In an age in which large-scale hacks and security breaches are announced on a monthly and sometimes weekly basis, enhancing digital safety and privacy is bound to be a resolution for many people as they enter 2017.
Below are a few basic changes that can be made to make your online presence more secure and resilient.
1. Use a password manager
This is one of the easiest but most important changes a person can make to improve their online security, because if you’ve used the same password multiple times on various different platforms, it only takes one site experiencing a breach (see: Yahoo’s most recent upset) for the hacker to potentially gain entrance to most of your online properties.
Using a password manager allows you to generate and use exceedingly complex passwords without the difficulty of committing them to personal memory for your various online platforms. All of these passwords are then secured by a master password. One of the most popular password managers is 1Password, which is a paid service that can be purchased monthly for individuals or families. If you can’t afford to shell out monthly, however, LastPass offers a well-regarded free option.
2. Purchase a VPN
Most people know that it’s safer to do more questionable internet activities — ahem, pirating — over a virtual private network or VPN, but much fewer realize its broader safety benefits. For those who don’t know, the essential idea behind a VPN is that users can send and receive data on shared or public networks as if their devices were connected directly to an private network.
This occurs through the process of the user establishing an encrypted connection with a proxy location that then forwards your network traffic to its destination in an encrypted manner. Beyond downloading Game of Thrones, a VPN can be an essential form of protection when you’re operating on an open network. For instance, if you’re at Starbucks and you decide to enter personal information into a website that isn’t encrypted — HTTP or non-HTTPS — anyone else on the same network can easily view that information using a tool like WireShark, which monitors network activity.
But while a VPN is a sensible thing to have, it’s also important to exercise caution in your choice. It can be tempting to go for free proxies or Chrome extensions for simple things like online streaming, but many in turn use your device as a proxy for someone else, and any of their illegal actions would then be routing through your computer. Instead, it’s worth taking some time to research and invest in a VPN that has encryption, allows you to choose your preferred location and promises not to log any of your activity.
3. Scan your emails with a discerning eye
Unfortunately for the general public, email spoofing is not hard. All it takes is some design skill and a rogue email server that pretends to be something legitimate — for instance, Google.com or Facebook.com. People fall for it more often than you’d think, too. Just take the epic phishing scam that gave rise to the 2014 celebrity nude photo leak scandal. So how do you spot a fake? You dig a little further into verifying the source.
If you’re using Gmail, you can click “Show details” below the name of the sender to check for three key fields: mailed-by, signed-by and encryption. All three fields should show up for any large financial institution or company, and the mailed-by and signed-by portions should show the same official domain (for more information, check out this great tutorial). If the sender information leaves you skeptical and you aren’t sure how to proceed, take the extra cautionary step of contacting the company directly and asking whether the communication is legitimate.
4. Create an online alias
Any hacker targeting you will attempt to gather as much information about you as possible, linking various social platforms and attempting to piece together information about your personal life. An online alias, which can be created through a fake name and pictures that don’t reveal your face, helps keep your online presence separate from your personal life.
This route is admittedly a bit extreme but it’s especially worth considering if you tend to espouse ideas on the internet that put you at risk of getting personally attacked or doxed. Note: this doesn’t mean we encourage trolling, not only because it’s a wee bit obnoxious but also because it’s a sure way to test your online security against strangers on the internet who might just be leagues ahead of you when it comes to technical knowledge.
While these are some good first steps, there are plenty more strategies and methods out there for improving your cyber security. Feel free to comment and share your own ideas below.
Image credit: TheDigitalWay via Pixabay