We now rely on the Internet more than ever to communicate, learn, and manage various aspects of our lives. I decided to compile a list of things I’ve done to help ensure security in an increasingly volatile world of cyber attacks. In this post, I’ll list some techniques I use to remain secure.
This post was last updated 5/17/2020.
In my opinion, the single most important way to improve one’s digital security is by using strong passwords. I’ve been using Bitwarden, an open source password manager, across all of my devices since 2019. This software is where I store important information like my family’s identity information, login/passwords, credit card numbers, etc. With this utility, every single one of my passwords is different and theoretically impossible to guess with a “brute force” attack given the complexity. If you’re going to make one change to improve your digital security, go through all your browser’s stored passwords, change them to something created by a password manager like Bitwarden, and delete the stored information from your browser.
When I first embarked on this task, I had well over 150 sites ranging from utility companies and social media to school/work-related pages that were password protected. At that time, I used variations of the same password base for the sake of memory. Navigating to each site and changing the passwords one-by-one took all day, but with each passing day, I’m so glad I did!
VIRTUAL PRIVATE NETWORK (VPN)
A few months ago, I purchased a three year NordVPN subscription (my affiliate link) for ~$125 that allows me to connect up to six devices simultaneously to a virtual private network (VPN). VPNs add privacy and security by encrypting data transfers, masking your IP address/location, etc. This is especially important if you’re using public wifi networks, for example. All my devices are connected to this secure network by default; however, because the VPN serves as a “middle man”, speed is somewhat compromised. For that reason, if I’m gaming on my PC, I’ll disconnect from the VPN to take advantage of my gigabit Internet connection. 😉
Besides a strong, Bitwarden-based password, I use two factor authentication whenever possible. If I leave a platform or unsubscribe entirely from a website, I explore options to delete all my user data. I also periodically browse services I’ve authorized through Google, Facebook, Twitter, Instagram, Dropbox, LinkedIn, Microsoft, etc. and revoke any unnecessary permissions. Although it’s easier to log into new websites/apps with existing social media accounts, I’ve transitioned into creating separate profiles (again, through my password manager) to keep everything sandboxed.
Finally, as someone who accesses many web/file servers across the Internet, I do so via secure, SSH file transfer protocol (SFTP)… something which most hosts support and only takes a few minutes to set up with popular FTP clients. If you run the backend of your website, I highly encourage you do the same!
If you can’t trust the applications you install due to poor coding and security vulnerabilities, then you’re leaving yourself wide open for attacks. Delete any unused programs, and update your applications/operating system whenever possible. Check out the applications I use on MacOS and iOS/iPadOS as well as the plugins that power this site.
When it comes to smart homes, much of the concern stems from secure WiFi connections. Figure out how to obtain access to your router to disable broadcasting of your SSID (the network’s name) and ensure you are using wireless protected access (WPA/WPA2) security with, again, a strong password.
For additional security, I keep my smart home devices (thermostat, lights, etc.) on a different SSID just in case my primary network becomes compromised. Oh, and just for fun, I use webcam covers. 🙂
If you’re accessing password-protected accounts (email, social media, etc.) on a public computer, be mindful, sign out, and delete any files you may have downloaded. I can’t tell you how many times I’ve been at a public computer, gone through the “Downloads” folder, found important documents (social security numbers, scanned credit cards/driver’s licenses, etc) which I proceed to delete to protect other individuals. This is one of the easiest ways to scam someone!
So with that, I’m sure some of you are thinking: “Man, this guy is paranoid.” 😛
Haha, honestly, I’m not! The aforementioned measures are relatively easy to implement involving free software and some minor reconfigurations in work flow. In my opinion, they are essential practices for anyone leveraging the Internet.
Drop me a comment with your recommendations and thoughts regarding “best practices” for protecting oneself against cyber attacks.