., click here to enter for a chance to win one of our many $50 gift cards we are giving away.

Learn more

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

30 Cybersecurity Tips for Families & Schools

., you're logged in!
Enjoy this resource and share our programs with your school district to send these resources to your whole community
Tell Your School District About Our Program
., you're logged in!
Share this resource with a parent at .  (or visit our new sharing center)
., you're logged in!
Enjoy this demo pass. Click the button to share access with leaders in your school district (or visit our new sharing center)
Share Your Demo Pass With School District Leaders

Become a member or login to learn more on this topic

Superintendents, Directors and Principals: Request a partnership on this page to unlock our resources for your whole community.

Become a member or log in to learn more on this topic

Superintendents, Directors and Principals: Request a partnership on this page to unlock our resources for your whole community.
Quotation marks

This is great info, thanks for giving me some ideas on how to start a dialogue with my teen!


Sharon M.

Parent VIP Member

Quotation marks

Josh's presentation about social media was unbelievably fantastic. Our students learned so much about what kids should and shouldn't be doing. The fact that it is such a thoughtful process made it all worthwhile.


Director of College Advising

Educator Webinar Attendee

Quotation marks

This webinar is a very helpful eye-opener on the apps that are popular with my students.


Irene C.

Educator Webinar Attendee

30 Cybersecurity Tips for Families & Schools

., you're logged in!
Enjoy this resource and share our programs with your school district to send these resources to your whole community
Tell Your School District About Our Program
., you're logged in!
Share this resource with a parent at .  (or visit our new sharing center)
., you're logged in!
Enjoy this demo pass. Click the button to share access with leaders in your school district (or visit our new sharing center)
Share Your Demo Pass With School District Leaders
Cybersecurity Tips for Families and Schools

We protect our valuable items: houses, cars, important paperwork…but how much do we protect our digital assets and information? Cybercriminals are getting savvy with their phishing emails and hiding malicious downloads. Both schools and families are vulnerable to attacks from every individual email account on their network.

So, we asked cybersecurity experts for best practices and warning signs for both families and school staff to look for to avoid phishing, ransomware, and malicious downloads.

Paul Bischoff

1. Teach cyber “hygiene”

Paul Bischoff, Privacy Advocate, Comparitech

For younger kids, parental monitoring software on laptops and phones can inform parents of what their kids do online and let parents set content policies to block inappropriate content.

Teach your kids basic cyber “hygiene”: 

  • Don't click on unsolicited links or ads 
  • Don't overshare on social media 
  • Keep apps and operating systems updated 
  • Set a unique password for every account
  • Adjust the privacy settings on all of your apps and operating systems

I always recommend parents of teenagers follow and friend their kids on social media. By joining the same social networks, parents can monitor their kids while maintaining a safe distance. Parents will get to know the risks associated with the social networks that their kids use, and kids will be less likely to engage in risky behavior if they know a parent is watching.

There's no shortage of real-life examples in which people were scammed or hacked and suffered significant losses.

Keep learning and staying up-to-date about cyber safety with  resources like SmartSocial.com or Comparitech.com.

Tech-savvy teens falling prey to online scams faster than their grandparents
“This age group is very comfortable being online and being very public about their lives,” McClellan said. “So that makes them very trusting when they’re on the Internet.”


Ling Ling Fung

2. Family discussions

Ling Ling Fung, CEO, Metro Baby

Cybersecurity should be talked about by every family as a whole. Times are changing and being vulnerable to these kinds of attacks is becoming more and more common.

No matter what the ages of the household members are, it should be addressed proactively. It can be brought up during dinner or anytime that everyone is gathered around. Among the topics that should be discussed are reminders of creating strong passwords, never clicking pop-up spam, never giving out personal information, and being careful about what's downloaded. 

Students, in particular, need to be briefed in a way that they can understand. Explain to them rules they must obey in simple terms. For younger children who cannot grasp the concept just yet, Internet usage should always be supervised. Having open conversations with the family is important in instilling vigilance for any online activity.

Parents and kids alike should remember to not overshare on social media.  Social networks can easily be exploited and used for cyberattacks. To prevent this from happening, limit the posts you share on social media. For instance, do not announce your vacation until it is over. Do not post your whereabouts because doing so is basically saying I'm not at home, rob me. 

Discuss among your family to change social media accounts to private and update security pages regularly. Remove any personal information and unfriend people you don't know.

