From data that we freely give up to private companies like Facebook, Google, Snapchat, Amazon, to data brokers and ad networks that track us around the internet, not to mention government surveillance revealed by Edward Snowden, most of our most personal data is being collected by many different entities. Like any tool, data can be used for both good and bad. And companies that store our data can be hacked to embarrass us, just like politicians and tech people have been recently.
I operate online as if everything I do will be public some day: my search history, my texts, Facebook messages, location data. I think about what data I’m freely giving away to data companies and weigh whether the benefit is big enough to give up privacy. Most people don’t even think about this bargain.
I recognize that anyone who really wants to get my data can probably do it. But I like to make myself a smaller target.
I urge you to take some of these steps to minimize your personal data exposure. Here’s my personal security checkup:
Strong Passwords/Password Manager – Free
Use strong passwords and don’t repeat passwords across services. Some will recommend a password manager and that’s probably the right fit for most non tech people. I personally don’t use one, as I worry about creating one single point of failure for all of my services. If you want to use a password manager, Lastpass, Dashlane, 1password are generally recommended as top choices.
Use Two Factor Authentication (2FA) – Free
2FA means that once you input your password, there’s a second challenge to your login. Most services send you a code to your phone. Others use apps. Enable 2FA for every service possible. More 2FA information.
Security Questions – Free
Don’t use Googleable security questions. Things like your birth month, mother’s maiden name, first car, favorite sports team, etc are easy to guess or even easier to Google. Public figures like Sarah Palin’s accounts were compromised because people were able to Google her security questions. Use either random answers or mix up your answers.
Switch to Signal and Whatsapp
Deemphasize using Facebook messenger and text messages and move to Whatsapp and Signal. If you use Whatsapp, make sure to opt out of Facebook being able to scan your messages and turn off cloud based chat backups. The last thing you want is your texts and media messages being hackable. I prefer Signal, but use both.
VPN – $69/year
VPN, Virtual Private Network, anonymizes your internet traffic by routing it through a server before it goes directly to the website you’re looking at. The UK requires all internet service providers to store all browsing data for 5 years. Most US ISPs are likely keeping some sort of record as well. VPNs combat combat this. If you do business or browse from coffee shops or other networks you don’t control, a VPN helps protect your data.
They also allow you to access US versions of Netflix, Hulu, ESPN and others if you’re abroad.
Look for a VPN that you can use both on your phone and on your computer that doesn’t keep your browsing data. PC Mag has a full list. Check out Nord, Hotspot Shield and PureVPN. If you want to be really secure, pay in bitcoin with a new email address, but that’s overkill for most people.
Switch most searches to DuckDuckGo
DuckDuckGo doesn’t track your searches. It works really well for about 80% of my searches. I switch back to google for the rest.
Update Facebook Privacy Settings
Make sure your sharing settings is set to only friends. Your likes are likely set to public by default. Either delete them or make them viewable to only friends. Think about deleting your birthday or at least birth year. Think about deleting old photos from Facebook and saving them elsewhere. Think about deleting Facebook completely.
Delete Facebook App
Switch to using mobile Facebook if you must continue using Facebook. Every time you login in, it’s pulling your data and sending it to FB servers.
Use a tracking blocker
Try Ghostery and EFF’s Privacy Badger to block 1100+ trackers and speed up page load times. Do it on mobile and desktop.
Delete unused Authorized Facebook, Twitter, Dropbox and Google third party access
You’ve probably authorized many different outside applications to have access to your data via Facebook, Twitter and Google. Delete any of the ones you don’t use. Google how to.
Secure Email – Free to $300/year
Your email account is probably hosted by Google, Yahoo, Microsoft. These three companies give you free or cheap email in exchange for scanning your data and serving you ads. All of your personal and business emails are stored on these companies’ servers and are constantly being probed for weaknesses.
Think about moving to ProtonMail or TutaMail, full encrypted, secure email accounts with 2FA. If you don’t want to make the switch, think about putting secure business or personal emails in them as a parallel account and keeping your free account elsewhere. Protonmail has a great app and can be used with up to 10 custom domains for $300/year.
Delete old email
Think about deleting old email that you have no use for. If someone does compromise your email account, they will only find new email, not every email you ever sent.
Delete your Tinder/Bumble account
If you use any of these dating services, think about deleting your account to clear out the data about your matches, likes, swipes and chats. If you really need these apps, start a new account from scratch. Their servers should have less data about you.
Turn Location Services Off – Free
Your phone and computer have location tracking options. Most people don’t ever change these defaults, but look in both your cell phone and your computer and see what apps have location services turned on and what permissions you’ve given them. Apps like Uber track you 24/7, no matter if you have the app open or not.
I turned off location services for my phone and only turn it on when I need it. I haven’t noticed any downside so far. Bonus tip: it adds at least 2-3 hours of extra battery life to my phone.
Delete Old, Unused Apps on Phone and Computer – Free
Old apps that don’t get updated are easier to hack than newer apps. Delete old ones you don’t use anymore.
Turn on Autoupdate for Phone and Computer – Free
Your apps and operating system are constantly getting updated. Turn these on for fastest security whole fixes.
Block Your Computer’s Camera – Free
Use electrician’s tape or something else that you can easily take off when you need the camera. It’s easy to hack your camera and spy on you. It happened to Miss Teen USA and many others. If you need impetus, watch the hard to watch Black Mirror episode Shut Up and Dance (spoilers).
Encrypt your hard drive – Free
If you have a mac, encrypt your hard drive. It’s one click and easy to do. Windows is a bit harder, but you should still do it.
Set a password to login on boot-up and after inactivity on your computer – Free
Super easy to do.
Some web ads can be infected with malware or direct you to sites that try to get you to download programs that can harm your information.
Think about microphones
It’s trivial to turn on your phone microphone without your knowledge. Are smart tvs, echos,
Do you have anything else I should add to this list?
Photo credit:
One Comment
Big thumbs up. I have always been aware of the risk of being online and have implemented or partially implemented some of these recommendations, but others of them seem beyond me. You have remotivated me to finish the job although there is a learning curve that may be steeper than I can overcome. This sounds like a nice little business for somebody who understands it and can advise and even hold the hand of those who don’t. Thanks.