What exactly is good internet hygiene?

Internet hygiene, digital hygiene or cyber hygiene. Call it what you will, all three terms refer to your personal internet security and data privacy. They can also contribute to the security of your employer and friends too. So what does the term mean and how can you improve your own internet hygiene?

To be perfectly honest, I don’t like any of those three terms. They are too clinical and are more likely to turn people off the subject than engage them. Nevertheless, personal security and data privacy are two of the hottest topics right now so there is no escaping them.

Perhaps rename the terms rather than escape them?

Digital hygiene

So what are we talking about? The term refers to how you behave online. How ‘clean’ you are in terms of using safe devices, surfing safely, not picking up malware and using good practices to stay safe online.

In essence, internet hygiene is all those little habits we want you to have so you can use the internet as you want to without having to worry about hacking or being hacked, phished, infected with malware, socially engineered or whatever other new tactic scammers come up with.

Digital hygiene is not the same as cyber security but the two do intersect. Digital hygiene is more to do with your habits and behaviours while online, although there is an element of defence in terms of firewall and antivirus.

Cyber security is more about protection and physical and digital defences rather than behaviours. Behaviours do form part of cyber security.

So now you have an idea of what internet hygiene is, how to do you improve it?

How to improve your own internet hygiene

There are ten basic steps you can take to improve your online security. I’m sure you will be very pleased to hear that good internet hygiene is actually very straightforward and doesn’t have to cost anything except a little time.

You can go a whole lot further if you want to but following these simple tips will protect you from 95-99% of risks out there.

Internet hygiene can be improved with:

1. Antivirus and malware scanning.
2. Using a secure browser.
3. Protecting logins and passwords.
4. Checking to see if you have already been hacked.
5. Keeping your system up to date.
6. Having backups of critical data.
7. Being careful what you say and do online.
8. Being aware of where you go online.
9. Monitoring your network.
10. Sharing what you know.

1. Antivirus and malware scanning

Always having an antivirus and/or malware scanner running on all connected devices is a key part of good internet hygiene. Even phones can benefit from using these programs as more malware is targeting phones thanks to their popularity. Both Windows and Mac users need some form of protection.

Always have security software running on your computer, set it to automatically update itself and periodically check that it is still working.

Install firewall software on all computers too. It’s an extra step but adds another defensive layer to your device.

2. Using a secure browser

You can use a secure mainstream browser like Brave or Firefox or go super secure by using the Tor browser or Iridium browsers. Tor is excellent but slow, Iridium is good but not all websites play nicely with it.

I would suggest Brave browser or good old Firefox. Neither make money from selling your data like Chrome does and neither has built a business around harvesting as much data as they can.

I have used Brave for a couple of years now and I am completely happy with it.

3. Protecting logins and passwords

Your username and password are the only two things keeping most of your online accounts safe. Making those logins as difficult to hack as possible requires a balance of being hard to guess and memorable. Unless you use a password manager.

I use LastPass and have it installed on my desktop, laptop, tablet and phone. It syncs across all devices and all I ever need to remember is one single, super-strong passphrase rather than dozens of passwords.

LastPass is not the only password manager out there. Others include Dashlane, Roboform, Keeper and KeePass. Each does things slightly differently but all do one thing well. Keep your logins and passwords safe.

4. Checking to see if you have already been hacked

I suggest checking every few weeks or couple of months to see if your email address has been subject to a hack. The website Have I been pwned? contains a list of millions of email addresses that have been caught up in the many hacks that have happened over the past few years.

The website doesn’t catch every single hack but it is complete enough to be well worth checking out. If you suddenly begin seeing strange emails appear or think your identity may have been compromised, enter your email into the box to see if you have been caught up in a hack.

5. Keeping your system up to date

Windows, Mac and Linux are regularly updated to deliver fixes and security patches. Android and iOS for phones are also regularly updated to deliver the same. If possible, have your system automatically update itself. That way you don’t have to worry about doing it yourself.

Update apps regularly or at least give them the opportunity to update. For computers, that means saying yes when you see the update notification. For phones, that means connecting to your home WiFi every now and again or allowing updates over cellular if your data plan allows.

This will ensure you are always running the latest version of programs that should feature the most recent security updates.

6. Having backups of critical data

Plan for the worst and hope for the best. This is a common adage in IT and useful for managing internet hygiene. One of those plans is backups. We hope that our cyber security precautions are enough to protect what’s ours but there are no guarantees in this line of work. Therefore we have to plan accordingly.