Josh Ochs

3. Research all parental controls before downloading

Josh Ochs, Founder, SmartSocial.com

Parental control software and antivirus software can be great additions to help protect your family’s cyber security. We recommend doing thorough research on the software before buying and downloading it to your devices. Some companies are based in countries that do not have similar privacy protections like we have and may have links with their governments. Read our Parental Controls resource to find out some pros and cons of dozens of popular parental control and cell phone monitoring apps.

Cindy Corpis

4. Disable location services

Cindy Corpis, CEO, SearchPeopleFree.net

The easiest ways to prevent being a target of cyber-attacks are to prepare your personal computer systems for intrusions, warn your family about potential hazards, and be vigilant of strange behavior.

On your personal computers, you must download powerful antivirus programs that will constantly monitor the computer for hazardous items which may have developed as a product of a cyber-attack. Running a nightly scan for upgrades will guarantee that your system has more up-to-date security. 

Change your privacy options and disable location services to avoid extra possible assaults. Make sure you communicate to young kids about how serious cyber-threats are and about what to look out for. 

Preventing cyber-attacks is the easiest means of avoiding them, and it may be as simple as paying enough attention to strange emails.

Claudiu Cogalniceanu

5. Be aware of the services you use

Claudiu Cogalniceanu, FindMyData

These recommendations might not seem like much, but they can really help consumers protect and preserve their information, as well as their family’s information.

  • Use strong passwords, but make them different for every account/device you use. Consider a password manager like Dashlane to help manage strong passwords for your whole family (learn more: SmartSocial.com/dashlane)
  • Make sure you change your passwords frequently - I change all my passwords every 3 months
  • Be aware of the services you use and make sure you know what they do with your personal information. Might not be a surprise to everyone, but many organizations from around the world sell and share their users’ personal information, and is usually done without the users’ knowledge
  • Delete your information from companies you don’t use anymore. This is particularly helpful and I strongly recommend this. If a company can’t make money out of you, they might sell your information to make up for their loss. Unfortunately, this cannot be achieved by everyone, as only a few states in the US have privacy laws, but those that have this ability should always clean their digital footprint
Alon Golan

6. Backup and make copies

Alon Golan, Product Marketing Manager, odix

Like any other core topic related to families, first and foremost I would say they should invest in values, cyber education, and cyber awareness.

  • Know that if a good hacker wants to hack your computer, they will find a way
  • Make sure to have at least two copies backed up on physical removable media (thumb drives and hard drive)
  • Have the copies backup up once a month, and have each copy backed up in different months (for example, Hard drive 1 would back up the files in January, March, May… while Thumb drive 2 will back up the files in February, April, June…). That way, even if you have a “sleeper cell” ransomware on your backup, you can still recover some information from the other disk
  • Invest in cloud backup
  • Make the hacker's life difficult by applying strong passwords and changing them every 6-12 months or after every time you hear about a breach to a service that you are using or a family member, friend, colleague, who gets breached
  • While most think that using a password such as ‘THISi$V3rySafe’ is the best, it’s better to have a longer sentence you can remember such as ‘once upon a time I forgot my keys attached to the door’
  • Don’t be lazy: apply different passwords for different accounts. If a hacker gets your password they can and will be using it with different services you are using based on your email address. Don’t want to remember a lot of different passwords? Consider a password vault like SmartSocial.com’s recommendation of Dashlane 

As a good percentage of successful hacking campaigns originate from email, I would focus my efforts on that topic:

  • Self-educate yourself and your family about phishing and social engineering. Many phishing simulators are affable online, to help you train yourself and distinguish between a legit email and a suspicious one. As a general rule of thumb, if you don’t know the sender or the file sounds too good – do not open it!
  • Look for file elimination tools also known as Deep Content Disarm and Reconstruction (CDR) or Deep File Analysis solutions
  • NEVER give any personal information out via email. No service provider will ever ask you to give your password, credit card information, etc. online. If you receive such a request from a close relative, colleague, or friend – perhaps their account has been hijacked. The best practice is to give them a call and verify they indeed sent that request
  • Apply MFA (Multi-Factor Authentication) in as many tools as possible. When possible, set a backup email address different from your primary one

7. Determine your security threats

Craig Thompson, HackingVision

With the aid of the Internet, we now have access to a wealth of information that may help us enhance our lives in new and interesting ways. The Internet, on the other hand, has the potential to harm us and others we care about. We hear all too often about another corporation being hacked, or a friend's email or social media account being hijacked. These dangers are quite serious. 

