Internet privacy tips are often complex and mind numbing and, generally promote an overblown reliance on technology. In this guest article, IT professional Robert Coulter, cuts through the knarly knot of the usual wooden security tips with a range of suggestions designed to keep hackers and other nefarious types away from your important private data while online.
As revealed in Wired Magazine, every piece of electronic communication is able to be intercepted by someone, somewhere. Even Internet giants like LinkedIn can be compromised, as an estimated 6.5 million password were hacked earlier this month. With that in mind, the only real way to guarantee complete online security is to never go online at all. Since this is neither practical nor desirable, by most people, there are still steps you can take to protect your online security and protect your personal information while enjoying the benefits of the Web.
Don’t overshare.
This first tip is simply common sense. Don’t share more than is necessary on the Web, especially on social networking sites such as Facebook and Twitter. While it can be fun, consider the risks from sharing every last detail of your life with the world, such as birth date, where you go (check-ins), pictures of your children, details of your job and relationships.
All of these details make social engineering hacks easy to perform and open you up to identity theft. Do your bank accounts have common security questions like “Mother’s Maiden Name?” or “City of Birth?” protecting your passwords in the event you need to reset them? Well, chances are this information is easily found by snooping around your social media profiles, making it an easy matter to reset passwords on sensitive accounts.
If you do insist on sharing, at least tighten up your Facebook privacy settings and keep your circle of friends small and limited to those you actually know. Also, disable the most invasive features, like check-ins and photo tagging.
Use a cloud-based antivirus rather than a signature-based one.
Cloud-based antivirus solutions, such as those offered by Webroot and Symantec, do away with large signature file downloads, which eat up bandwidth and can take up to several gigabytes of hard drive space. Instead, all of the signatures reside in “the cloud” and every file and Web request gets run against this ever-growing, real time database using the provider’s resources rather than your computer’s, speeding things up greatly and providing the most up-to-date protection.
Set stronger passwords.
ElcomSoft recently did a study that estimates just 25% of people regularly change their password. Setting a strong password, and changing it frequently, is key to protect your identity. Many experts suggest using long strings of random gibberish with special characters for greatest safety, but these can become nearly impossible to remember, leading to the insecure solution of storing them in an unprotected spreadsheet or on little bits of paper which can get lost.
One way to get a strong password that is easy to remember is to use a four word phrase, such as “kayaking beats drudge work” and substituting the spaces for a special character, such as “#” or “_.” The length and randomness will take a hacker more time than it is worth to figure out, while also being easy to commit to your own memory.
Use a Mailinator account on potential spam sites.
Mailinator is a great tool for signing up for web offers without actually providing your real email address. Mailinator works by allowing you to invent a disposable email address, which you can check without a password and which keeps messages for only 24 hours before being automatically erased. This is great when signing up for a site which seems to offer something enticing, but which might be spammy or even a hacker site, as your real email address is never revealed.
Deactivate old or unnecessary accounts.
Old accounts might leave your information scattered across the Internet for anyone to mine, especially on sites past their prime and maintained very irregularly by their administrators, as they tend to have lax security measures. The answer is to delete these old accounts. Even Facebook now has a “delete” feature, rather than just the “deactivate” one, so take advantage of this to clean up your online traces and reduce the temptation for hackers to learn more about you in an unwholesome way.
In conclusion, online threats are constantly evolving, and the best guardian of personal data is truly the individual user himself. Be smart and be skeptical when online it just might save you thousands of dollars and countless hours of heartache.
Guest author Bio: Robert Coulter works in the security industry at authentify.com which offers two-factor verification solutions for companies who need increased security protection for their clients.
For password reminders I typically mix content – I won’t say exactly what I do here for obvious reasons, but an example would be to set your password reminder question to be “What is your mother’s maiden name?” and then use your favorite video game coupled with your first phone number as the answer.
I wish companies would start taking passwords more seriously too. I’ve been on some sites that don’t restrict login attempts, and some that have low maximum amounts on the number of characters you’re allowed to use, or won’t let you use special characters. One thing I’d really like to see is for companies to start obfuscating the account name – have a public name that people see (RedNightHawk), but have the login be named a different thing entirely (MrSilentDeathInTheNight) so that a hacker’s work would be much more difficult than just going after the password.
Hey RedNightHawk,
I hear ya loud and clear – mixed content is a must.
Totally agree with the balance of your comment – especially the “low maximum amounts on the number of characters you’re allowed to use.” How crazy is that?
Some good info here – thank you.
Best,
Bill
Pingback: An IT Professional's Internet Privacy Tips – Simple And Effective | Bill … | Top Internet Security
Hi Bill,
Two things I picked up on today (which is amazing in itself).
Firstly great article from Robert Coulter and a timely reminder for everyone that you can never be too careful in trying to protect our online security and protection of personal information. Of course Bill you are always telling us this message
.
In his mention of cloud based AV solutions he suggests Webroot or Symantec. I can’t say that I know much (nothing) about Webroot, could you elaborate, and how does it compare to Immunet Protect? I’m having issues with Windows 8 and what AV etc that can be run with it at the moment.
Secondly I just ran http://ip-check.info/?lang=en from your “Tech Thoughts Daily Net News” article “Find out what websites know about you”.
Well I guess we all know deep down that this sort of information is being gathered about us, but when you run a program such as that and you see for yourself what is in fact being collected and the accuracy of it, it’s pretty scary stuff.
Bloody hell I think it’s time to give up on this internet thing and go back to a safer time like carrier pigeon or something.
Cheers,
John
Hi John,
Agreed – a terrific article from Robert.
As for Webroot – it’s a well established security application provider that has been around seemingly for ever. Far longer than many well publicized security application providers. My personal experience with Webroot’s applications has been very satisfactory.
Much like Symantec however, I find their price points are unrealistic – far too expensive. As far as I know, Webroot does not offer a comparable product to Immunet Protect. Cloud technology is of course, a component of many security applications – including Webroot and Symantec.
As you know, MSE will not run under Win 8 – however, a redesigned Windows Defender is an integral part of Win 8 and the reality is, Windows Defender is MSE. Exactly the same as the MSE you’re used to – same GUI, same colours, same same. Except for one particular annoyance. WD does not sit in the System Tray so, for those of us who like a visual reminder that security is up and running – we’re out of luck. Still, I highly recommend that you go with WD. Be sure to pin it to the Taskbar for easy launching.
The most practical way to avoid information grabbing is by using a VPN (I’ll be posting on a new free one in the AM). Not to all tastes though, since there are often drawbacks in using this type of privacy solution. But…..
Your carrier pigeon solution is worth considering. You might be on to something.
Best,
Bill
There’s also Panda Cloud free Antivirus, Cnet says its pretty good.
http://download.cnet.com/Panda-Cloud-Antivirus-Free-Edition/3000-2239_4-10914099.html
Hi Keith,
it is pretty good actually. I’ve reviewed it here 3/4 times and highly recommend it.
Thanks for the reminder.
Best,
Bill
Pingback: Quickly Turn Off / On the Internet « What's On My PC
Pingback: Dude
Reblogged this on Ryaandavis.
Thanks Ryaan.
Bill