Cybersecurity Best Practices

This page, Cybersecurity Best Practices, is offered by
Cybersecurity and Enterprise Risk Management

You skipped the table of contents section.

Cybersecurity information for the public

Protect yourself at home

Home networks have become increasingly easy to set up, but that can make people overconfident in their network security.

Even if you have a professional put your home network in place, you should still verify that router, encryption, and other settings are appropriate for your household situation.

Learn how to secure your home network

Two-factor authentication Protect yourself online using something you have and something you know

Personal security

Managing your online privacy begins with the basics of regularly reviewing your privacy settings on phones, computers, and other networked devices.

This includes creating — and updating — strong passwords on your devices and using two-factor authentication (also known as multi-factor authentication) based on something you have (like a cellphone) and something you know (like a password) to ensure your online security.

Keeping educated on the latest online scams can help you avoid having your private information — or that of your family or employer — fall into the wrong hands. Hackers are always on the lookout for the next opportunity to exploit online mistakes.

Manage your privacy Create strong passwords Stay aware of short message service (SMS)/text phishing scams Dealing with cyberbullies Privacy and mobile device apps

Identity theft

Regardless of how careful you are online, it's possible for anyone to fall victim to an online attack.

If you know or fear your identity has been compromised or stolen online, there are steps you can take to minimize damage, especially if you act sooner than later.

“Don’t give out personal information on the phone or over the internet unless you are sure you know who you are dealing with.”

Avoiding identity theft Recovering from identity theft Avoiding ransomware infections

Cybersecurity information for state employees

Commonwealth employees are required to take annual cybersecurity training courses, and are encouraged to seek out additional training.

With the shift by many agencies to remote or hybrid work environments, employees must take additional precautions online with their work devices and home networks. Learn about the steps you can take to protect yourself on Microsoft Teams, Zoom, and other common collaboration tools.

Telework security fundamentals Virtual meeting safety How to report a phishing email

Cybersecurity news, alerts, and awareness bulletins

Stay informed about time-sensitive industry and government cybersecurity alerts affecting the networks, software, hardware, and services you use. Learn about the latest cybersecurity news and events from trusted sources.

Cybersecurity awareness bulletins Microsoft alerts Apple alerts Google alerts

Contact

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Address

McCormack Building

1 Ashburton Place, 8th Floor, Boston, MA 02108

Directions

Help Us Improve Mass.gov with your feedback

Did you find what you were looking for on this webpage?

Yes

If you have any suggestions for the website, please let us know. How can we improve the page?

Please do not include personal or contact information.

The feedback will only be used for improving the website. If you need assistance, please Contact the Cybersecurity and Enterprise Risk Management. Please limit your input to 500 characters.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please Contact the Cybersecurity and Enterprise Risk Management.

Please let us know how we can improve this page.