Here are tips to help minimize these risks: 

Determine the security threats that exist in your house and on your devices: Hackers can get access to your home's Wi-Fi network. Consider security software that can identify intruders on your network and make sure your password is tough to guess. Teach your children the importance of staying away from public Wi-Fi networks. 

When was the last time you utilized a public Wi-Fi hotspot? Almost every coffee shop, school, airport, and hotel now provides a way for you to access the internet using your phone or another mobile device. That means that unless you've taken efforts to protect your data, hackers in the area might acquire access to your phone's data.

Become an authority on the subject of phishing: You may know better than to click on a URL that looks to be from your bank or a friend, but does everyone in your household? Teach your kids about phishing and don't let them click on links in emails or social media posts. Invest in a security program that can identify and block questionable URLs.  Read more at SmartSocial.com’s Parental Control Software & Cell Phone Monitoring Guide.

Recognize that cybersecurity is an ever-changing target: Because cybercriminals are continuously developing new risks, you must be vigilant about downloading the most recent security updates and patches and keeping an eye on the news for any new threats.

Remind your family that just because their gadgets are protected by antivirus and firewall software does not imply that a hacker will not deactivate them.

Keep a watch out for con artists: There are many techniques to persuade you to provide your personal data. Even ostensibly, legal firms can dupe you into signing yearly payments and other similar contracts. Pay close attention to the statements on your credit cards.

Students should be taught the significance of online safety: When it comes to cybersecurity, children are typically the weakest link. Install security software to prevent minors from viewing or clicking on inappropriate links or websites. Teach kids about unethical internet behavior and encourage them to seek help if something seems strange.

Michael Miller

8. Consider an identity protection service

Michael Miller, CEO, VPN Online

In our increasingly digital world, protecting our families against cyberattacks is more important than ever. While there are many steps we can take to safeguard our online identities, one of the most important things families can do is to subscribe to an identity protection service. 

These services monitor your personal information for signs of fraud or theft and provide tools to help you recover your accounts if they are compromised. In addition, they often offer insurance in case of financial losses due to identity theft. By subscribing to an identity protection service, you can give your family the peace of mind that comes with knowing you have taken a proactive step to protect them from cyberattacks.

Additionally, families should make sure their home computer networks are secure and that their devices are up-to-date with the latest security patches. 

Finally, it is important to have a plan in place in case of a cyberattack. By having a plan in place, families can ensure that they know what to do if their personal information is compromised or if they are the victim of identity theft. In addition, a plan can help families quickly and efficiently recover from an attack, minimizing the disruption to their lives. 

By taking these precautions, families can help to protect themselves against the ever-growing threat of cybercrime.

Bill Mann

9. Don’t take "candy" from strangers

Bill Mann, Privacy Expert, Restore Privacy

We teach our children to never take candy from strangers on the street, but the same type of conversation needs to be had with our kids surrounding the use of the internet. Children are naturally impressionable which makes them far more likely to be susceptible to social engineering scams where they voluntarily give personal information that cybercriminals then use against them.

A great way to instruct kids about cyber security is to show them obvious phishing messages and ask them to identify why they are fake. Turn it into a game where you quiz your kids on the signs of scam emails, like if there are obvious spelling errors or low-resolution logos. 

A great safe-guard to prevent cyber attacks is to set up a VPN for your home computer (learn more on SmartSocial's Parental Control recommendations page). This will make it much more difficult for cybercriminals to prey on your family by masking the whereabouts of your IP address. These are common in businesses but are less so in home computers. 

Start drilling into your kids that they should never respond to any direct message or emails without your supervision. Make the downloading of any file or program off-limits. Create hard lines that they know they shouldn't cross, and enforce consequences if they are crossed. Kids will naturally try to push the limits and will be given many opportunities to do so. Make sure you are prepared by frequently monitoring their online activity and putting parental controls in place whenever possible. 

Artem Sryvkov

10. Secure your printers

Artem Sryvkov, EB Solution

It may sound trivial but you won’t believe how much valuable private information can be pulled by hackers from your printer without you even noticing it. And that’s not all, printers nowadays have access to your devices, network, and the internet which makes them a perfect target for hackers trying to spread their botnets and malicious software.

