The 10 Commandments…of Internet Security

1 Thou shalt not click links in email!
2 Thou shalt not transfer money or change banking information without confirming with a voice or video call
3 Thy Browser (NOT Internet Explorer) shall block local code execution by default. Recommend uBlock Origin Plug-In
4 Thou shalt update PC/Phone/Firewall/AV/Browser on a schedule. If your phone can’t run latest OS, its time to upgrade. (get one with fingerprint unlock) Allow 1 week for patches to work out bugs.
5 Portable Devices (phones, laptops) containing company data (email) shall have lock screen enabled, must auto lock after 15min. OS must be minimum latest minus 1 (no old versions of Android) Device must support remote wipe or Encrypted storage. Thou shalt not install from unofficial sources (Fortnite)
6 Thou shalt Backup to offline/version controlled/immutable storage.
7 Thou shalt not advertise your password reset questions on social media. IE your mothers maiden name. Offset your birthday by 1 day.
8 Thou shalt use a VPN when on public wifi. (coffee shop, airport, hotel) NordVpn or work VPN
9 Thou shalt not use the same password everywhere! Use a password manager (LastPass) and make a QRcode of your strong, master password (qrcode-monkey.com)
10 Thou shalt not leave devices with their default password! (Wireless Router, IoT devices, WebCams, anything cloud enabled)

Cyber-Master Bonus: Enable 2 Factor Auth on email and LastPass. Email is used to reset every other online password. If you must use SMS 2FA ask your phone carrier to set a SIM PIN (put it in your Password Manager). (makes SIM-Swap attacks more difficult)

sduncan