More IT Security in 2020: 7 Digital Resolutions

You might not believe it, but it’s true: Once again in 2019, Germans’ favorite password was “123456”  – according to the Hasso Plattner Institute in Potsdam. That might make you wonder whether, alongside your personal New Year’s resolutions for 2020, you should also set some goals for IT security?

While corporate security policies generally fall under the responsibility of the IT department, studies consistently show that human behavior remains a major IT security risk. Therefore, it’s crucial to actively raise employees’ awareness of IT security. 

1. Secure Passwords for Everyone 

Using names or simple number sequences is a no-go. Hackers easily crack such passwords using dictionary attacks or brute-force methods. 

Here’s how to do it right: Use at least 8 characters, including uppercase and lowercase letters, plus randomly placed special characters. 

Each account should have a unique password. Password managers can help companies manage this effectively. 

(This applies to WLAN passwords too. Always change the default password and choose a 20-character password containing special characters, numbers, uppercase, and lowercase letters.) 

2. Close Security Gaps with Updates

Nobody likes doing it, but everyone should. Failing to update your operating system immediately after a new patch is released exposes your smartphone and PC directly to viruses, Trojans, worms, and ransomware. A firewall should also be part of your basic setup. 

Tip: Android and Windows updates can be automated. 

3. Be Careful Sharing Personal Data on Social Media 

Private photos and personal information should never be publicly shared – and not necessarily with acquaintances either. Cybercriminals exploit exactly this kind of data. 

In so-called social engineering, hackers avoid malware altogether and instead attempt to manipulate their victims directly on a personal level. To succeed, criminals need information about their targets. So remember: On social media, less is more. 

4. Review Privacy Settings 

Platforms like Facebook and Google allow you to customize your privacy and security settings. Data protection experts recommend: Do it! Ideally, only friends should have access to your personal information. 

5. Use Multi-Factor Authentication 

Wherever available, enable Multi-Factor Authentication (MFA) or Two-Factor Authentication (2FA) for online services. In addition to a password, users then need a second “key,” such as a TAN sent to their smartphone, to access an account. 

6. Always Transmit Sensitive Data Encrypted 

Unencrypted emails can be intercepted. Whenever sensitive information is sent to someone else, the message should be encrypted. 

In Outlook, this is easy: Go to File -> Options -> Trust Center -> Email Security and activate encryption. 

This also ensures your compliance with the GDPR. 

7. Perform Regular Backups 

Backups protect you not only from accidental file damage or loss – but also from viruses and Trojans. Regular backups make life much harder for malware. 

“Anyone who stores backups on two separate external storage devices, both protected from ransomware, is on the safe side in the worst-case scenario,” says Jan Bindig, a data recovery expert from Leipzig. The expert additionally recommends setting up automated online backups for important files – such as in the cloud. 

iStock /  Geber86

Fact: According to Bitkom, only 43 percent of German SMEs have an IT emergency plan.

Fact: GDPR fines can reach up to 20 million Euro or 4 percent of global annual turnover – whichever is higher.

TL;DR

• You might not believe it, but it’s true: Once again in 2019, Germans’ favorite password was “123456.”
• That might make you wonder whether, alongside your personal New Year’s resolutions for 2020, you should also set some goals for IT security?
• Here’s how to do it right: Use at least 8 characters, including uppercase and lowercase letters, plus randomly placed special characters.
• Always change the default password and choose a 20-character password containing special characters, numbers, uppercase, and lowercase letters.

Key Facts

Weak Passwords: “123456” was also the most commonly used password in Germany in 2025.

Passwordless Future: Since 2024, Microsoft, Google, and Apple have supported Passkeys as a standard.

Frequently Asked Questions

What penalties apply for GDPR violations?

Fines of up to 20 million Euro or 4 percent of global annual turnover – whichever is higher. In addition, affected individuals may file claims for damages.

What is a Data Protection Impact Assessment (DPIA)?

A DPIA is a systematic evaluation of the risks posed by data processing to the rights and freedoms of individuals. It is mandatory when processing is likely to result in high risks – such as in profiling, video surveillance, or processing of special categories of personal data.

Does the GDPR apply to small businesses?

Yes, the GDPR applies regardless of company size to any organization processing personal data of EU citizens. Small businesses benefit from a few simplifications (e.g., no requirement to maintain a record of processing activities for companies with fewer than 250 employees if the processing is not high-risk), but must still comply with all core principles.

Related Articles

• GDPR 2026: What’s Changing and What Companies Need to Know
• How Machine Learning Is Used in IT Security
• Privacy Shield: Data Transfers to the US Ruled Invalid

More from the MBF Media Network

• Digitalisierung im Mittelstand: Best Practices
• Cloud als Enabler der Digitalisierung

Header Image Source:

About the author: Tobias Massow

More articles by Tobias Massow