So, what can an ordinary person do to protect their printer? First of all, use a stronger password. If I had to guess, I’d say that every 4th or 5th printer can be “hacked“ by using a simple list of 50 most common passwords. So please, change your “admin” or “password123” or even worse “qwerty” password to something stronger. A good password should be something in a range of 12-16 characters that has numbers, letters (both lower and upper case), and special symbols like asterisks, underscores, braces, etc.

Also, look into your printer settings/properties. Going through the tabs you’ll probably find a tab with all the users that have access to that printer. Make sure that only devices you trust have access to your printer. Found someone you don’t know? Remove their access and change your printer password. Didn’t find anyone suspicious? Great, check back in a month or two. This is a nice habit to have and it takes less than a minute to do.

And lastly, update your printers regularly. Every printer company spends huge amounts of time and resources on finding and fixing software vulnerabilities.

Brent Hale

11. Consider a credit report freeze for your kids 

Brent Hale, Chief Content Strategist, Tech Guided

I have seen a lot of disturbing cases of cyberattacks in my career which is why I'm always so worried about my family, especially my kids. 

We often see network safety for seniors on the news as they succumb to email and telephone phishing tricks. Be that as it may, with regards to fraud, kids are considerably more prone to be impacted. 

Why are children an ideal target? Consider it - kids won't have to look at their credit reports for as long as 18 years. Criminals can assume cards in their names and enjoy the good life, damaging your kids’ future credit scores. They'll pile up unpaid liability until your child is denied a school advance since they're some way or another $1 million strapped in debt.

I explain to my kids that I'll put a credit freeze on their report (or if nothing else check it) to keep key safety issues from influencing them later on. Every time I survey their credit report I include them in the process to cultivate knowledge of what I'm doing, how I'm doing it, and also why it's important for them to learn.

Tristan Harris

12. Use familiar words and metaphors to explain digital safety to kids

Tristan Harris, Demand Generation Senior Marketing Manager, Thrive Internet Marketing Agency

The simplest approach to explaining these cybersecurity concepts to a child is by using familiar words and analogies that they can understand. Some examples are talking about computer viruses, password sharing as well as fraud. The risk that your information might get hacked or stolen is called cybercrime!

As for me, I relate the risk of sharing the password to giving your house key to a stranger. Another example is how anti-virus software can best defend yourself against online threats like malware and other computer viruses; you can compare it to vaccinations against common flu that help boost the immune system against future attacks on the body.

By making simple connections to the real world, children can better comprehend the dangers of cybersecurity. I also recommend the FBI’s Safe Online Surfing. This site offers games and teacher resources to help children of all ages stay safe online.

13. Always use multi-factor authentication

Timothy Robinson, CEO and Cybersecurity Expert, InVPN

Headshot of Timothy Robinson
Timothy Robinson

Being a cybersecurity expert, there are many tools and techniques schools can use in addition to security awareness training to avoid cyber incidents. 

Phishing can be prevented by allowing multi-factor authentication (MFA) for all school facilities, including teacher and student email accounts and any other program that stores confidential information. It's also never too early for students to learn how to apply this method to their online lives outside of school.

With the volume of data brought in by remote learning, educational institutions can back up their systems on a regular basis and store backups in an 'offsite' spot. Offsite can be described as a location that is not linked to the main network, making it much more difficult for a criminal hacker to delete or encrypt backups.

14. Read tips from the Federal Trade Commission, FBI, and even PBS

Aliza Vigderman, Senior Content Manager, Security.org

Headshot of Aliza Vigderman
Aliza Vigderman

Here are some clues that an email is potentially phishing, according to the Federal Trade Commission:

  • The email looks like it’s from a company you’re familiar with, whether that’s a social media site, a bank, a credit card company, etc.
  • The email tries to get you to click on an attachment or link, saying something like there’s a problem with your account, you have to confirm personal information, or you’re eligible for a coupon.
  • The email has a generic greeting that doesn’t use your name.

The easiest way for employees, staff, and teachers to avoid phishing, ransomware, and downloads in their professional communications is to download antivirus software on all of their work-related devices. Antivirus software scans for phishing, ransomware, and other types of malware, quarantining malicious software if it finds it so that it can’t affect the rest of the device.

