In 1997, Harper Collins and the Electronic Frontier Foundation published my book, “Protecting Yourself Online,” and it was out of date before it hit the stores because the Internet is constantly evolving, and fast. Back in the ’90s, there were few real threats to be concerned about, but the case is very different today for individuals and businesses who depend on the Internet for personal communication and for doing business. So I’ve decided to pick up the subject again and put the word out about what you should know today about how to protect yourself online.
This article will give you a general overview of things you can consider to help protect privacy. Future posts will address specific browser security, email security, data protection and other key topics.
Here are a few tips to get you on the privacy awareness track:
- Take care on public Wi-Fi networks
Don’t transmit any sensitive data like logins, passwords, credit card data over public Wi-Fi, and use a VPN to encrypt your data and protect it from prying eyes. Think of these places like being at a concert where they announce your social security number over the PA system. - Check your social media settings
The default position for all popular social networks is for your information to be visible to anybody. This article gives simple instructions for managing your settings on a number of popular social networks. - Don’t store private info on public systems
Services like Google Drive and Dropbox are meant for sharing, not for security. Massive breaches have occurred and the only way to keep private info secure on them is in an encrypted archive. - Avoid tracking
When you visit a website, your browser may disclose a wealth of information about you, such as where you are, sites you’ve visited, searches you’ve made and more. Using “private” or “incognito” mode protects against some of these, but not all. We will go deeper into browser security in a future issue. - End-to-end encryption on messaging apps
Most messaging apps, like Facebook Messenger and Telegram use encryption, but it’s only for the data in transit. Messages remain on servers unencrypted (can be manually enabled by starting a “private chat“). What’sApp is an example of such end-to-end encryption. - Use secure passwords
You need passwords that are at least 12 characters long and not guessable by human or machine. And you need different passwords for each service. Obviously you’ll never remember all of this, so get yourself a password manager. - Check permissions for mobile apps and browser extensions
Many mobile apps require you to give them permission to access contacts or files in storage, or get your camera or microphone. Many of these won’t work without such permissions, but you can check to find out and make sure you are not allowing more than you want to give. - Keep your primary email and phone number private
If you get tons of spam, like I do, you should have a private email address (only for personal contacts). Likewise, if you can, have a phone number that you only share with personal contacts.
This is a top-level overview and we will go deeper into some of these techniques on future issues. In the meantime, if you have a specific concern or question, please feel free to contact us.