The Internet is a vast, virtual universe, full of information we never had thought to have access to, even a decade ago. We can sell, teach, meet new people, and share new experiences from the comfort of our own home offices, on the way home from work, or at our favorite local coffee shop.

Like everything else, there are two sides to every coin. While a majority of us peacefully sell, teach, meet, share, there are dangers that lurk that can threaten the safety of our private information. We’ve all seen the headlines about data breaches and stolen information for passwords, credit card information, and pin numbers. It can happen to anybody; even Facebook CEO Mark Zuckerburg is not immune to these cyber attacks.

It can be a real strain on time, resources, and peace of mind for both business owners and consumers alike, but thankfully, there are some best practices that we’ve gathered that can help you protect your business and its private information.

Be Aware

Knowledge is power when it comes to cyber security. By knowing the dangers beforehand, you can be more aware and take proactive steps to protect yourself against cyber attacks. Take a couple of minutes every day to catch up on the latest security breaches to remain aware about possible vulnerabilities and dangers.

Educate Employees

A majority of security breaches occur because employees misuse private information. According to Forrester, 15% of security breaches are caused by vindictive external attacks while a whopping 85% were due to employees not being properly trained on how to handle sensitive information. One possible cause of this is that many organizations nowadays allow employees to use their own devices to work, i.e. bringing personal laptops, tablet, mobile devices into the workplace. These same devices are taken outside of work to public wi-fi hotspots where they become vulnerable to potential attacks. Businesses can help prevent this from happening by reminding employees to create complicated passwords (complete with lower/uppercase letters, numbers, and special characters) and to change them often (every 60-90 days). In addition, remind employees to not open suspicious emails or click on suspicious links, even if they know the sender.

Utilize Password Generators

Guilty of using the same password over and over for multiple accounts for years? This is the surefire way to get multiple accounts hacked. In order to stay secure, change your password, change it often, and avoid using the same password for multiple accounts. If you’ve run out of ideas for new passwords, there are dozens of password generators that can create your next password for you. These online services will take care of inventing a safe password that will make your account difficult to crack.

Turn on Privacy Settings

Take time to review your privacy settings for social media accounts and apps that you share information through. Sometimes, default settings are set on private, sometimes they aren’t depending on the particular site or app. Make sure you’re sharing information with you want to share it with and avoid getting too personal with public posts or activities. Simply “liking” another post can provide hackers with information on your preferences and tastes, which can make it easier for them to crack your password and secret code words.

Initiate 2-Step Authentication

One of the easiest ways to ensure your account is protected is to activate two-step authentication. Google, social media platforms, and banking systems will have this option where you enter your account password, and the app will prompt you to enter a verification code that was sent to another source, normally your mobile device via text message.

Always Be (A Little) Suspicious

When it doubt, don’t click or open it. The Internet is full of wonderful things, but it’s also full of suspicious spam and phishing emails that can get you into trouble. Experts advise to only add contacts to your friend or connection list whom you know personally. Emails that prompt you to “CHECK THIS OUT!” or tell you news “you won’t believe” is a potential data breach in disguise, even if it’s coming from a sender you know.