As soon as students are granted access to school-provided email accounts is also when schools should start teaching students about phishing, ransomware, and malware. Being able to recognize phishing emails is essential for safe internet usage. There are a number of user-friendly digital security resources for kids that can teach them the basics of malware and cyber-attacks from organizations like PBS and the FBI.

15. Creating a cyber threat team and response before there’s ever an incident is key

Sidra Ijaz, Research Analyst, InvoZone

Headshot of Sidra Ijaz
Sidra Ijaz

There are many clues that an email is phishing. These emails are designed in a way that the victims respond and click on the links immediately. The content of such emails is specially designed to manipulate the emotions of the victims. For example, sometimes they have a sense of fear in them.

These are a few patterns in a phishing attack:

  • Such emails manipulate victims emotionally
  • They have a sense of urgency
  • Links look suspicious. The best way to identify phishing links is by using secure phishing detection services such as Google Transparency Report
  • There may be spelling and grammatical errors

Awareness is the key. The major source of ransomware attacks is phishing emails. For example, unaware employees can unknowingly assist in ransomware attacks by downloading malware through phishing emails. Awareness training of all the staff, teachers, and students can significantly reduce the impact of phishing and ransomware.

We have to change our cyber defense mindset from ‘incident response’ to ‘continuous response’. We have to adopt proactive cybersecurity measures against evolving ransomware attacks. These include offensive cybersecurity measures (such as ethical hacking and pen-testing), and cybersecurity drills. You can check the level of awareness and security culture in a school by launching a mock phishing attack.

Ransomware and phishing attack mitigation requires swift measures from incident response teams. Data protection and backup, forensic analysis, and disaster recovery plans are key to reduce the impact of the attack. School administration should work on developing a cybersecurity team.

As soon as students start using computers/smart devices is when schools should be teaching cybersecurity training to them. Students should be aware of the cyber threat landscape.

16. Read every sentence & review the sender’s email address

Tom Kirkham, Founder and CEO, IronTech Security

Headshot of Tom Kirkham
Tom Kirkham

Here are some tips on how to spot a phishing email on your own:

  • Is it coming from a public email domain or a private email domain? It shouldn’t be coming from an email address with a public email domain. For example, you’re not going to get an email from someone at our company that says irontechsecurity@gmail.com. It’s going to be from an email address such as commandcenter@irontechsecurity.com. Make sure to look at the email address before you do anything else
  • Are there spelling errors in the email address? Read the email and check for spelling errors. Check the sender’s email address for spelling errors. It will be an error that will be hard to spot and it looks correct at first glance. This happens pretty often because cybercriminals think you won’t be cautious enough to check the spelling. For example, they might spell Amazon like Arnazon. (They would change the m to an r and n to make it look like an m.)
  • Is the content grammatically correct or is it poorly written in general? If you get an email and it’s full of grammatical errors and not well written, that’s a sign it’s a scam. Actual companies/organizations aren’t going to make this mistake
  • Is there an attachment or link in the email that you weren’t expecting? Hover your mouse over any unsure link or attachment. If the link isn’t what you are expecting, it’s possibly malicious. It’s better to be safe than sorry, so if you’re unsure about opening a link or attachment, ere on the side of caution and don’t open it
  • Does the email sound strangely urgent? Some examples of this are when the email says they need money now or they need you to give them information ASAP. This isn’t realistic and can easily be debunked. They’ll usually pose as your boss, a senior executive at your company, or your bank because they think you are more likely to give these types of people sensitive information

The best way to educate employees/staff on phishing emails, malware, and ransomware is by implementing a continuous cybersecurity training program. By enrolling your employees/staff in a continuous cybersecurity training program, you’re giving them the knowledge to keep themselves safe from cybercriminals.

When it comes to students, it’s best to educate students about phishing emails, malware, and ransomware as soon as possible. By doing this, you’re giving them the knowledge to avoid these types of attacks. The younger they’re able to recognize these things, the better it will be. Learning about how to stay safe online early on in life will be beneficial as they get older and use technology for college and their careers.

