Internet and Technology have intertwined beautifully into our everyday lives. Unfortunately, there’s a dark side to this beauty.
The internet is a playground and super fun to browse; however, we must take a step back and think through how we’re organizing our profiles and data on the internet.
Hackers are incredibly intelligent, and if they wanted your data, they could get it. The objective is practice creating layers around your data based on how important it is too.
Below is a list of simple steps and actions that could help protect yourself and practice proper “Digital Hygiene.”
- Always update your software and devices – One of the main reasons that Equifax was hacked was because there IT team did not upgrade their systems based on a vulnerability that was previously disclosed by Microsoft. Software providers do a great job of pushing ongoing updates for users to update that have the latest security fixes. Always always update your software and devices. It’s the first step for good proper digital hygiene.
- Never use the email that you have on your business cards, social media, or any other online profile as the email you use for banking.
- By giving your email, you’ve given the person half the information they need to access your accounts.
- Ideally, create a new email that is a little obscure from your name.
- You can use Gmail, but there are also other services such as Protonmail or Fastmail that are great ways to set this up.
- Most importantly, never give this email out to anyone!
- Create different layers of emails
- Garbage mail and accounts email – This is essentially your throw away email. You don’t have anything important tied to this email and typically subscribe for random newsletters and promotions. This email may have nothing to do with anything. Be creative with this one 🙂
- One personal and professional email – you can use this email to apply for jobs or interact with friends and family
- Secret email – for financial services and other extremely important. As mentioned above, do not give this email to anyone!
- Invest in identity theft protection – people always say that it’s never going to happen to them, but then it does. I highly recommend getting a Lifelock account. Their customer service is fantastic and extremely easy to set everything up.
- Go to https://www.optoutprescreen.com/ and opt-out of your information for mailers and offers. You don’t have to fill in your social security number. I don’t get junk mail at all because of this!
- Use 2- Factor Authentication (2FA) for all accounts – Try to stay away using SMS as the 2-FA option and instead use Google Authenticator. Google Authenticator protects you in case your phone or SIM card is compromised. For more advanced users, you can look into using Yubikeys also!
- Always add a PIN to your mobile phone account with any of the carriers – According to Pindrop (well-known call center fraud service), call center fraud is increasing by 113% YoY. Never assume that the call center team members will protect your information or services.
- Set up Alerts – Set up alerts for any changes in service for your primary accounts or high dollar transactions.
- Always have an Anti-Virus Service on your computer and run regular scans – Norton Anti-Virus, Trend Mirco, or Macafee are all excellent services. There have been recent allegations with Kaspersky with its involvement with Russia
- Buy an external hard drive and always back up your computer and phone – Most computers have an in-built system to help you backup your computer. This helps when your computer no longer works but also helpful when if you ever experience a ransomware attack. A ransomware attack is one a hacker will hold your computer hostage and threaten you that they will delete all your data if you don’t pay up the ransom. The quick solution to this is to let them delete your data and restore your backup. Never succumb to a threat, there are always solutions around it.
- Go through your social media settings and look through the privacy settings – You would be surprised on how many different settings that the Google and Facebooks of the world provide to you to give you a bit of control of your data. Always use common sense when posting on the Internet.
- Never keep your cryptocurrencies at an exchange like Coinbase – Cryptocurrencies are an interesting set of assets to invest in, but there’s an important adage amongst the Crypto community “not your keys, not your crypto”. I’ll spare you the details, but remember that whoever has control of your underlying private key is the owner of your cryptocurrencies. The Glacier Protocol (https://glacierprotocol.org/) is by far the best step by step process to ensure you’re securing your underlying assets appropriately and maintained by a group of incredible people in the Crypto Community. Is to buy a hardware wallet like the Ledger and Trezor and send your funds from an exchange to your wallet. I can write a whole post on how to secure your assets, but just remember to never keep your coins at an exchange in case the exchange is hacked or compromised.
- Never ever click on links on emails or SMS that are sent to you – Always analyze who the sender is and instead of clicking on the link simply hover your mouse over and view the destination link on the bottom of the browser to see if it looks like a normal link from a trusted website or the expected website. Delete weird obscure SMS’s immediately, no need to analyze these. These attacks are called Phishing attacks and quite lethal depending on the fraudster or hacker administering the hit. These attacks can be vague and easily detectable to looking like a legitimate email from your mom’s compromised email account.
- Get a password manager – Password managers help store your passwords and data in a secure fashion (typically offline with strong encryption). Lastpass and 1Password are great services to help organize your passwords and generate really strong passwords so you have a new password for every account and website. I know you’re probably thinking if it’s worse to have all your passwords in one place, which would make these password managers a single point of failure. Just remember that these companies are incentivized to keep your information or they lose all credibility. They use best practices and strong encryption to ensure your passwords are protected even if they are compromised. The alternative is having weak similar passwords across all your accounts.
I hope I didn’t scare you! There are obviously multiple layers and dimensions for each of these solutions. However, this is a strong starting block to protect yourself in this technology-centric world.
I appreciate your thoughts and feedback on any of these points as I am always looking to learn how to best protect myself as well.