Digital Defense 101: An Almost Ultimate Survival Guide

We’ve developed a guide filled with practical tips to help you protect your digital life, from securing your devices to protecting your communications, and more.

These tips are listed in the order you should follow for maximum protection. Apply these suggestions and learn how Resonance Security can help along the way.

‍

Securing Your Device

Device Encryption

Encrypting your devices ensures that even if they fall into the wrong hands, your data remains protected. Encryption works by converting your data into an unreadable format using what's called a cryptographic algorithm. Only those with the correct decryption key can access the original information.

Enable full-disk encryption for computers: Full-disk encryption secures all data stored on your device when it is turned off, preventing unauthorized access in case of theft. Once your device’s correct password is entered, which will decrypt the data, your device operates normally without interference from the encryption.

Suggested Tools:

• Windows: BitLocker
  
  • Available on Windows 10/11 Pro and higher
• macOS: FileVault
  
  • Included for free in macOS
• Linux: LUKS
  
  • Included in most Linux distributions

Encrypt external drives and USB devices: Portable storage devices are vulnerable to theft and loss. Use encryption tools to protect sensitive data.

Suggested Tools:

• VeraCrypt: Encrypts external drives and USB devices.

Enable mobile device encryption: Our smartphones contain just about any important data you can think of, making it extremely important to encrypt the vast amounts of personal data that they store.

Suggested Tools:

• Android & iOS: Both have built-in encryption features—ensure they are turned on.

Endpoint Detection & Response (EDR)

An Endpoint Detection & Response (EDR) solution provides real-time monitoring and threat detection, helping to stop cyber threats before they escalate. EDR works by continuously collecting and analyzing data from your devices — like laptops, desktops, and servers — to identify suspicious activity or potential security breaches. When a threat is detected, EDR can respond automatically by isolating the affected device, stopping malicious processes, or alerting security teams for further investigation.

And don't worry, EDR cannot monitor your search history or other personal data, it is only looking for security breaches.

Suggested Tool:

• CrowdStrike: A leading EDR tool with platforms for both consumers and organizations, known for its proactive security monitoring and fast threat response. CrowdStrike’s Falcon platform uses advanced AI and machine learning to detect suspicious behavior, block malware, and stop breaches in real time.

‍

USB & External Device Security

USB devices, while helpful for moving files around on a day-to-day basis, can also be used to deliver malware or steal data. Follow these steps to minimize risks:

• Disable auto-run: Disabling this feature for USB devices prevents automatic malware execution.
  
  • Windows:
    
    • Open Settings → Devices → AutoPlay.
    • Toggle off "Use AutoPlay for all media and devices"
  • macOS:
    
    • Open System Preferences → Security & Privacy.
    • Go to the General tab.
    • Disable "Allow accessories to connect" under macOS Ventura+ (optional for USB security).
    • Open Finder → Preferences → General, and uncheck "External disks" under Show these items on the desktop.
  • Linux (Ubuntu/Debian):
    
    • Open a terminal and run:

gsettings set org.gnome.desktop.media-handling automount false

gsettings set org.gnome.desktop.media-handling automount-open false

• Use USB data blockers: Also known as charge-only cables. Use these when charging in public places to prevent data theft.
• Avoid using unknown USB devices: Attackers use tools like Rubber Ducky to inject malicious code.

‍

Operating System & Software Security

Keeping your operating system and software up to date is crucial for closing known security loopholes that hackers exploit.

• Regularly update your OS and software to patch vulnerabilities. You can find these updates in the Settings section of your devices.
• Download applications only from trusted sources to avoid malware. 
• Uninstall unnecessary or unused software to reduce the risk of exploitation.
• Use a virtual machine (VM) to safely test suspicious files.
  
  • VMware Workstation Player is a good free choice.
• Use online services to scan suspicious files for more comprehensive results.
  
  • VirusTotal scans uploaded files against various anti-virus engines and returns results from all of them.
  • Hybrid Analysis runs uploaded files in a safe online environment and returns indications of malicious activity, based on the execution of the program.
• Use secure browsers and extensions to enhance online security.
  
  • Browsers: Firefox, Brave
  • Ad & Tracker Blockers:
    
    • uBlock Origin (for blocking malicious ads). An open-source lightweight adblocker that does not track user activity, heavily focused on privacy
    • AdGuard (for Safari users)

Anti-Theft & Remote Wipe Measures

Devices can be lost or stolen, so having remote tracking and wiping options ensures your data stays out of the wrong hands.