17. Provide fun, engaging, gamification cybersecurity training for everyone - students, parents, teachers

Andee Harston, Curriculum Manager, Infosec

Headshot of Andrea Harston
Andrea Harston

In this day and age, you must be extra vigilant when it comes to checking your emails for phishing attempts. There are several things you can do to determine if an email is a phishing email:

  • Hover (don't click!) over the sender's email address and check for any misspelled or suspicious domain names. Double-check the sender's email address and ensure it matches your expectations
  • Read emails with caution that use words like immediately, cancellation, or notification. This is very likely an indicator that the email is a phishing attempt. Hackers often use psychological tactics to pressure users to respond quickly or out of fear
  • Verify unexpected email attachments before clicking or downloading. Always contact a trusted secondary source to validate if the email is legitimate. This could mean calling a coworker from a phone number in your school/business directory and asking them if they sent an email or reporting the email as SPAM to your IT department
  • Watch for misspelled words, grammatical errors, or strangely constructed sentence structure. A poorly written email may also be (but not always) an indication that it is a phishing attempt

One of the best ways to inspire secure habits among faculty and staff is through relatable, relevant training that leverages educational best practices like micro-learning and gamification. This starts with engaging training that helps faculty and staff understand why bad actors target schools and student data - and what they can do to protect themselves and their students. Where possible, we recommend using real-world examples to help make training real for educators.

You can start by implementing a good cybersecurity education program to educate teachers, employees, and staff to identify malicious emails. Train thoroughly and often, at least quarterly. Teach employees to question all digital correspondence and always, always trust their gut instinct. Then make sure employees know who to report suspicious emails to and how to report them using the school's incident response call tree or email reporting system.

Recommended topics include password complexity guidelines for home routers/computer assets, timely system patching, and good data privacy practices, including how to share information safely online and how to recognize phishing emails.

It's all of our responsibility to teach children about the security risks associated with email accounts and internet access. This is no different than teaching kids to look both ways before crossing a street; their safety and welfare depend on their ability to stay safe online.

Additionally, schools should consider an outreach program to parents. A fun monthly or quarterly newsletter, written and researched by students, helps educate parents and students simultaneously.

18. Use the old adage: ‘don’t talk to strangers’

Janis von Bleichert, Founder, EXPERTE.com

Headshot of Janis von Bleichert
Janis von Bleichert

Generally speaking, phishing, ransomware, and malicious downloads all have one thing in common: they require the user to 'get the ball rolling.’ Starting from that point, the best defense against getting infected with such files is to encourage faculty, students, or teachers to do nothing if they think something is 'fishy' or 'too good to be true’. 

Should a teacher or student have any doubt whatsoever about an email, a download, or an attachment, they should err on the side of caution. For schools, this can be done similarly to how students are instructed to 'not talk to strangers', albeit, in a digital context.

Apart from instilling a very healthy dose of care when opening links or downloading files, it's also good to show faculty, staff, and students how to set up and use a (qualitative) and free antivirus or anti-malware suite. During our internal review process, Avast, Sophos, and AVG were the three best free suites we tested. Teachers can integrate installing and running virus scans into computer lessons, and show students how to engage real-time protection.

Finally, within browsers, it's a good idea to introduce students and teachers alike to ad-blocking extensions, since this can also close off a lot of the avenues for an attack that malware can use to establish itself on computers.

19. Create a healthy dialogue around internet privacy

Elizabeth l. Jeglic Ph.D., John Jay College – City University of New York
Elizabeth Jeglic headshot
Elizabeth l. Jeglic Ph.D.

Talk to your child about online privacy issues, making sure they know to never identify their name, school or city/state in which they live.
If they ever see or experience something that makes them uncomfortable they should tell/show you.
Do periodic browser history checks. If the computer uses internet explorer you can check their browser history to see what websites they have been frequenting. You want to be especially mindful to see if there are any inappropriate related sites or chat rooms or social media sites that you are unaware that they are frequenting. These sorts of checks should be done every 2 weeks or so.
Consider installing software or devices that can help you with monitoring and detecting inappropriate online activity.
Enlist your community. While teens may not always tell their parents what they are doing – they may tell their friends – who may, in turn, tell their parents. While we as parents don’t want to be engaging in covert espionage on our children if another parent hears from their child that their friend is doing something potentially dangerous on-line we need to share that information.

20. Pause and think before you post anything about someone else

Vasiliki Baskos, Learn Greek Online
Vasiliki Baskos headshot
Vasiliki Baskos

Respect people’s privacy in general and transfer it to the online world. Never give out a friend’s email address, social media usernames etc. Do not attempt to hack social media accounts or read other people’s emails.

