Introducing the Brick

The Brick Turns Off Distracting Apps, Makes Your Life Less Distracted

Here are some details. Brick is a combined software and hardware app that helps temporarily “remove” distracting...

[Read More]
Howard Goodman talks about cybersecurity and business.

Education and Communication are Key to Business Cybersecurity

The landscape of both technology and cyber threats is constantly changing. That means that cybersecurity and business…

[Read More]
Money Lender “Dave”

Money Lender “Dave” is In Hot Water with the FTC and DOJ. Scam or False Advertising?

Money-lender Dave does the one thing that all scammers do: It lied to its target through its...

[Read More]