1. The Threat Of Untrusted Websites
Sometimes, your internet browser will stop you from accessing a website and tell you that the “Connection is Untrusted”. You will have the choice of bypassing the block and proceeding to access the website. However, it is strongly recommended that you do not proceed as your browser may have detected that the site does not support HTTPS and will not facilitate any form of data encryption.
2. Third Party Apps
Installing a third party app is basically allowing your phone to pass on your information to others. According to a research by Kaspersky, almost 90% of the mobile malware is designed to hit the Android platforms. Even though iOS is considered as a heaven for the app users, it has also been subjected to various malicious app hack attacks.
Apple – known for its strong SSL web protection and jailbreak-free app store, was affected with more than 400 third party apps that did not only expose the users to the hackers but also left them vulnerable to the online surveillance agencies. The attack was, however, confined to the Chinese region only.
3. Third Party Ads
Similarly clicking on the fancy ads in the Android apps is also one of the reasons why your security is regularly compromised without your knowledge. There is a reason why President Obama is asked to stick too BlackBerry for official use, even though, he personally likes to use the Apple products.
If you think your online security should not be violated, stop using third party apps. If you are an Apple user, do not jailbreak your device. It destroys the additional layer of security that works as a shield to protect you from the snoopers. Similarly if you are an Android user, do not download and install an app, outside of the Google PlayStore.
The apps in the PlayStore are safe (most of them) and are included after Google clears them of all sorts of malware. Before installing and agreeing to the terms of apps, always check what the app will access in return. If the app isn’t popular and asks for the access to your Gallery and Messages, rethink, would you want to install something that might harm your online privacy in return.
4. Google Search History
How often do you delete your search history? In addition to your internet browser’s history, Google maintains a search history that does not get deleted when you delete your browser’s history.
Visit ‘google.com/history’ to see your search history and you will be given an immediate listing of the websites you visited most frequently in the previous days, weeks, months and years. Google records all search and browsing activity that you carry out when logged into Google. Anybody with access to your Google account will be able to see your search history.
Google Search also includes your YouTube history and your Location history.
5. Secure Your Email
An email always has three copies. One gets stored in your Sent items folder, another stays in the recipient’s Inbox, and a third gets stored on the email server. You can delete your copy and have the recipient delete theirs, but you have no actual control or oversight over the third copy, which can be duplicated and circulated without your knowledge.
Moreover, understand that any email service provider that does not offer encryption is not equipped to ensure your email privacy.
ProtonMail provides an excellent example of an encrypted email service. The free open-source email service is web based and works a lot like Gmail. It is one of the most commonly used and widely trusted email provider that offers end-to-end encryption.
6. Secure Mail For Gmail
Google knows that you don’t like the way it snoops around your data, but it doesn’t want to lose you either. That is why Google made Secure Mail for Gmail.
Secure Mail for Gmail is a Google Chrome extension that allows you to encrypt your email with a cipher key that will be required to decipher the email. Google claims its servers will not be able to understand your data as it will be encrypted by the cipher key when it passes through, and will only be readable by the recipient when they enter the cipher key upon receiving the email.
This is a classic example of symmetric encryption (explained above).
The first limitation is that you will have to trust Google not to read your email as you type it in or in its unencrypted form. The second limitation is that it only works for Gmail, and does not support any other email services. Also, Secure Mail for Gmail only helps encrypt the email message and does not secure attachments in any way.
7. Security Issues With Backing Up Data On The Cloud
Any data you store online is stored on the cloud and not all cloud storage is safe. For instance, you might recall that Apple’s iCloud got hacked in 2014. Apple offered users automatic backup services and saved their data on the iCloud servers.
Backing up your data is a naturally sensible decision, but using an encrypted storage platform is a choice. Apple’s iCloud hack revealed that the larger they come the harder they fall. Instead, users now choose to trust services like SpiderOak, Wuala, etc., instead of popular choices like Dropbox, SkyDrive, and Bitcasa.
8. Mobile Options
Users who don’t want to get into the Cloud mumbo jumbo use local encryption options to encrypt data without placing it on an external server. A viable alternative in such cases is to encrypt files on your device.
(i) Password Protection
Place a lock on your mobile device as well as all sensitive applications and data folders in it. Lock you data folders, all applications containing your personal information and information about your contacts, and on your camera.