Most of us store our lives on phones and computers and if you don’t protect that data, it can easily be lost. That loss could be caused by hardware failure, a house fire or other disaster or a hack and you need to be ready.

Back up all critical data. Have one copy in the cloud on OneDrive or Google Drive and one copy on a USB stick kept separately from your computer. That way you’re covered whatever happens.

7. Being careful what you say and do online

The more comfortable we become with something, the more likely we are to let our guard down. This is as true in real life as it is on the internet. You should always be aware that you don’t really know who you’re talking to on the internet and not everyone is who they say they are.

Social engineering is huge right now and is growing steadily more sophisticated. Always remember that you don’t know who people really are. Don’t let it stop you socialising and meeting new people but don’t let your guard down either.

Don’t give out too much personal information. Answer probing questions very carefully and be aware of potential motives when having personal discussions online.

8. Being aware of where you go online

The internet has several layers. You have the top, most accessed layer that is full of mainstream websites. You have a lower layer full of hackers and scammers running ad servers linking to those mainstream websites or fake websites. You then have the dark web where Google fears to tread.

Being aware of where you are on the internet and where you’re about to go is key. Hover over a hyperlink before you click on it. Does the link match the description? Does it look like a legitimate website? Would you be better off visiting that link in your browser’s Incognito Mode or not visiting it at all?

It can be difficult to tell what is legit and what is not online. This can be made more complicated by URL shorteners like Bit.ly. They change how a URL looks to make it shorter and mobile friendly.

If in doubt, don’t go there.

9. Monitoring your network

Monitoring your home network is another of those terms that sounds a lot more complicated than it actually is. As long as you have a software firewall on each computer and your broadband or home router has a firewall, you should be able to see what’s going on.

The first type of monitoring is checking connections on your computer firewall. There should be a setting that shows you all existing connections. On Comodo Firewall, it’s under Firewall Tasks, View Connections. Other brands of firewall will be similar.

Check the connections to make sure you recognise them. If so, leave them alone. If not, look at the service using the connection, look up the name online and do nothing if you recognise it or block it if you don’t.

The other type of monitoring is using your router. Here you can check connections in a similar way as on your computer but for your whole network. More importantly, you can also check to see what devices are connected to it. If you use WiFi, this can be very useful.

1. Log into your router using your admin login.
2. Navigate to Network Map or Connected Devices.
3. Check every device on your network and make sure it is one of yours.

Different brands of routers will call this setting different things. My Linksys router has this under Network Map. Your router might call it something else entirely. Most routers will have some kind of map or list of connected devices.

If you recognise all devices, you don’t need to do anything. If there is a device connected that you don’t recognise, there should be a function to kick the device off the network. Use that and immediately change the WiFi password to stop that device logging on again.

It is best to open the page for the WiFi password on a different browser tab and change the password. Don’t hit save right away, kick the device on the other browser tab, switch tabs and immediately save the change.

If the device ends up being something your family was using, you can simply give them the new WiFi password and they will be able to connect.

10. Sharing what you know

The final aspect of good internet hygiene is sharing your knowledge with others. Tell your partner, your kids, your parents, grandparents or whoever you think could benefit from it. Show them what to do and tell them why they should follow these tips.

Gradually, as more and more people become aware of the risks of the internet and the simple ways to mitigate those risks, the safer everyone will be while using the internet.

FAQs for internet hygiene

What is digital hygiene?

Digital hygiene is one of several terms along with internet hygiene or cyber hygiene that describes your risk online. The terms refer to how you behave online, how secure your habits are, how ‘clean’ you are in terms of using safe devices, surfing safely, not picking up malware and using good practices to stay safe.

Why is cyber hygiene important?

Cyber hygiene is important to avoid as many risks of the internet as possible. It helps you avoid being hacked, scammed, phished, having your identity stolen, losing data, being infected with malware or viruses and many other negative experiences of the internet.

How do you maintain cyber security?

You can maintain good cyber security by following the very simple steps in this guide and always being vigilant. Vigilance is not fear. Being aware of risk is different to being afraid of it. Use the tips on this page and you don’t have to fear anything when you’re online!

What is security posture?

Security posture is an enterprise security term that describes your readiness to detect, react and recover from security situations. While mainly used for business, home users can have a security posture too. After reading this, your security posture could be described as ready and aware.