Since the start of the Covid-19 pandemic, the number of cyber attacks on organizations and individuals has exploded.
It is therefore more important than ever to keep your data and your privacy online safe.
Here are some tips to protect your personal data online.
1 – Remember physical security
First of all, the quickest way to secure your data is to protect your devices. Having physical access to a device makes it super-easier for an attacker to extract or corrupt your personal information. Do not leave your device unattended in public or easily accessible areas. Always keep your device password-locked (both while not being in use or after finish using it) and disable all lock-screen notifications (these are personal information, or email notifications that can pop-up throughout the day on your phone screen when it’s locked – You’ll find the way to turn them off in the Settings/notifications menu of your smartphone). Protect your device against physical theft. Also, keep your workspace safe : don’t leave your devices unattended on your desk. Be sure to lock your drawers if you keep your laptop or tablet in them.
2 – Disable remote connectivity
Some mobile devices are equipped with wireless technologies, such as Bluetooth. This means it can be used to connect to other devices or computers, and a hacker could easily reach your data this way. To ensure your privacy safety, you should get into the habit of disabling these features when they are not in use.
3 – Encrypt your files to protect your information online
If you are storing personal or corporate information, see if your device offers the option to encrypt the files (We’ve indicated several tools below). An encrypted file means that the file is scrambled with a “key”, i.e. thanks to a secret code that only you (and the people to whom you give access to this file) know. This technique allows you to secure your data by hiding them in a cryptic text. Even if a hacker or unauthorized people can get access to your file, they won’t be able to read it. Be cautious, though when using encryption : you must remember your passwords and passphrases. Because if you forget or lose them, you may lose your data.
4 – Be cautious with public Wi-Fi networks
Before you connect to any public wireless hotspot – like on an airplane or in an airport, hotel, train/bus station or café, keep in mind their network could not be as secure as it should be. In this case, your data will no longer be safe and it will be very easy for a malicious person to intercept it. When you want to surf on a site where you may have to give personal information, it is best to wait until you have access to a secure wi-fi network to ensure that your online privacy will not be threatened.
For all the cases where you need to connect to an unknown wi-fi network, follow these tips:
- Confirm the name of the network and exact login procedures with the staff to ensure that the network is legitimate.
- Only connect to sites which URL begins with “https://” when online shopping or banking.
- Use your own mobile network connection whenever possible : it is generally more secure than using a public wireless network.
- Use a Virtual Private Network (VPN) which will hide your personal data from others people using the same public network. Chose a legitimate VPN service known to respect privacy.
And for your data safety, once again, don’t forget : refrain from doing online shopping, banking, or sensitive work when using a public wireless network.
5 – Always backup your data
Get into the habit of backing up your data to protect it from any kind of risk. This is probably the best tip of all for protecting your personal information online, since you’ll be able to recover it if you lose access to your data.
As a rule of thumb, you should backup all your data regularly (every week, for instance). Create at least 2 copies, both encrypted. One shoud be kept in an external hard-drive (disconnected from any network) and the other should be transfered on a secure cloud service. This way, if your external hard-drive crashes, is stolen or destroyed, the data stored on the cloud will remain safe.
6 – Update all your software whenever you’re notified to do so
Install updates for all your software as soon as you receive a notification. Updates often contain security patches to fix flaws in the software. These flaws could allow hackers to infect your device with a virus or malware. For example, a keylogger is a software that allows a hacker to know all the keys you activate on your keyboard when you type… It’s handy for him to access your passwords and other data such as your bank account number! Don’t compromise your data security by failing to follow this easy-to-apply tip.
7 – Use two-factor authentication (2FA) whenever it is offered
Yes, it’s true… 2FA implies setting up a second authentication method (in addition to log in with your ID and password), usually typing a code sent on your phone by the website you want to connect to to prove you’re actually the user you pretend to be. And having to wait for the text message containing the code to confirm your identity is sometimes annoying. But this little inconvenience is nothing compared to what awaits you if someone manages to get hold of your email or bank accounts passwords. This tip requires a little patience to keep your sensitive data safe, but it is definitely a small price to pay. Plus, it’s quite easy to set up.
8 – Use antivirus software on all your devices
Virus, worms, trojan horses, spyware, keylogger, ransomware, … The list of different types of malware is already long, and it is likely to continue growing while you read this. And all these programs have only one target: your data! To protect your personal information and your privacy, it is therefore critical to install antivirus software on ALL your devices, including your smartphone. But beware: for the protection provided by your antivirus to be really effective, it is necessary to update it regularly. This way, it will constantly integrate the most freshly discovered malware.
9 – Use passphrases instead of passwords
The longer a password is, the more difficult it is for a hacker to discover it and ruin your personal information safety. The ideal is therefore to use a sequence of words or a phrase to obtain a very long password. For you, it will only be a phrase to remember. The title of your favourite song? The advertising slogan you find the most absurd? The motto that inspires you the most? You choose! Any of them will do, provided you don’t re-use a password you already have picked for another website (all passwords must be unique). Also, if it’s not already the case, use a password manager (LastPass, Biwarden, Keeper) to store your passwords in safety. There are plenty of password best practices you might want to use.
10 – Manage cautiously your privacy settings
Most apps allow you to determine your privacy settings preferences, and you should always chose the more private option. Never forget that all your apps are constantly collecting data about you. Why do they collect all this data? Probably to sell it to the highest bidder… who will use it to build a profile of you to be even more persuasive to sell you their stuff. If you want to protect your privacy, protect your data from this systematic collection.
11 – Don’t disclose any personal details
When someone asks you for personal information by email, phone or SMS, think about it carefully before answering the message. Are you sure that the person you are talking to is who they say they are? Most organizations that might need this information already know about it, or have as a rule never to ask it to you. It could be a fraudulous attempt to get some of your information as part of a pretexting attack or a quid pro quo attack.
If the request seems justified, respond to the message with this company’s email address, phone number (found on their website), or by logging onto this organization official website. Also, never keep any unencrypted file containing personal data on your computer or your smartphone. It would be easy for a hacker to get it and steal your data. Check our email security and privacy awareness course to discover all our tips against Social Engineering.
12 – Use recommended tools to protect your data
The following tools/services will help you encrypt your data, surf the web more securely, and protect your data or your privacy from being compromised.
VERACRYPT
VeraCrypt is an open-source encryption tool used for on-the-fly encryption (OTFE). It allows you to encrypt a hard disk, a USB key, and to add enhanced security to the algorithms used for system and partitions encryption. It will protect the integrity and confidentiality of your data, even if it’s challenged through a brutal-force attack.
HTTPS EVERYWHERE
HTTPS Everywhere is a browser extension that encrypts your communications with many major websites, making your browsing more secure. It actually advances your connection to SSL where its available. This increases your overall web surfing security to a good extent.
SIGNAL MESSENGER
Using Signal, you can communicate instantly while avoiding SMS fees, create groups so that you can chat in real time with all your friends at once, and share media or attachments all with complete privacy.
MAILFENCE
Talking about secure online communications, email is the first thing that comes into mind. And Mailfence – an encrypted email-suite that offers end-to-end encryption, digital signatures and 2FA – ticks all the boxes ! Especially when you consider it includes a Calendar with polls and groups management, an instant messaging service and a document storage and management tool – all secure to protect your personal information. Want to improve your email data security ? Check out our 10 tips and best practices for email.
Our 12 tips will help you keep your data safe and secure in all situations. Start improving the security of your data by getting a free Mailfence account!