Before you post, tag, comment, “like” etc. anything about another person, think: Will this hurt their feelings or reputation? Do you have permission to post this? Will they be in trouble if their parents, spouse, college admissions officers, current or future employers see it?

Example: you post a picture of your friends and someone thinks they do not look good, or it reveals they are in a relationship with someone.

21. Teach students to avoid hiding behind the anonymity of social media

Justin Lavelle headshot
Justin Lavelle
Justin Lavelle, Beenverified

Don’t do, say, or repeat anything that you wouldn’t say if the person was standing right in front of you. Common sense communication seems to have gone out the window with all of the texting, tweeting, messaging, and other means of communication available today. Make sure that if you ask, repeat, say, or share something that you would do it in person as well. Don’t hide behind the anonymity of a device. If you wouldn’t say it to a person’s face, don’t say it! Also, remember when your mom or grandma would use the old adages ‘don’t judge until you walk in their shoes’ or ‘what if the shoe was on the other foot?’ Well, these apply perfectly to this scenario. What if it was you? What if it was your picture? Govern your action by treating others as you want to be treated… words to live by!

22. Secure your webcam from hackers

Aileen Menchaca, PeepShield

Update software and anti-virus/anti-malware on a regular basis

New computer viruses crop up daily. Update your computer as soon as you see a software update notification. In addition, schedule your antivirus/anti-malware program to run on a regular basis. Cover your bases.

Disconnect camera when not in use

If you have a USB webcam, disconnect it from your computer when not in use. This ensures that your camera cannot be compromised. It has no power source or internet connection. Similarly, for laptop users, close your laptop when you are not using it. Never leave your laptop open in your room or private setting.

Cover your webcam

Many current devices include built in webcams. These cameras offer flexibility, but many people do not consider the potential security risks. These days technology tools enable hackers to access these cameras putting you and your family's privacy at risk. A simple fix is to cover the webcam.

23. Have a candid conversation with your students about internet and social media safety

Aaron Zar, Management & leadership professional

Even though it can be an uncomfortable subject, not unlike the birds and the bees, every child should understand that there are an unfortunate few among us who would exploit them. Teach your children about the pitfalls of social media such as coming into contact with predators and stalkers, cyberbullies, and thieves. Tell them to limit the amount of personal information on their profiles. Explain that mentioning vacationing on these outlets while the family is away from home is a great way to invite burglars to break in.

24. Address "red zone" areas

Dan Konzen headshot
Dan Konzen

Dan Konzen, Campus Chair, University of Phoenix

One of the most important things to address is that they have to be cognizant of everything they are posting. One thing we did at the University of Phoenix is create a live hack. We wanted to show people instead of just saying, "Be careful, be careful.” So I would pull up a website that shows all third parties who are tracking everything that they do on their computers: their IP addresses, their browser history, all of their contacts, etc. They don't realize this. Once we do this demonstration, I will grab a volunteer and I hack into their Facebook account (with their permission), all of the places that they have checked into over the last few years, where they worked last, etc.

25. Think about fake profiles

Satnam Narang headshot
Satnam Narang

Satnam Narang, Senior Security Officer Symantec

Over time we’ve had cases where there are fake profiles of companies appearing on Instagram and other social media sites. Someone claims to be from Nike or Apple and sends out links offering free shoes or free iPhones. If you click on the link, they start asking for personal information. It puts you, your family, and your students at risk.Certain apps such as Facebook or Instagram have a blue checkmark so you can verify the legitimacy of a company or brand. If you are going to follow a particular brand, make sure that you are following the legitimate brand.

26. One word: passwords

Kevin Haley headshot
Kevin Haley

Kevin Haley, Dir. Security Response, Symantec

Do you know that a common password used is “password”? I hope it's not for you. Passwords are your first line of defense, and it is so important to be smart about them, because it isn't even people guessing it. It's a machine running tens of thousands of passwords at a time to crack your password. But the longer it is, with uppercase, lowercase, special characters, etc., it’s more difficult to guess. Hacking can happen anywhere.

To teach kids, I think we have to use stories and examples that relate to them. I can sit here and say "use a password," but that isn't as strong as telling them about a time when not using a password hurt me.