• Enable "Find My Device" to track and recover lost devices. This can be achieved on various platforms like:
  
  • iCloud (iPhone, iPad):
    
    • Go to Settings.
    • Tap your Apple ID at the top (your name).
    • Tap Find My.
    • Enable Find My iPhone (or Find My iPad).
  • Google (Android):
    
    • Open Settings.
    • Scroll down and tap Security (or Google > Security, depending on your device).
    • Tap Find My Device.
    • Toggle Find My Device to ON.
  • Microsoft (Windows 10 and 11):
    
    • Select Start.
    • Got to Settings.
    • Go to Privacy & security.
    • Enable Find my device.
• Set up remote wipe capabilities to erase data if your device is lost or stolen:
  
  • iCloud (iPhone, iPad):
    
    • Enable "Find My Device" using the steps above.
    • Go to iCloud.com and sign in.
    • Click Find iPhone > select your device.
    • Click Erase iPhone (or Erase iPad) > Confirm.
  • Google (Android):
    
    • Enable "Find My Device" using the steps above.
    • Go to Google's Find My Device and sign in.
    • Select the lost/stolen device.
    • Click Erase device > Erase.
  • Microsoft (Windows 10 and 11) (You cannot wipe your device, but you can remotely lock it):
    
    • Enable "Find My Device" using the steps above.
    • Go to Microsoft Account and sign in.
    • Select the lost/stolen device.
    • Click Find My Device → Lock.

‍

Physical Access Controls

While most people believe cybersecurity is contained to the online world, it bleeds into the physical realm as well.

Passwords and PINs for Physical Devices

• Use passphrases or PINs instead of relying solely on biometrics.
  
  • Use passphrases instead of complex short passwords. Combine random words or a memorable, but hard-to-guess, sentence such as PurpleCactus$Skydiving42.
    
    • Check out our X post about passphrases to learn more about why they’re so important and how to implement them. 
  • If you need to use a PIN, use a 6-8 numerical one.
  • Don’t use easily guessable info like birthdays, pet names, or “123456.”
  • Never reuse passwords or PINs across multiple accounts
• Always lock your device when stepping away, even briefly.
• Invest in a privacy screen to prevent shoulder surfing in public places.

Home Network Security

Your home network is the gateway to your devices. Strengthen it to prevent intrusions.

• Change default admin credentials on your router to prevent unauthorized access.
  
  • It’s an easy process and it protects your networks from users that can connect to it. Consult your WiFi provider’s website for how to do this.
• Disable WPS and UPnP, which are often exploited by attackers. The process depends on your router, but the general steps are:
  
  • Log into your router by following this procedure.
  • Depending on your router’s model, disable WPS from the router’s settings.
  • Depending on your router’s model, disable UPnP from the router’s settings.
• Use a guest network for visitors and IoT devices to keep them separate from main devices.
• Change default passwords on smart devices to enhance security.

Securing Your Communication

Web Security (HTTPS & Secure Browsing)

Browsing the web securely protects what you’re doing from attackers.

• Always check for HTTPS in the URL of websites, especially on login pages.
• Use browser extensions like HTTPS Everywhere to enforce secure connections.
• Avoid public Wi-Fi unless using a VPN to encrypt your data.

VPN & Secure Networks

A Virtual Private Network (VPN) adds an extra layer of security by encrypting your internet traffic. Think of it like a tunnel surrounding your data as it’s transmitted over the web.

• Use a VPN on untrusted networks (public Wi-Fi, hotels, airports) to prevent data interception. Ideally, you can use a VPN for all your connections by enabling it as soon as you log into your device.
  
  • CyberGhost VPN (Not based in 5,9,14 Eyes surveillance countries, meaning they’re operating in a jurisdiction with stronger privacy laws and less government surveillance, making your data less likely to be monitored or shared.).
  • You can see a rough comparison of VPN providers here. 
• Use a wired connection over Wi-Fi when possible to reduce security risks.

Email & Messaging Encryption

Message and email security cannot be overstated. Our emails and texts carry everything from personal messages to bill statements, sensitive documents, and more. If your messages and emails are unencrypted, they can be intercepted. 

• Use end-to-end encrypted messaging apps:
  
  • Signal (Highly recommended for secure communication)
  • iMessage (Yes, iMessage encrypts your messages by default!)
• Types of email encryption:
  
  • PGP (Pretty Good Privacy) - Uses a public and private key pair to encrypt emails, ensuring only the intended recipient can decrypt them.
  • ProtonMail for private and secure email.

Social Media & Online Presence

Attackers can gather a wealth of intelligence from social media. Reducing your exposure can help protect against all types of social engineering attacks.

• Limit personal information such as location, job details, and vacation plans in your bios and posts.
• Be cautious about public comments. Attackers can and will track your posts.
• Adjust privacy settings to control who can view your posts, accounts, comments, likes, etc.

For example, as part of Resonance’s phishing campaign service, we used tools to gather information about a user using only their Gmail address. By analyzing the user’s contributions to Google Maps, we could infer their likely home address, the services they’ve used, and the places they’ve visited in the past:

Securing Your Knowledge

Password Management

Strong password management not only prevents unauthorized access to your accounts, but it also helps you keep track of all the passwords you use.

• Use a password manager to store and generate strong passwords across all your devices.
  
  • We recommend Bitwarden or ProtonPass!
• Avoid reusing passwords across multiple accounts. Using a unique password for each account will ensure that if hackers get into one of your accounts, they can’t use the same password to get into more of your accounts.
• Use passphrases instead of complex short passwords. Combine random words or a memorable, but hard-to-guess, sentence such as PurpleCactus$Skydiving42.
  
  • Check out our X post about passphrases to learn more about why they’re so important and how to implement them. 

Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) adds an additional layer of security by requiring multiple forms of verification. This makes it significantly harder for attackers to break into your account even if they have your username and password.

• Enable MFA wherever possible to secure your accounts.
• Use hardware security keys for high-value accounts. This requires you to use a physical key to login to your account, making it nearly impossible for a hacker to get in unless they have your security key in hand.
  
  • We recommend YubiKey!
  • For my tech savvy folks out there, here’s a technical deep dive into how YubiKeys really work.
• Back up recovery codes securely in case you lose access.
  
  • The most secure way is to store them on an encrypted hard drive (using VeraCrypt, for example) that is disconnected from any devices you use and kept in a secure physical location.
  • A simpler, less secure way is to store them on Bitwarden or your password manager.
• Use MFA on your password manager to secure stored credentials.

Phishing & Scam Awareness

Phishing attacks remain one of the most common and effective ways attackers steal credentials.

• Always verify sender email addresses and URLs before clicking links.
  
  • For Email Addresses
    
    • Check the domain: Make sure the part after the "@" matches the official website (e.g., support@paypal.com, not support@paypa1.com).
    • Watch for subtle misspellings: Scammers often use small changes like replacing letters with similar-looking ones (like "rn" instead of "m").
    • Look for generic language: Real companies usually address you by name, not with vague greetings like “Dear customer.”
    • Check the reply-to address: Sometimes the displayed email looks legit, but clicking "Reply" reveals a suspicious or different address.
  • For URLs
    
    • Hover before clicking: Place your mouse over the link (without clicking) to preview the actual URL at the bottom of your browser. Additionally, you can copy the URL and run it through VirusTotal to see if it is a known malicious link.
    • Look for HTTPS: Ensure the URL starts with "https://" — the “s” means it’s encrypted, though this alone doesn’t guarantee safety.
    • Watch for typos or strange characters: Phishing links often use slight misspellings or extra words (like “amaz0n-support.com” instead of "amazon.com").
    • Avoid shortened links: Services like bit.ly or tinyurl can hide the real destination — only click if you trust the source.
• Avoid downloading unexpected attachments, as they may contain malware.
  
  • Again, you can upload suspicious email attachments to Hybrid Analysis to get a quick and easy report on if it is potentially malicious or not.
• Conduct periodic phishing simulations on yourself and your organization to test awareness.

Protecting Your Digital Identity

Your online identity is incredibly valuable. It can include your online activities, social media profiles, email addresses, digital purchases, interactions on forums, online gaming profiles, and more. Essentially, everything that can be linked to you through the internet.

• Use different usernames for personal and professional accounts. Segmentation is key.
• Regularly run personal security audits to identify and remediate weaknesses.

Key Tools from Resonance

Achieving complete security is not a one-time task, it is an ongoing commitment that requires constant vigilance, adaptation, and resilience. As risks continue to get more sophisticated, so must your defenses. At Resonance, we understand this dynamic landscape and the challenges individuals face in staying protected. That’s why we have developed a comprehensive suite of cybersecurity solutions designed to keep you ahead of these risks. Some key tools in the lineup include: 

• Resonance Security’s SOC Team: Our defensive security team provides EDR licenses at a reduced price along with constant monitoring of alerts and incident response should something happen. You don’t need to worry about monitoring your devices or responding to a breach yourself, we’ll do it for you. You can check out our comprehensive guide to defensive security services here. 
• Equalizer: Our Equalizer tool offers a wide variety of phishing simulation scenarios to train individuals and organizations on how to avoid falling victim to these types of attacks. We also provide in-depth, customized social engineering training designed to teach proper awareness of various phishing attacks used in the wild.
• Tuner: Our data leak detection tool, Tuner, can be used to discover, track, and remediate your credentials that have been leaked on the dark web. It’s imperative to know which of your accounts have been compromised and re-secure them as quickly as possible.
• PulseCheck: A quick and easy cybersecurity assessment designed to give you a clear picture of your current security posture. It generates a detailed report with step-by-step recommendations, helping you understand where you stand and what steps you can take to strengthen your defenses. Cybersecurity doesn’t have to be overwhelming, and with PulseCheck, you can take the first step toward proactive protection without any cost or commitment.

At Resonance, we take a proactive, hands-on approach to cybersecurity, equipping you with the tools, training, and continuous monitoring needed to stay secure. No matter where you are in your cybersecurity journey, we can help you implement any of the tips and strategies outlined in this article, ensuring you have the right protections in place. Don’t wait until it’s too late. Contact us today to take control of your personal security.

About the Authors

George Skouroupathis is a Senior Cybersecurity Engineer at Resonance. He spends his days immersed in code, developing security products to protect the world, and refining techniques for social engineering campaigns.

Grace Dees is the Cybersecurity Business Analyst at Resonance Security. She specializes in the intersection of traditional and Web3 security by bridging the gap between technology and business objectives to deliver impactful solutions aligned with client needs.