All it took was a breach of an e-mail server last year for Panama-based offshore law firm Mossack Fonseca to lose 2.6 terabytes of highly classified information that has since landed national figures like Russian president Vladimir Putin and British Prime Minister David Cameron in the hot seat.

(Related: David Cameron talks anti-corruption during his visit to Singapore last year.)

According to Bloomberg, Ramon Fonseca, co-founder of the world’s fourth largest offshore law firm, revealed to Panama’s Channel 2 that documents under investigation had been obtained illegally by hackers. Mossack Fonseca is now investigating how the breach happened and stepping up security measures – something they probably should have paid extra attention to before this fiasco.

“It’s not just about installing firewalls that protect against external threats in general. Anti-virus alone can’t defend against an advanced persistent threat,” says Vincent Steckler, chief executive of leading computer and mobile security firm Avast Software. While no company can be completely immune to cyber attacks, being hyper vigilant helps safeguard vulnerabilities. To safeguard trade secrets, identify the most important information and reinforce security to protect it.  For instance, Steckler recommends setting up firewalls to guard against privacy loss, identity theft and viruses, and adding on other solutions such as intrusion detection software and log analytics to track suspicious activity for extra protection.

Educating employees is also key to protecting against cyber crimes.

(Related: Employees are the biggest threat to companies’ security.)

“It comes down to just one oversight, for an outsider to hack into a corporate network easily,” says Steckler.

Here, The Peak revisits 4 common cyber risks to keep your personal (and thus, company) data safe.

01: Working with multiple devices

Mobile smart gadgets are a godsend when it comes to speeding up business communications, but it’s easy to forget that they provide additional entry points to attacks. Be sure to trace logins by giving access to only trusted devices, says Vic Mankotia, cyber security expert at IT solutions company CA Technologies. Digital certificates, which electronically verify user identities, are the gold standard, while a good corporate education programme on best practices also helps.

02: Using the cloud for storage needs

The cloud has made it more convenient to share and access data. However, that has also made confidential information more susceptible to being leaked – especially with the prevalence of using multiple devices and integrated platforms. Always limit and verify access rights to cloud service accounts. A reputable cloud storage provider should have privacy policies to protect users and data.

03: Using the same password for multiple accounts

As obvious as it seems, many continue to do so. Over three million passwords last year were made up of personal information like birthdays and lazy codes like “123456”, reported US password management-applications maker Splashdata early this year. Change passwords every three months. They should be complex and unique, with a combination of upper- and lower-case letters, numbers and symbols. A free password manager like Norton Identity Safe stores and syncs passwords across multiple devices, so there’s no need to remember multiple complex passwords.

04: Using public Wi-Fi networks in airport lounges and hotels

Being password-protected doesn’t make them more secure; such Wi-Fi hotspots actually make it easy for cyber criminals to track online activities and steal personal information. When on such networks, hold off visiting websites that require a login. Tan suggests using a virtual private network (VPN), which is a network-within-a-network solution that renders one invisible. Install a free VPN service like Cyberghost, or pay for something like Air VPN for tighter security. This way, communications will be encrypted and kept away from prying eyes.