Cybersecurity Association of Pennsylvania’s Online Safety Basics

Protecting Pennsylvanians in a Digital World

With just a few small steps, you can shield your personal information, secure your devices, and dramatically reduce your risk online. You don’t need to be a tech expert or spend a fortune—just a few minutes of preparation can go a long way.

“Cybersecurity isn’t about paranoia—it’s about prevention. With the right habits, every Pennsylvanian can become their own best line of defense.”
— Scott Davis, Chairman, Cybersecurity Association of Pennsylvania

We’ve put together ten practical, proven steps you can take to stay cyber safe at home, at work, and on the go.

1. Keep a Clean Machine

Update your software regularly. Whether it's your phone, tablet, or laptop, keeping software up to date helps prevent malware, ransomware, and other cyber threats. Better yet, enable automatic updates where possible.

“The biggest vulnerabilities we see are from people ignoring those update notifications. It’s like leaving your front door unlocked—don’t do it.”
— Scott Davis

2. Create Long, Unique Passwords

Make your passwords strong and memorable. Go for at least 12 characters using a mix of letters, numbers, and symbols. Better yet, use a passphrase—something like IL0veP@CyberSaf3ty! (but make yours unique).

3. Use a Password Manager

Still writing passwords on sticky notes? Time to upgrade. Password managers securely store all your login info in an encrypted vault and can even create new strong passwords for you.

“Password managers are a must. They simplify your life and massively improve your security posture.”
— Scott Davis

4. Enable Multi-Factor Authentication (MFA)

Add an extra lock to your digital doors. MFA requires you to confirm your identity in more than one way—like entering a code from your phone or scanning your fingerprint.

“Multi-Factor Authentication is like adding a deadbolt to your front door. Even if someone has the key—your password—they still can’t get in without that second lock. It’s a      simple step that stops the vast majority of break-in attempts before they even start.”
— Scott Davis, Chairman, Cybersecurity Association of Pennsylvania

5. Think Before You Click

Phishing attacks are one of the most common cybercrimes. Never click on links or download attachments from unknown sources. Take five seconds to pause and assess before you act.

“If it looks suspicious, it probably is. Trust your gut and verify before you click.”
— Scott Davis

6. Report Phishing

Whether it’s at work or home, reporting phishing attempts helps stop the spread. Use your email or platform’s reporting tools, and notify your IT or security team when appropriate.

7. Use Secure WiFi

Avoid sensitive transactions on public WiFi networks. When in doubt, use a VPN (virtual private network) or your phone's hotspot for a safer connection.

“Using open WiFi at a coffee shop is like shouting your passwords across the room—secure your connection.”
— Scott Davis

8. Back It Up

Protect your photos, files, and important data by backing up regularly. Follow the 3-2-1 rule: three copies of your data, two on different media, one offsite (such as in the cloud).

9. Check Your Privacy Settings

Review app, account, and device settings to control what data is being collected or shared. Do this whenever you install a new app or sign up for a new service.

10. Share with Care

Be mindful of what you post. Oversharing on social media can open the door to identity theft, social engineering, and reputational harm.