(ii) Data Protection
Protect your data by using mobile encryption options. One way to do this is to use a VPN. You can either use a VPN every time you connect to the internet, or use Orbot – Tor’s mobile app for Android.
(iii) App Vigilance
Don’t install apps that demand unnecessary access permissions and make sure to read up on any app you want to install before you hit the ‘Download’ button. Increasing ransomware and malware threats can make your life miserable.
(iv) Identity Protection
Your identity is your most precious asset, and hackers know this even if you may not. If possible, use secondary email accounts on your smartphone so that your mobile activity cannot be linked to your primary accounts. Never reveal all your personal details to any app or platform.
An anti-virus is only as good as the virus definitions it is equipped with. Make sure to allow automatic updation of your Virus definitions and to install the latest version of the software. Do not install two anti-virus software at the same time as doing so may result in a barrage of errors.
Most AntiVirus software function on the freemium system. This means that you will get basic protection at the basic level, and advanced features will only be unlocked once you have bought the premium plan.
Most internet users are under the impression that the basic packages are suitable for domestic use and only buy the premium service for their work systems. Unfortunately, privacy threats are well aware of this trend and are therefore designed to target users during regular internet activity instead of official internet activity.
Common Antiviruses include Avast, Avira, Norton, Kaspersky, McAfee, AVG, BitDefender, Sophos, etc.
Any software that can cause damage to your data security and privacy is classified as malware. However, this does not necessarily have to be a software, and can be a script, code, etc.
Malware can cause damage to your privacy in numerous ways. Common examples include:
- Worms use networks to spread and are usually stand-alone data predators
- Viruses usually destroy or edit data openly and damage is instantly visible
- Trojan Horses are malware threats dressed as legitimate software
- Backdoors allow exploitable weaknesses and/or loopholes in the original code
Most AntiVirus are good enough to detect and remove most Malware threats that are in the form of software. But AntiVirus is rarely able to identify malware that is pretending to be legitimate and has been installed as a component to a legitimately installed application.
11. Switch To Linux
Moving to Linux can be difficult because it is open source doesn’t have the same streamlined distribution and support back up as Microsoft’s Windows OS. But picking a commonly used Linux distro like Ubuntu, Linux Mint or Fedora can solve that problem. That way you can avoid any cumbersome installation process, and take advantage of the Live Boot feature.
Linux may not have the same support as Windows and Mac, but exposure to the open source community has helped make it one of the most secure Operating Systems in the world at this time.
Most malware, spyware and viruses are built to target Windows and Mac users, leaving Linux users safe and unthreatened. This doesn’t mean that you won’t need an antivirus, but it will tilt the odds in your favor.
Linux is a secure, lightweight, free and fast OS that is as flexible as it is customizable. There are no free reigns or unmonitored background processes in Linux, placing your data privacy and security squarely in your control.
12. Password Protect Your Bios
Setting up a BIOS password is one of the oldest techniques to ensure your data privacy. It works by restricting access to your Operating System. Simply put, nobody will be able to edit, delete or exploit your files if they cannot access them. Even though the BIOS password is fairly popular amongst desktop users, it is usually recommended for laptop users as cracking/bypassing it requires tampering with the hardware.
If you don’t already have a BIOS password setup, your OS will allow you to enter the BIOS on system startup. Depending on your OS and the version of your OS, you will be required to press a designated key to enter BIOS during the startup process. Some users might see UEFI settings instead of BIOS, which is pretty much the same.
Make sure to edit the boot order so that booting is only possible through the hard drive. Particularly if your system is located at a public place and is frequently used by people you have no reason to trust.
13. Using Secure Passwords
Setting a safe password is the first step to ensuring privacy and security. There are a few cardinal rules that must be followed in order to create a secure password:
- Don’t use any word that can be found in a dictionary
- The longer the password, the harder it is to crack it
- Make sure to use capitalization, punctuation, and integers in your password
- Don’t use any word that directly relates to you or your contacts
- Don’t reuse old passwords
- Don’t share passwords across multiple accounts
- Don’t type your passwords out on any email, chat IM, etc.
- Make minor changes in your passwords every month
The password is the core of all data security. All the security and privacy measures in the world are useless if your password is vulnerable in any way.