10 Tips to stay safe online during the holiday season

Shopping cart filled with gift packages and holiday bags in front of a laptop screen displaying an online shopping website, representing the importance of cybersecurity during holiday purchases.
A portrait of Aaron Weissenfluh.
Published 11/27/2024
Author: Aaron Weissenfluh
Bio: Aaron Weissenfluh is the COO of Tenfold Security, bringing over a decade of leadership experience in cybersecurity and business operations. Passionate about securing SMBs with practical security solutions, Aaron combines strategic insight with hands-on expertise to help businesses stay protected in an ever-evolving digital landscape. Connect with Aaron on LinkedIn.

Table of contents

1. Use Strong, Unique Passwords

2. Enable Multi-Factor Authentication (MFA)

3. Beware of Phishing Attempts

4. Keep Software Updated

5. Avoid Public Wi-Fi Without a VPN

6. Back Up Data Regularly

7. Secure Payment Systems

8. Regularly Review Privacy Settings

9. Limit Access to Sensitive Systems

10. Monitor Account Activity

Use Strong, Unique Passwords

Weak passwords remain one of the biggest security vulnerabilities for businesses.

Encourage your team to use passwords with a combination of UPPERCASE and lowercase letters, 12345, and special characters!?-%.

A password manager simplifies this process by generating and securely storing passwords. You can use one to help avoid reusing passwords across platforms.

Screenshot of BitWarden password manager dashboard showing how to securely store passwords and enhance holiday online safety.
Mobile interface of Google Authenticator app displaying temporary codes, illustrating how two-factor authentication protects your accounts during the holiday season.

Enable Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) adds a crucial layer of protection, requiring users to provide 2+ verification methods to access their accounts.

Options include one-time codes sen via text or email, authenticator apps, and biometrics like fingerprints.

A password manager simplifies this process by generating and securely storing passwords. You can use one to help avoid reusing passwords across platforms.

Beware of Phishing Attempts

Phishing scams are especially prevalent during the holiday season, with attackers impersonating delivery companies, suppliers, or payment processors.

Train your employees to verify the sender's email address, hover over links before clicking, and report suspicious messages. You can also implement email filters to block phishing emails.

Screenshot of a phishing email requesting a suspicious money transfer, used to warn users about common holiday scams and how to identify them.

What's wrong with this email?

  • Sender's email doesn't match signature.
  • Use of urgency tactic: "ASAP."
  • Also look for grammatical errors and unusual tone of voice.

Keeep Software Updated

Outdated software is a prime target for hackers exploiting known vulnerabilities.

Set up automatic updates for your operating systems, antivirus programs, browsers, and business tools. If you use point-of-sale (POS) systems, ensure they are updated to the latest security standards to protect customer payment data.

Avoid Public Wi-Fi Without a VPN

During the holidays, your team may work from coffee shops, public spaces, or while traveling. Public Wi-Fi networks are a hotbed for cybercriminals who use them to intercept sensitive data.

A virtual private network (VPN) encrypts your internet connection, protecting your login credentials, payment information, and other sensitive business data. Provide your team with a company-approved VPN for safer remote work.

Logos of NordVPN, Private Internet Access, and Surfshark, highlighting trusted VPN services for secure internet connections during holiday shopping.

Back Up Data Regularly

The holiday season often increases the risk of ransomware attackers, where hackers lock you out of your data and demand payment.

Regularly back up your critical business data, including customer records, financial transactions, and inventory files. You can use both local backups (external hard drives) and cloud storage solutions.

Make sure to test your backups periodically to verify that they work.

Illustration of a cloud icon pointing to a laptop screen with cloud wallpaper, symbolizing the importance of regular cloud backups for cybersecurity during the holidays.

Secure Payment Systems

Ensure that your payment systems are compliant with Payment Card Industry Data Security Standards (PCI DSS).

Use secure payment gateways with end-to-end encryption to protect customer data. If you accept in-person payments, make sure your POS systems are tamper-proof and monitored for unauthorized access.

Clearly display your commitment to secure payments to reassure your customers.

Regularly Review Privacy Settings

Social media platforms and other online tools often update their privacy settings without notice. Conduct a quarterly review of privacy settings across your business's accounts to ensure your data remains secure

Disable features that automatically share your location or collect customer information you don't need.

Maintaining tight controls over privacy settings builds trust with your audience.

Abstract image of geolocation radar symbol with digital lines, emphasizing the importance of managing privacy settings and location tracking online.

Limit Access to Sensitive Systems

Restrict administrative access to your most critical systems, such as financial software, customer databases, and inventory management platforms.

Use role-based access controls to assign permission based on job requirements. This practice minimizes the risk of insider threats or accidental misconfigurations that could expose your sensitive data.

Red alert graphic with “Suspicious Account Activity Detected” warning, showing an example of cyber threats to look out for during holiday account use.

Monitor Account Activity

Set up real-time alerts for suspicious login attempts or changes to your accounts.

Many platforms, including banking and e-commerce services, offer tools to notify you of unusual activity.

Respond promptly to these alerts by resetting passwords, verifying transactions, or contacting your provider for further investigation.

Early detection can prevent minor issues from escalating into major breaches.

Happy Holidays

This holiday season, make cybersecurity a priority to ensure smooth operations and maintain your customers' confidence. Implement these tips and make the holidays not just joyful but secure for your business and community.

Three brown packages tied with red string surrounded by bows and ornaments, used to visually support holiday shopping cybersecurity tips.
Want peace of Mind?
Let's talk
Navigate
AboutServices BlogsPress
PartnersFlavor of TenfoldContact Us
Where to Find us
A white location pin icon.
511 Delaware St.
Suite 50
Kansas City, MO 64105
A white telephone icon
(913) 361-0357
Legal
Legal & Privacy
© 2024 Tenfold Security Consulting, Inc. | All Rights Reserved