27. Set safe boundaries right away

Headshot of Clayton Cranford
Clayton Cranford

Clayton Cranford, Orange County Sheriff's Department

As soon as your child has access to the Internet, step in and set safe boundaries for them because a lot of the things that they are being exposed to online is unintentional. What I suggest that parents do, especially parents that did not grow up in an age with social media, is to look for opportunities to learn more about tech. Whether your school holds a seminar, or you find an online conference, understand what your kids have access to and what you can do next to keep them safe online. Download the apps that your kid wants to download and look at them. Then look at reviews and determine whether or not the app is appropriate for your kids. Ask the same questions that you would if your child was going to another child’s house. Where is your child going on the Internet and what are they going to be exposed to?

28. Don't hesitate to get police involved

Headshot of  Marc Marty
Marc Marty

Marc Marty, Montebello Police Department

If your child is being bullied or threatened on social media, get the police involved right away. We take cyber bullying very seriously and so we encourage parents and school professionals to get the police involved right away, no matter how small the problem may be, because it may be something that we could nip in the bud before it escalates.

29. Use a password manager & have a unique password for each site

Headshot of  Gibby McCaleb
Gibby McCaleb

Gibby McCaleb, Sony PlayStation

Protecting your online identity is critical because someone can access your online identity and post things as “you,” and we have seen a lot of cases where that has been done irreparable damage. Use a password manager, such as LastPass. Have a unique password for each site because you don’t want to use your gaming password for your Bank of America password. It makes it possible for a hacker to get into your private accounts by knowing one password that is used for several different accounts.

30. Parental Controls

Headshot of Dr. Adam Pletter
Adam Pletter

Dr. Adam Pletter, iParent 101

Always look at the parental controls, not to take control but to be empowered as a parent to know what your children can be exposed to and what can be prevented with the parental controls. In terms of protection, it’s about balance. Be aware of what your children are doing online and learn how to be proactive rather than reactive.


While there are a lot of preventative measures for cybersecurity, nothing is 100% guaranteed. If something looks fishy (pun intended), it probably is phishing. Look at every detail of emails, install quality software to scan against attacks, and keep up to date with how hackers and others are scamming people every day.

Additional Resources

Best Password Manager for Families

Can I Share My Password with My Best Friend?

Family Media Dialogue Guide and Agreement Templates

Pros and Cons of Video Games

Online Scams: What Parents Need to Know & Expert Tips

Watch this panel interview

Listen to MomTalk podcast where Beth and Andrea discuss cybersecurity tips

Logged in and still not seeing content? This course may not be part of
your membership plan. Click here to join.

Become a member or login to learn more on this topic

Superintendents, Directors and Principals: Request a partnership on this page to unlock our resources for your whole community.

Become a member or log in to learn more on this topic

Superintendents, Directors and Principals: Request a partnership on this page to unlock our resources for your whole community.
Quotation marks

This is great info, thanks for giving me some ideas on how to start a dialogue with my teen!


Sharon M.

Parent VIP Member

Quotation marks

Josh's presentation about social media was unbelievably fantastic. Our students learned so much about what kids should and shouldn't be doing. The fact that it is such a thoughtful process made it all worthwhile.


Director of College Advising

Educator Webinar Attendee

Quotation marks

This webinar is a very helpful eye-opener on the apps that are popular with my students.


Irene C.

Educator Webinar Attendee

Learn more

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Join Our Next Live Parent Q&A Events


Parent Strategies for Your Struggling Teen (Live Event)

This event is for parents of teens who are struggling with negative self-talk, managing emotions, or self isolation so their teens can have confidence, light up the room, and build a bright and meaningful future.

Register Here

Watch a replay of our recent event:

Each of our monthly events feature real student voices, expert tips and practical advice that makes parents the most informed parent on the block

Become a Very Informed Parent (VIP) to get our social media suggestions in your email every Tuesday & Thursday.

Dotted arrow to right
Learn about our
"Very Informed Parent" 
VIP Program
Right arrow
Josh Ochs headshot Round

Schools & Districts: Partner with us to protect your community online

Our remote presentations (and website) teaches over a million students each year how to shine online. We teach students how their accounts can be used to create a portfolio of positive accomplishments that impress colleges and employers.

Partner with SmartSocial.com
Right arrow
SmartSocial podcast logo
Join Our Smart Social Podcast
each week on iTunes

With over 240 episodes, Josh Ochs interviews psychologists, therapists, counselors, teachers, and parents while showing you how to navigate social media to someday shine online.

Listen on: